last executing test programs:

3m38.375556432s ago: executing program 1 (id=1558):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f00000000c0)="c441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000660f381d94940400000063df", 0xdc000006, 0x0, {[0x5]}}, 0x0, 0x8, &(0x7f0000000000))
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x5, @empty}], 0x1c)
sendto$inet6(r1, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
r4 = socket$unix(0x1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff})
bind$unix(r5, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r4, &(0x7f0000932000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @remote}, @in6={0xa, 0x4e20, 0x10, @ipv4={'\x00', '\xff\xff', @local}, 0x650}, @in={0x2, 0x4e24, @multicast1}, @in6={0xa, 0x4e23, 0x0, @private1, 0x2}, @in6={0xa, 0x4e22, 0x4, @dev={0xfe, 0x80, '\x00', 0x40}, 0xd1}, @in={0x2, 0x4e23, @loopback}], 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000080)={0x0, 0x1}, 0x8)
sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000040)={'wlan1\x00', 0x1})
shutdown(r0, 0x1)
setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000180)={0x0, 0xd, 0x9, 0x1}, 0x10)

3m38.203806698s ago: executing program 1 (id=1562):
accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000040))
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='oom_score_adj\x00')
syz_80211_inject_frame(0x0, &(0x7f00000001c0)=ANY=[@ANYRES32=r0], 0xb5)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000540)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000000007a9d9b00", @ANYRES32=0x0, @ANYBLOB="040000000000000010000000000000002000070000000000"], 0x2c, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r4, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c65723000f0ff00000008000500070000000a0018"], 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884) (fail_nth: 1)

3m37.547542801s ago: executing program 1 (id=1568):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r1, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@ipv4_newaddr={0x20, 0x14, 0x121, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x8, 0x2, @dev}]}, 0x20}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv4_deladdr={0x18, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}}, 0x18}}, 0x0)

3m37.471679137s ago: executing program 1 (id=1569):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0_to_hsr\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@ipv6_newaddrlabel={0x38, 0x48, 0x1, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x0, 0x0, r2, 0x5}, [@IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @IFAL_LABEL={0x8, 0x2, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x26000000}, 0x20040000)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f0000000c80)=[{{&(0x7f0000000040)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000180)="fd", 0x1}], 0x1}}], 0x1, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r5=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000001c0)={r5, 0x9}, 0x8)
connect$x25(r3, &(0x7f0000000000)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x0}}, 0x12)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000f00)=ANY=[@ANYBLOB="040f0400010104"], 0x7)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="54010000100013070000000000000000ac1414bb000000000000000000000000e0000001000000000000000000000000000000090000fffe0a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000020000000000000000000000000000000032000000ac1e0001000000000000000000000000060000000000008000000000e0e5c1052f14720ac3c367827a8343f5000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000000000000030000000000000002000000000000000000000000000000000000000000000000000000000000000000000002000400000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000001000100000000000000e0000001000000000000000000000000739c344636d4d72161cd4106f1fb71b97de8d84fba4cc37546cc0ccd131ae3b14a339c8f8297e8359302761e0cdfbd24bb80a8e61544fc2b3751a5df8668b47b8a5c7a0084c987176d90e096f135113591d700a646c8618211a24ce063e9aca4a71464464f9a5df3e112ce00bfbadf76037915eaaeb2e027fb254677d22b13c60e517154b0c60ac33dd0ab619f01c650040bf2642ca1527bd2b4ccbb73d95afee3d4ea92ce678224c79c63cbb3bec9fcacddd7850e970f126261576bb0528c43ac33575fd104d9dcf91271d311e2b7140b4088538216d6a232b25729adf8f1c7ff2205f8cdbce898e3a26b44045484ac49206659"], 0x154}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0_to_hsr\x00'}) (async)
sendmsg$nl_route(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@ipv6_newaddrlabel={0x38, 0x48, 0x1, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x0, 0x0, r2, 0x5}, [@IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @IFAL_LABEL={0x8, 0x2, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x26000000}, 0x20040000) (async)
socket(0x2, 0x80805, 0x0) (async)
sendmmsg$inet(r3, &(0x7f0000000c80)=[{{&(0x7f0000000040)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000180)="fd", 0x1}], 0x1}}], 0x1, 0x0) (async)
socket$inet_sctp(0x2, 0x5, 0x84) (async)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xc, &(0x7f0000000240)=@assoc_value, &(0x7f0000000080)=0x8) (async)
setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000001c0)={r5, 0x9}, 0x8) (async)
connect$x25(r3, &(0x7f0000000000)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x0}}, 0x12) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async)
syz_emit_vhci(&(0x7f0000000f00)=ANY=[@ANYBLOB="040f0400010104"], 0x7) (async)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="54010000100013070000000000000000ac1414bb000000000000000000000000e0000001000000000000000000000000000000090000fffe0a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000020000000000000000000000000000000032000000ac1e0001000000000000000000000000060000000000008000000000e0e5c1052f14720ac3c367827a8343f5000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000000000000030000000000000002000000000000000000000000000000000000000000000000000000000000000000000002000400000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000001000100000000000000e0000001000000000000000000000000739c344636d4d72161cd4106f1fb71b97de8d84fba4cc37546cc0ccd131ae3b14a339c8f8297e8359302761e0cdfbd24bb80a8e61544fc2b3751a5df8668b47b8a5c7a0084c987176d90e096f135113591d700a646c8618211a24ce063e9aca4a71464464f9a5df3e112ce00bfbadf76037915eaaeb2e027fb254677d22b13c60e517154b0c60ac33dd0ab619f01c650040bf2642ca1527bd2b4ccbb73d95afee3d4ea92ce678224c79c63cbb3bec9fcacddd7850e970f126261576bb0528c43ac33575fd104d9dcf91271d311e2b7140b4088538216d6a232b25729adf8f1c7ff2205f8cdbce898e3a26b44045484ac49206659"], 0x154}}, 0x0) (async)

3m37.398181935s ago: executing program 1 (id=1570):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r1, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
socket$kcm(0x29, 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

3m37.169493259s ago: executing program 1 (id=1575):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000580)='./bus\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @udp={0x6, 0x6, "9428fa", 0x8, 0x11, 0x1, @empty, @private1, {[], {0x4e22, 0x4e20, 0x8}}}}}}, 0x0)

3m22.190654797s ago: executing program 32 (id=1575):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000580)='./bus\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @udp={0x6, 0x6, "9428fa", 0x8, 0x11, 0x1, @empty, @private1, {[], {0x4e22, 0x4e20, 0x8}}}}}}, 0x0)

3m17.629658154s ago: executing program 3 (id=1822):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = open(&(0x7f0000000d40)='./file0\x00', 0x42c3, 0x0)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x140)
fcntl$setlease(r2, 0x400, 0x0)
fcntl$setlease(r1, 0x400, 0x2)
r3 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000000aa7424b592c8e5acf29baaa2aaaa0008004500001c00000000000190780a000000ffffff"], 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=@ipv6_newrule={0x1c, 0x20, 0x1, 0x0, 0x0, {0xa, 0x80, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10018}}, 0x1c}}, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(authencesn(streebog256-generic,xchacha12-generic))\x00'}, 0x58)
r6 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x741f81)
ioctl$USBDEVFS_IOCTL(r8, 0xc00c5512, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0xc8, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0x2}, {0xffff, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0xfc, 0x4}}, @qdisc_kind_options=@q_netem={{0xa}, {0x80, 0x2, {{0x9, 0x4, 0x7, 0x8000, 0x2032, 0x9}, [@TCA_NETEM_DELAY_DIST={0x16, 0x2, "15832a4e572d04a5d4b39589e3fc7f440c48"}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0x8}, @TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x0, 0x7f07a7d4, 0x0, 0x1, 0x2d39}}, @NETEM_LOSS_GE={0x14, 0x2, {0x80000000, 0x100, 0x3, 0x4}}]}, @TCA_NETEM_CORR={0x10, 0x1, {0x5, 0x4, 0xfffffffc}}]}}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x4}]}, 0xc8}}, 0x0)
accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x80800)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400000010000100edff0000000000000000000a58000000060a09040000000000000000020000002c000480280001800d00010073796e70726f787900000000140002800500020009000000080003400000000a0900010073797a30000000000900020073797a32"], 0x80}}, 0x0)

3m17.539331809s ago: executing program 3 (id=1824):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x16)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='numa_maps\x00')
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2020)
r1 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x8, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000500)={0x2, 0x80, 0x2, {0x2, @raw_data="eca4d397a6846ac809df9312a39301cda14d1be078eab89d726dfa58803d27c128e1d45efc7ae1f7b2a61dd86de86146700d5c2f71d7a3664f61d391360075df3c7b0d27fadfd06ba0225f22df3ef6056109ea84887d71d15bd41bcdc4f41ca867d0aec52da75d82e43a34cb0dc99af00ac5d3b23112d4b4ab52ea925e20a96498845ba805999cdbbb32169dc9ff285cf34e9d119ba136a8d2b727b38a062ecf3213bd7310c3513ad9ce4dbcee3dc1a4a2d896bc765eba9f02e23f8ed6cf907714227e2df4da2da2"}, 0x3})
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB="79720a71248feff594"])
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000400), r5, 0x0, 0x3, 0x1}}, 0x20)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r6=>r0}, './file0\x00'})
write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f00000001c0)={0x7, 0x8, 0xfa00, {r5, 0xf}}, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x16) (async)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='numa_maps\x00') (async)
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2020) (async)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x8, 0x2) (async)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000500)={0x2, 0x80, 0x2, {0x2, @raw_data="eca4d397a6846ac809df9312a39301cda14d1be078eab89d726dfa58803d27c128e1d45efc7ae1f7b2a61dd86de86146700d5c2f71d7a3664f61d391360075df3c7b0d27fadfd06ba0225f22df3ef6056109ea84887d71d15bd41bcdc4f41ca867d0aec52da75d82e43a34cb0dc99af00ac5d3b23112d4b4ab52ea925e20a96498845ba805999cdbbb32169dc9ff285cf34e9d119ba136a8d2b727b38a062ecf3213bd7310c3513ad9ce4dbcee3dc1a4a2d896bc765eba9f02e23f8ed6cf907714227e2df4da2da2"}, 0x3}) (async)
pipe2$9p(&(0x7f0000000240), 0x0) (async)
write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB="79720a71248feff594"]) (async)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x13f, 0x9}}, 0x20) (async)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000400), r5, 0x0, 0x3, 0x1}}, 0x20) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) (async)
write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f00000001c0)={0x7, 0x8, 0xfa00, {r5, 0xf}}, 0x10) (async)

3m17.46725139s ago: executing program 3 (id=1826):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}]}, @NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}]}]}], {0x14}}, 0xbc}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="000086dd000411000400000000006eec00be00442f0100"], 0x7a) (fail_nth: 1)

3m17.35921117s ago: executing program 3 (id=1828):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000100)=ANY=[@ANYBLOB="30000000020301020000000000000000000000000800034000000000090002000000000002000000080001"], 0x30}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="00db00000040"], 0x40}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m17.253740431s ago: executing program 3 (id=1830):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x0, 0x298, 0x200, 0x200, 0x298, 0x330, 0x330, 0x330, 0x330, 0x330, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x98}}, {{@ip={@remote, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x4]}}}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000680)=ANY=[@ANYBLOB="b90000"], 0xb8)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)

3m17.10093529s ago: executing program 3 (id=1836):
mknod(&(0x7f00000000c0)='./file0\x00', 0x8001420, 0x3)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="24000000200001032abd7000ffdbdf250a28ba237cf66a99332608076ce381d7cd3ed6b9aca6ca597f39b9d5728823b5d2ac2aeabf38e0b4fe14e70537b974311b"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r3, 0x6, 0x25, 0x0, &(0x7f0000000080))
syz_usb_connect(0x5, 0x24, &(0x7f0000002040)=ANY=[@ANYBLOB="12010000fe76181004160780a6af011703010902120001000000000904"], 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x535, 0x200)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r4, 0x80dc5521, &(0x7f0000000300)=""/161)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix'])
ioctl$EVIOCGREP(r0, 0x80084524, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x203, 0x4)

3m1.796214764s ago: executing program 33 (id=1836):
mknod(&(0x7f00000000c0)='./file0\x00', 0x8001420, 0x3)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="24000000200001032abd7000ffdbdf250a28ba237cf66a99332608076ce381d7cd3ed6b9aca6ca597f39b9d5728823b5d2ac2aeabf38e0b4fe14e70537b974311b"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r3, 0x6, 0x25, 0x0, &(0x7f0000000080))
syz_usb_connect(0x5, 0x24, &(0x7f0000002040)=ANY=[@ANYBLOB="12010000fe76181004160780a6af011703010902120001000000000904"], 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x535, 0x200)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r4, 0x80dc5521, &(0x7f0000000300)=""/161)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix'])
ioctl$EVIOCGREP(r0, 0x80084524, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x203, 0x4)

3.162277043s ago: executing program 4 (id=3938):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r2 = dup3(r0, r1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x0)
r4 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r4, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r5 = syz_io_uring_setup(0x49a, &(0x7f0000000140)={0x0, 0x7079, 0x0, 0x2, 0x28b}, &(0x7f00000003c0)=<r6=>0x0, &(0x7f0000000340)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, 0x0)
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000340)={'wlan1\x00'})
sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x1c}}, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000d80), &(0x7f0000000dc0)=""/229, 0xe5, &(0x7f0000000f00)={&(0x7f0000000ec0)={'cryptd(blake2b-160)\x00'}})
ioctl$MON_IOCG_STATS(r2, 0x40189206, &(0x7f0000000180))

2.678886999s ago: executing program 5 (id=3949):
openat$selinux_policy(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x28012, r1, 0xe25f5000)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x1)
mlock2(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r4, 0x4004ae8b, &(0x7f0000000040)={0x8, "9f512446b64ddd12"})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2.67867539s ago: executing program 4 (id=3950):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b22b502a1f0dbacb0000000000000000050000040900010073797a300000000005000300010000000c00048008000240733989c4"], 0x34}, 0x1, 0x0, 0x0, 0x2000c004}, 0x8040)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x804040, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
munmap(&(0x7f0000001000/0x1000)=nil, 0x1000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x21, 0x0, 0x0, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="340000001300290a0000000000000000070000005b78001057030c580efbd54ef25db657687639988566aa1a659d527e", @ANYRES32=r4, @ANYRES64], 0x34}}, 0x0)
r6 = socket$igmp(0x2, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r2], 0x48)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6_vti0\x00', <r8=>0x0})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r6}, 0x8)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000002000010300000000feffffff02101400fd000002010004000080000008000100ffffffff0c000c400000000000000003"], 0x40}, 0x1, 0x0, 0x0, 0x4040000}, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xd, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r7, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRESHEX=0x0], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r10, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)

2.604244271s ago: executing program 5 (id=3952):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000080)=ANY=[])
ioctl$KVM_GET_VCPU_EVENTS(r2, 0xc048aeca, &(0x7f0000000080))
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = socket(0x10, 0x3, 0x0)
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
fcntl$setstatus(r5, 0x4, 0x2c00)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x20, 0x52, 0x1, 0x0, 0x0, {0x2}, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x1}]}, 0x20}}, 0x0)
r6 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r6)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5387, &(0x7f0000000080))
ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000000)=@ethtool_cmd={0x0, 0x0, 0x0, 0x200, 0x2, 0x0, 0x0, 0x0, 0xdb, 0x4, 0x0, 0xfffff7fc, 0x4, 0x0, 0x0, 0x47, [0xfffffffc, 0x80]}})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000080)=ANY=[]) (async)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0xc048aeca, &(0x7f0000000080)) (async)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
socket(0x10, 0x3, 0x0) (async)
openat$cuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0) (async)
fcntl$setstatus(r5, 0x4, 0x2c00) (async)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x20, 0x52, 0x1, 0x0, 0x0, {0x2}, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x1}]}, 0x20}}, 0x0) (async)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async)
fchdir(r6) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') (async)
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0) (async)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5387, &(0x7f0000000080)) (async)
ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000000)=@ethtool_cmd={0x0, 0x0, 0x0, 0x200, 0x2, 0x0, 0x0, 0x0, 0xdb, 0x4, 0x0, 0xfffff7fc, 0x4, 0x0, 0x0, 0x47, [0xfffffffc, 0x80]}}) (async)

2.60375324s ago: executing program 4 (id=3954):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = getpgid(0xffffffffffffffff)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
r4 = creat(&(0x7f00000001c0)='./file0\x00', 0x8)
close(r4)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f000000c400)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(r4, &(0x7f00000021c0)="61ddaf21c1282a5a635234dcc2f614ede5b0c406f5488574ed6fcb609ce20f648ee274c8dfeaa625b1fd332f70f776ae0b6e3f959c24f3876756c20e05c82079387520764f2446820d53242898a90e51c5b68297e39b7fcf558b450e9608326c3dc6704a054216a8c6f0d689e5eb6b8564854376910eff147682d2378b9c5b95a626493ce628b1bb6b524ed7e90ebe6eb0246399eac6d624dcf4e824be2de9c1d5d06eab13f2770577304eb676106fd9868a030192067ac009482e03a817f1abd909a94702479fe30b2594ca60b4acc37148cf04e8c0e76dd69e29d243596f8174129ac6ab9dbb79ace8f0fae14234845725102a027d4163f97f3971d207500defeaa2c7318f7e82e591701f9d3f78592ea7ec28806a53278a35a20251eeb2735fa9f37bf0045b5e6faf5f751c7ad31d8426be7b09027b2092f49247159a33b580d2691ebf00797962168bdc368f57282ce5b8526eacb80952ffba771626c0016b8a010546f0b4daf470814cee0ea418b76331c34616cea0459dbd1f196364c99e4a47bcdd64b518ef51833e6f8041fbbbe86e808bdbade7009985f2c4d7ffd76a0e7dc7d542bdee1d136d2096dfa997f98ac83c6341b306a3a8cf81642566d7777480d4dc61b0182f0d418ce95d74c9aadb182326d6671412a1f0c62c93a0ba873ff5daa4ece4b2fc73ed5b02b60890374acc0cd25cbf1707016a542fafd6af098f9737304c726712c8243dcd5eb15c0996e9e03dd741d519cb3e86ea214e20408c2cc5ea607585f1bfd268ba3084ffa69425512571d263fd1ae49b488b2964bd3e78943122006489cc22191dec2900a7fdf798c9f683461f2a7b940f4112b805dc077a7b99071b5b454f7c6d2b13a6b23091f74ecc65a24ac0d11e2ffd7332fb2b2b11aeec3c809d78cc2e168f126f38dddfe3e1d0ec1c6fb25f880690f97a70dc5fbea5d25dba3b24c01d9bd228c58deca660625511127a62220429c94be65d6ad4ce7e79e97af67931b46ccfabca5dbaea11e2dc76279b0244cc2845f31beff4a539a83c92d3676079d9d4eb0251dfead9e0a07a11c0a7e597ac89ec77de60a5f6e0ff4a62374856b8e1659e885d3a0d90293daa0c7bb041cbcd54bf098b66b2ddec28dcba4cfbad969e3b97e4bf680f901485d1cd4b231a9115c22ab2f911415ad0efe0eb7f4bee15c6de7d0f818acd687a117286f9e3c33df5206df918ea4ac52927487968d88f4a18d4889a4060f20487e4cec19250fe48a16b1f9f7250a6ab81fbaa2ad451a936ee98021bf859b9a635132a0dcf7530c0e2c84a459241a1fc9fe45b4a4f32fa8e95185db92660292ece6b5ddbb0b9f69bd7435cd4944f8ff2ed51172f0683fbae1013cde202498f2e1be54d1a2e17b3984b17d1994915a477c87697f465781e41b44c6a40ae035e75a4d9f9c0926bec533db0d4c26d605cb1ae225e692ed315062e8c3283716929e25a22b25105e018d81c07cb7600d1bae16d8beec33c88f1cdb52ac988b4677ed604c28ff1cdeeeb74c332dc526cff5ee935016984cabf117694cccabae944de4d2d2daff8f281b6434475b52c1910210598c684da99c108000a53d2ca03afd42b0200691d92341616353a22a8dacd8cb7eee85953b251236603d2ef1e450675f8d0f3cd0e28ef36457f79c267d836d14ed758148e979b9749ddcef14aec903939c69567a1697aae8f9ed72a16be0267a3a967727937f609720802570287c4e08641b9b7b979c6541add0e8600dd2d75a1dc0822ceb7a7e4e1afda2940d127f488589963b46417d7a7474545e5b08a621c1a7637b3fcb62b0aee10d999505907bd14033370e391f6192ff7d718e1db3ef861d30b2d477f11cd45ecb296d4babcccc34901165e3fcdbef6fa1ee478a97f7d21dc5562582d67c448ae352d3157d83e8ab0122a2bb056bdff8043a91b8f3abe4d788fe741483997a8e3fe126626a14b4243d3ff8ada8dd555c95d5e30b68cc053dfbbb61940cbb552cc1fe211ea5ea13cbfb6a577cde339282d84e92f866145e7b1de4d5a1705fc24fc8843f1a69f4c604adf0d715ad88c6a4ac80a35375662610e0ed07af9c4c76326716a77b106ef87782804ca353eaade28a1ca522d706282ebe48c0b23fd42b2e0297f5997d3aab40615f143e868c6aaf920bc827224946db3e3b3e65ea66dbfa5fe6c45dab930877852e86df251024e4ae46ee8e04cf40f2b3239f4df40062cfddada61700959deaeed3a44fb185ce51685fcab793184435b3e668e7d80820a613acde8d61e24571b9de7ce4581a4751d70a28e8d098660e81941fe40b6844a3204b512457194e100c995c75921569f735afee321080ed6310610887ca842001f5112c5af8c9083e3d088a404b48ee82e1e8be16fd493a2a643816488447706f3e86d2d0ed48f7397aad0cf105a4a71d928a15413ab3813e42478cf7a5be2e03d15ccb90a625863cb2ca1059110f90186cf4c370469f4d7e1ccda56ed9c427cce46e7d1c82641554ffa0c7c42697cbc754702b62be5ab03c995ac8cda3145959c440c4d6ead7d6398faf189de77645a05a54d6c33c9678daec6e5ac0048f91e15b2fdb808d712e662007da5e228ddc7370f575723a0018a1da70fa27e6624c8c75047eb584bf3399a8fce999df94f6fb54fb6c1fc954b1d899459fcd2f459e57c214ae590513ed268ed2d1114d8276642510a2eb99feecb58d8476550553a9f3d1f04c9bb442dae6dd84628b60cc9fd3c1e5c4fe3b9ad5f43b5d06e31ba4644f7499c03fd68cd2207027eeb1908a8022d70eb8fc8f55fee7be7e3af525d4fb1ab3e9b458246cbb5371e8145e1d04762c62068e03795a5a6b48d8643a83927c47000b7766e320e0ef2339d5423813e8d7845b939a9567745f6e2d6070764669c905ea77943a31f0df838a5d046f25d516bb654336f759c05dcc0febbbf1d214382a76fa09aa32be9799252f1d0fd8bacfe3f12574fdc82c6ed77f1c08d4aef88c157cbdac947346e3e015af60125d3e36ec6bd8dc5127c7ab1ed773c8beffc9dba99bd9fa1498a5a49bcce4ddb13fb85e256fcac569aab1c815527710d2c350c7cc84db5a7eb243227973fd5e2d1d8450077ececa0d96884c90ac0146d37b13f1aacc1eaddec3f0d475df6ceafe73f9076fcfeaf496efcae22d09745453a5e4776876ecfb1d004361f82f76b2bfba050d0fd5060f50fd74f9908a62649955e2f90e4ac4a4f0b29484cf80eebcbecb12db8586ee58443c181a59c046c657ecbb067a1e70d4c548e8b291a5aa681624747d9a52a6184a5fc82d824d9ab6156ec5fd73a038b38d86974e7a89b55a95b609e12c98f4168c0e48139749fce33397948224641e9823588858f82247d9abf8f84250564189676325e43944e888cef6918cd2b842b3a42751475a37656b3f04a02430705f16908d638212f69cf96d5311038e00e048468810d1cfefb0a9aeaf46d1bd31f7156a97542d9373abd3c069aa096486244389312031398a35e0ebca6668ed06dbe80290ac9a2a15ac9c208cdbcb2c1e18f008741649b4fe2ac1e6ca0a19980b6276fa09c5c0e67e748c1669add6fd4c70ba522be4428df305c3313929a4eec348f03fc6a6dfd1d6740a61230a977555b6b4d5165c98323871d750e80f9205231af03ab430a720dcaad03d113f38574ebada74f5b34a05a6abb7ba9b8b280401a3a21dd7e1e026deb438ed020d09fc93ffd7376ced7b5d6c9c35072c7f28ddb7fea3ffa7b7e6766892be2015c20e2cc7fa8bcb5832b97e964947ae940d5ce215ff3a0d74851d5735f3573d533cca9b3a89f9494f150cb732139cc2282304f6a375ee1062f6f850ebf89548973b6c5e7aee8b98b18b443332d3be20fea086653d52756b40ec4f08ad52f4d0a5a61004c700f070b83548670ef36dcbd8daf13ae6d382aaba3c3bac3c1efd953781d69e7365e1393d2c3f34d3dc91999ab9a545bc167e50ea6874fe8f49e93e452ad4710d7127c430ab2caf3ec1627e6a2a6a57604a5da490087991b68cd58d456f6818f22e38007e1628c6a78f6a8a321e3f0d5d5e1bc7f9ef53c4780b451dad949962c8a6a464b25cb161159b72f40fed8280daec34135f77373b9432f411b232e9374e9cb3fcd85a599c20d0b8e294835c60c2e034eb8385c507095c6eb6748180fd1ad97cb0a4b2ffa70c90891d373459538f4106078162bc46b425572466aa4769153b994698bbff1a98b5948e40d98bb2900445eebe95c4892bcb92b4c28b734ea7e106accc9836767e0881f970c9d69063dd918de44a484ef3f860b0dcec58f22b3f1a0abb9c0c2b6cd5bdacdc194f188588c0888d6abfa2d0b79d0b33a41e3b6a0f9fbf811ba20f346025b3a4be17eb5ce583b860cad5424bcaf1ef4a255678706052c1cae9cd77cc78639f975f07737b791831c64f0c974b23a5c428091b8b8e17a037ac3c6d56da4b4c7e4752736cbbc8d67b1b823e87d51ffc95fe9752e8479fc15a6fe7b96fbd7b93dc2144381c424ec7782d7f8b2637010dca11ccdaab1bad652a9ecd8b6ba2c116fa419c8582a0ccf754a294d9de5b457d9b1a4120fd53667862e50cb028e2f92c73a38f77ff57c93b410e7f3257bd56e5aa504f0643bd2bcfae2168046ad2737a36b21f6d993de1fe7b31e9ef7c79d545e5364b65011a6d26e0a2f1018a5280ca88d3d1e30c68195f8cf1a3ece813f22e44d83867c9f711218203d1adf2869ed89babca094b8def7ae0abd0245f522930db59c4b2eeec4d564bfdb931d435a986daba4b604d5bf30b1cfdf6960986ba0dab216dfd7ad95ca2555e0573d073dccd407ddd5ed7920c788aa0213aec90b38981a91bc370ede38d171648316d59478e66c068eec33295345162e9896ffc82f8d94b995d3a3a7a4f459e564632b5918b4fd850da380937655f19e2820376e7deb48edb0f5e295521a9a153f5ef69de397d88acc20be99779d7ea2c38445bd70aeeb68cc6c68c1bc603ab580b632866497a3dbcbfd933e2074323f66f1db73129eec8331c8872aa92a33e2180fc0cf2e28d198faef4421064b8435f37b5bfb9b531332b3b0838015fe848f0ce859db8706f2e53fb07ce4d0fd017d85ac9ce2943ab172f08b13c948c3778d2469257d412b1a5305526cc8dcb4a8645f825cca66a63b7134d8b7c760db6a8fa21f2df3456e9b460867303a9d53fb01db8548800d800e49c08c8d731bbf9a642206f4cc6673e4fc0f7106661abfde1eb8a8d384b26d88c16d15f238556ff4b205145d860228038430cd8a342bc15849afd81666b55b358e3ec584fa96f119b77495c4ec36616070237bb170fc04d3befebdaff66643814eb8519abaaf1e9bf939bf5bfefa33c32fe9909055393e383268e426436305b370867db76991ca600bf6211dece3b6b7b4dc5cd4569ff4538080fec318a9e0cce4a8cf26aca8359b503781aaedc2d58b0bb1a82c163425e678b488bdc7362d0be24a7a8238deb31482c332d4d385005ca84c836933b0fce21685ec067adb9490d1a416f83e36e6e3b87d05ab6973f4e359a1fb5a4dbf2ff6a85d235e50d893f222c2a7d84252be9015e104ee3609c83cafdd796a8422257c9ca9172888d91c0f2f2afe36dccada9a713cfc026cf25e113fc543d522e9254f5e129d7ffd61b43ee25bdd63545a81a2b086b616e23abd380a7bb8e54b8341f42c663da1fc8451f21da7315aea416e6856d4d45128dcd34a0f3aeb7aed00c54c348f38888b8c8fec59028d38344a92249c95943d3ff8608bc11406102ebe8269892b2e909bd82ba467aabef127713a0993df779ba7b0816a990566699e4926d75fd47c3f1b9cae3e58771a6ae8776fdb672ee70f215fd908d6dfddb8a2ad10f27b749fa6e67171848d70d3ae135ee3defb2546bb35a3ad2d8ac0e838ff8abb1cd733d80047bc8626960a257b704b43bf0390b7fee656ca7831d23e8ba940533c16c17de68270bb3b2d3bf142b34899b3a106cf9569b4f46f148297c61390733ff9f399c669122dd045187d0a35fe54b4f17e4090c56cfcfa47498b1701a855827d35cf3624624906f997092b010b1da616325a090770694d028fae9874a91f8d21fea85804956594b8252c24d05df5775148ecbf8ab38f131c268cc263f6a2dcd375acfbf39a2defc9869801a720d83add1ff01ac7fc389bc7e35c2eee2b44f808508e6e02ea31cf23ea9f2118bce520101e307b394e5fdd28e90870a327b0a1444b552b7227134a8e5397474a6c0e1ce89d918c899d292660ea44294e07b1645ff9e85f65156f92d55ae795e134250b5359dec6c31d4892d83f363cb09632bb738c4e7f351361adc3ab54776a5c55d6ff4895516c82cc6387b1a424f3af2bb0398d0d4a71fe44c5132b7ad5fdfa732bbcff9f02395df587714072caca65f5fc1215dc9068585e1fbcee22cd69c0386a6482230540ec9ff8e373018e4e2788b9502e5be3e3247f997800c68a634e4490c91d01144a63a7a55afbfa4f0ef5ad538aeec8ea203ef2716ff989e11ce4985263898b8e36b0d3386b816ce484e81404a01ac0ed9f18ef5643f93d46705c949acddca2b74ad53441090f658d22dd081aaf49a7bb07c93ab8dfb5213cba354b4d37d9899423d3b3d45e9463c506ccd69747162d2d64b54291d11fdc6c9b89114543d6948f10e68008973cc485df080b84e0d098f962715ba009f2aa1fb41f7199ea5b9b70df0e1c378da164f7257b4ed04a9fee7cc2de065ad35a60b882d78e26d5804942ed1f2bcf85fc63795fb9164a5f94ffe6bfbf838c9197bce2160d24f88dca14c3e733d18ff1fb7acb0ebdfc4e2ce268a676fb27cc34d4b6b5d7e8db29c020c4c498d793931b0fc7d91ad68d3d8463e36a267833edbdd7062f4d62aa9fd1cb7f8e561d3939bbfa118b897167168832c0aff17fb6cdcf75ad6ef0a18e2b37fb24c85d0866f2e5f191b2ef8fe9b5997635a74cb06aec67363435eb175559629c09316f96dc56de6c7785335d121fc2e4d47c2f50c37c5bf7950ae5de07b3b73830f4299d5009742d4eca98df821a95d244967a42b5a4f3375edc41c5281ca3104bd247c14e838912634d4764c1b6e440860d98f258aa8a24e8af643497366edc2b781aec0567451884aec0343ced1fbddfae585db1012a6d9245ad85c56aa33d5bc30307515bccc8d36d7848c99884db4a49d748e1953b4673e4286393fc97c233d529435faf7ed9f9aa64029814b7cd6a36c3dd9ca7be95e5c4d48e024a3d23651cc81c00a52e2fa2d094435ebdb4ae5be8e6b53cf628ddc87a4bc2dccc98ac38019c91789a40d103fb95785bde5992de08ecdca1dff2ab7cf5013420b3d29b8a7f0af455c4e86285422b986bdf482b87297061084b50684e936acbb075a84e720a2d03892efec7dc1af2fae2a7ce7725cf0d19f39403b273be262c7a4ff638898f6caf84bfb358c580ba4adfd8664bcc539b82792e39ab4f1d8393b1f98f6dd5aae14bc6b73feeeaef7c3accde4d9b098f2d5c7ed68621851f37d27980c4b44df095d865493eeef2724db90aa53a3c37bd345ea75b4e76e8878deae1b4f3204c2957f3806e36a03e995f7633de9b863ff6b3309d330ade917c82f3286d9500105755efac22a4220f457debd861df3c0925dc4ba8913cea12b8deb93cec87c972421bb8442ef2a2a9d638471108ae0152ae0100000000000000e370a21bfe1e5777df8070bcefba8596cb8f71a516b505b1f83de1129cee91d3a4d6383daac7b9de46a99bc34661f3d805d2e138a769fd6489e4d058a3ab35ccbc81251aa2f23f83d7740bd8869465634e10e114c62bdfd640d69cebf6e78eb0970fa442746f7c3bea77d8589ab131827a95b274dd63ea04fba4c822aed4f8d0cd83ed83177d90332c7e66f103d4eb1dffb9ec0f52094bc7324a7c59819dca343776d6adb6850e7e7e83e2316db1c32feb4ea1c6f47a2ee41bb09d0a931f4fa3cdf7ada2bac7fe5ae2b997e24b8f8c52b0bee2482b74af68b407f0d78f3767bdcb42557c9f3aff0c2c2ea7745a0f588b00a751c1c8d2124a8bfd4d7f756587d239cc43a8cae1d67cf15c73dc8569a1ebdd7b8559e969541a547c272e52d57e5924ced9afc87cd2cdcdf8e30f423ebe26170393ecec06afa093839fc3a10fdc3f9ae19e79e4df6a9af6027e1129a7a6cb4517607eac80fa2b5f7853fe84028a66976ec4b4af50abe9ca959b844d7b2ab94903efec6dfc99ed9df2c329c0e8449b4d2a0a5bc2506d170884d2c6ea8aefebcaaf2abbfa3c4d9e4d201369a47792124a7909e247dc98b777b60a30b1461d857f164e3df983d9a900f8b11bddbdcf47c29d483033c9250f30e268ddf97e0ecbdd99d6fb3dc4562bb75f8f1e03d1aec424293fa5fc786444411a512fc582a9b577d5e88fb9d6f7346bd489f6eb4296e576e25c45e114fb6a3d0b6b831fb4ffe7486daadf2f0ad78aad8f8f7eba17e524de06e81a5af9c1aa09019fcc51611afc45fd30b8ecd2a2ae19758a1ffa55f79cdf53ef1bb55e49cb58d8b291664be61586ace94c7b378d685e54aeee09af828a3ce7335f9d03f8daabcf3543b8099956f60913db6ab401a427aca83772df4fce9081409ab426dae09739b50a8ab4c04a6d2e63b2c4c0b5f7fbd9dc76722057ab6cefc9ccae3abf251259f999fe09dbe1232b8ecf0e26b3d88d13a1001840f6b5942359c3ac75bfc321d9504bcc0e3f4add741125941ece20b4f90416b1f14edb4ecb1ced79cef883aa1d5193f3efeeae7e103891ae4840978fbe74d2cc90b7e02b4d839f15c75576b74e05f7a8af71823317a851bf0ff9171bdb16ffa36f57ccdef61065a62d64ba434571db0d476995e2bf4f148f0a6276b2fad82f03b91fe53f9a7acff3ecdfcedcc1eae42e52e1f7443114b8edc8a9d5c8a55727f7ee1d20e1ca55b42e51b47fc4d2313458ab9a5f05c1411dc8f11e4c57d3fe87183763bd24cfb8dc583c82ce9c0abbeb76310666d2236e2ca164c66e6336fd571967f35b2b0ba847922f5aabf97aea061d19eb9cc3cd6e764da9651f9e66577d9c8870734fe8e03d20ba107e6e2997ef7c42f940b88410c6bf46635cb5e402113411a98c75e8cfd3760235d7a486bfeea1a1dc188b7886172ac66d45a4bd87f60b8502382888f3806e47ffb74d9aef2519e91536f7798b7c22ee70566e686ae2b577f6341f7c47dc1ae41f2af983b80f7db23a3466b4f14e2afd591b19d36375acbc0c8ebf21654c8cf44ea49103299eb1ac6e96bb282a33a6ea204aa266b7d627c53757daa176f6cde932e7e0342977dbf7d5668e8ba984bf05dc610e5450eb4c3dcf7965eedc9b168a9c274ef6a050e93234a9bb5488a5aefaea9c442729b5416dcee6bac23f238bea2f1f4615c863a3ff7c7a081558237f2097b9ffa869f4b69fa32784f62c0b7a458411efd3a9108735de667c63c34af2225e382a17600acecc118ac1f81ec5ed9a26fa966bee8dc6f55c17bbd89a94932bf930b081fd310ef94c490855453551e9eb809e9d568500e6662564b65701a721208dcbef9a07650f9faa5a503d37f2e1b1912fbfb437f1f4c2d4a830a2dcfae905d323fe9a6a01cc8d88ff82a26a1c228103396b6756659b6a8a9ff8b31494cd8bde6205d6f62e698d9ae43ec740fafc60d798a85e5f8598486b6e82f23506c6004ec2f733cde633c3b45d9ef14fb223c020a67f305e33b5d3b239b5026ca679004e212725a4090818734435247b918dc9c65d2f0c580722651217ce7a2dec34c0f8c49e3dc051c01f5d445dca8675339f5c8b30ddc19f51ffa9e9c513f5fc9892dbe5ee5bc148ebf3033635401c8675f0fb43e503d73cd432e3ae2f25bf29b4088a3193c208f5ba51882364202dc3eed6f3ab9a871b4afa960f1776cc92deb7098ae6f61af30e715ab60d44f378bbb79f8fb663de164a5f4f582e6a17fd7e553e677632d1e8489a8138bc780418de30c0a95ae3ec3b0cdee51901869acc318a6725c0c06273dc67d393129278225b9384d978512befdf449f85146fbbe92e6b52cf40028b13d77ccc68e7b65e0c1a25f1f9d17b06b17f216729684fec1b4c0c3fdaf40af5dd1a3f4492d49e018f60f41d91524bc5d750789fd39b6e69cb66b1d86b2c1405331e3e793fb38dc447161f1ba02cee1519b72727aee9ede2898c5195adb0dc1c29fe6eca6598c5612a7f98bfe0d1853e44f47c94ae57bfdaee16711135226c9b44440abbeca5ed53b0aa58d34fa0faf766087135599d7b88a04d5ba7d69c148f3ebaee211a06438146d762c9f85d9007a228edd7d71ad18fe69a1af0caa6176eade25bea11504c2f0498a450d4d265bf97dea5b23c10560c9844d761702a5814fb355827ed6f46bcebb61d0a06c21746625a438c38496a941f447c2150c9125990ff7feef9d551a7adcbe0fd828ef4397c0799507599899259f61ff914f76be6077d0daa67ac0ab9093ecd0f78455b605a7885cae38a88b2955cecd37f972841f440de12831263ae64c7c78970138a738bcc66aae8c1a5c3ca0e166dde9860bbfc4c7bdb854cdb3d94ad4c723b2de03a50dfd120041a9b3107a480e7e108f729484d0df0d8e47c3a6b7ce0376e642ec5a267a91dd2bb1f1b3fe56a5097edddba482627cf79b66801fdd4ecb733067ad52e8fb9970be01a397ede6a3eaee6b8524f8e1cf00e0c5aed165b8b1533afaaeeaa82153f9840760b58b8a12e8168956db4522f2dd5a13183cf861acb0c0bb2735ff5cb683f633bd99ba2bfa7f1fcdd0a54d3b4fa9a7d3de250d7e40bd7b3a829a4f04fd71c64ed4f2503094773b45fdd821688d10ced9da17089b7c954f7e4a7f3e56226abee46d7eb93a6f3d039a7cf3dc14c18dd7502aa0e29e1c54bd1c2182138e06326f3cd4cddcf1997c9739f9e4a0899ce919f20b2def0ff103e5a9e123a1db4a544d438f789a0ed26664523bd55902364f4a21b2a92fcc111392dcdcf7ac0ece18c474d47a11d544b64836a62e3e1e0e9d15f8066315f000b7d8603f772704ed5b96798f28e4f699a671023a4d49c5a1e30d14145b9179e4b0f3424fd46cc22ca48cde74904876cc037a04aee32b53d02e4869427b6b18bf0ce7b5ffb75268788ca5029d2d12b2df068219af12d4e17e56f83e581b0fd6cb7048204803342ab8b146b0c237d6ac7aeb2ee21550c00da60286994f1e7ca53de19d874f7bb27c8c5e263fa350448ea28f4ac0cdfdc4c0d5096f2ab328d089dacb5e87f0a29814e8461470a22ee8a4a318f5e2b5317a027da39789b7b17bdcc9b26bdad1ba5e4580f671a3179a9fde91408aa41a68f47c71c524f8e413557b0656cc2a67e36da5a07ee7c55b0877ecf41a8616ec20f59d370f3eff6b10e68a6c55feff6f52f498bc9ab77224a7548ccdfa3de41ff44ee4bd32295a42d9fdac1a4c8484a7383a6bd5e39cb0249e939fe7f53075d6d4a54bcfbaec50853c5e4bfda256665ed56dcd20fbd04a1d40c200223ddac36a7229df6003f335227a6bde261f7e2f7c980e7e522c68abc63601b3b1a9ebdd4530e4f33b9986f582300", 0x2000, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x78, 0x0, 0xfffffffffffffffd, {0x410000003, 0x401, 0x0, {0x0, 0x1ffdffffffffffff, 0x200000000009, 0x0, 0x0, 0x4000, 0x7f0, 0xb, 0x0, 0x8001, 0x0, 0xffffffffffffffff, r5, 0x10000, 0x20040000}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={r1, r3, r5}, 0xc)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x3d18, 0x4)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f00000000c0)=0x198, 0x4)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={<r7=>0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000})
close_range(r7, 0xffffffffffffffff, 0x10000000000000)

2.454634876s ago: executing program 4 (id=3955):
r0 = socket$alg(0x26, 0x5, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x1000, 0x0)
write$binfmt_misc(r3, &(0x7f00000000c0), 0xfdef)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = accept4(r4, &(0x7f0000000000)=@can, &(0x7f0000000080)=0x80, 0x80800)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r6 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000035c0), r6)
r7 = accept4$alg(r6, 0x0, 0x0, 0x800)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r8)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x44, r9, 0x1, 0x0, 0xffffffff, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x44}}, 0x804)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r5)
sendmsg$TIPC_NL_MEDIA_SET(r8, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000180)={0x1c4, r10, 0x34, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0xe4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x80}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast1}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'wlan0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @multicast2}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x2, @private0, 0x3}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, '\x00', 0x1e}, 0xa5}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}}}}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fffffff}]}, @TIPC_NLA_SOCK={0x40, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x18bb}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffff9}]}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x2}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}]}, @TIPC_NLA_MEDIA={0x2c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4001}, 0x4014)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r11 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8b04, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$alg(r7, &(0x7f0000003540)={0x0, 0x0, &(0x7f0000003440), 0x0, &(0x7f00000000c0)=[@assoc={0x18, 0x117, 0x4, 0xb5}, @assoc={0x18, 0x117, 0x4, 0x4}], 0x30}, 0x34000041)

2.329331583s ago: executing program 5 (id=3959):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000001940)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x800}, 0x1c)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x1, 0x8f)
openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r5 = syz_open_dev$dri(0x0, 0x1, 0x2100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000300)={0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000a000001f080000db0b15161681603a5b7361e584c565501d78fc43d3fd808edf3b8a7a4214de5ad0fbdd9de3e87ab88cf5382e6444151d9a7400acc3f7bc4886b49e447ae649731b97859fb291dd95ad6a874357bb40beb5ff29ace112e7023dfeb8c6b0e742f4ea4dbd8cb2626ccc050c6c05110f7f15c0d7da06a9bfcf9e4a58e9027c80e8769f15d58b6accc6ce4665487444547b2b0d2667eb2bd01700"/177, @ANYRES32, @ANYBLOB="00000000031201002c0012800b00010062726964676500001c00"], 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000180)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6}, @exit]}, &(0x7f0000000200)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0xfff9, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x1ff}, @TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xf01d}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40085}, 0x1)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r9 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r9, 0xc1004110, &(0x7f0000000000)={0x0, [0x5, 0xffff133a, 0x1], [{0x40, 0xffffffff, 0x0, 0x1}, {0xa96, 0x35}, {0x0, 0x8}, {0xffffffff}, {0x0, 0x800}, {}, {}, {}, {}, {0xff}, {0x400}, {0x0, 0x4}], 0xa})
openat$selinux_access(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2c, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x2c}}, 0xc0c4)

2.270439125s ago: executing program 5 (id=3961):
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, &(0x7f0000001300)="92", 0x2)

2.063991537s ago: executing program 2 (id=3964):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x5, 0x7, 0x5, 0x6, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x20003, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x18e, 0x6, 0x6, 0x0, 0x6, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x3, 0xe, 0x312, 0x66abcbd2, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x5, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffd, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x5, 0x1c, 0x120000, 0x7ff, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce4, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2000002, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x5, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9622, 0x7, 0xaf, 0x20000008, 0x5, 0x226, 0x2, 0x5, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x7ff, 0xd7, 0x200, 0xb, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000004, 0x20010, r0, 0xdd644000)

2.007406487s ago: executing program 2 (id=3965):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) (async)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000080)=0x2) (async)
listen(r1, 0x20000005)
r3 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r3, 0x29, 0x3b, &(0x7f0000000940), 0x8)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x121400, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000049"])
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r7, 0x0, 0x70bd26, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_BSSID={0xa}, @NL80211_ATTR_PMKID={0x14, 0x55, "9e138c8ab5f32ab03696fc48a91b23dd"}]}, 0x34}, 0x1, 0x0, 0x0, 0x42a8dbc871a8780e}, 0xc8c0) (async, rerun: 32)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) (async, rerun: 32)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r8, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x0, 0x20000000}, 0x2})

1.88608898s ago: executing program 2 (id=3969):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, 0x0)

1.885881796s ago: executing program 0 (id=3970):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000001940)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x800}, 0x1c)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x1, 0x8f)
openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r5 = syz_open_dev$dri(0x0, 0x1, 0x2100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000300)={0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000a000001f080000db0b15161681603a5b7361e584c565501d78fc43d3fd808edf3b8a7a4214de5ad0fbdd9de3e87ab88cf5382e6444151d9a7400acc3f7bc4886b49e447ae649731b97859fb291dd95ad6a874357bb40beb5ff29ace112e7023dfeb8c6b0e742f4ea4dbd8cb2626ccc050c6c05110f7f15c0d7da06a9bfcf9e4a58e9027c80e8769f15d58b6accc6ce4665487444547b2b0d2667eb2bd01700"/177, @ANYRES32, @ANYBLOB="00000000031201002c0012800b00010062726964676500001c00"], 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000180)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6}, @exit]}, &(0x7f0000000200)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0xfff9, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x1ff}, @TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xf01d}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40085}, 0x1)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r9 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r9, 0xc1004110, &(0x7f0000000000)={0x0, [0x5, 0xffff133a, 0x1], [{0x40, 0xffffffff, 0x0, 0x1}, {0xa96, 0x35}, {0x0, 0x8}, {0xffffffff}, {0x0, 0x800}, {}, {}, {}, {}, {0xff}, {0x400}, {0x0, 0x4}], 0xa})
openat$selinux_access(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2c, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x2c}}, 0xc0c4)

1.884300418s ago: executing program 0 (id=3971):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xa0}, {0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x2}, {0x8000000000000000, 0x0, 0x7fff}, 0x6}, {{@in=@empty, 0x0, 0x6c}, 0x0, @in6=@dev, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaa00e300000000080045000030ff0000000001d078ac1e0001e000000104419078030000007f000000000000000000000064010102ac141400"], 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r5)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000002c0)={'wpan1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x5, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="850000005b000000720a00ff00000000730a9fff00000000950000000000000018100000", @ANYRESDEC=r6, @ANYBLOB="0000000000000000050000000000000095000000000000008178abb00a00495923af812ae179aa53041287aeba3836718fda660a4d7077add2664ff3e0360e2002c3710ad02845adcf2f44156b86d7174a4bdef00399a2aadd3a8d98dc38988a68dd585d29ee6ec0c9c2bcf8ddc98b6b5749a459e6d1d3ffdc37d48980cb6da824525f0abcb941286bb95014977c09fc597078ae45ad9457ef93300885d323380082c4332ffe7d26dc5a6c5a67965da6b8516a8ba3be97fbaf21d899d46a49506a52b9f2871fac6080c85847e33f7602950b78d2586532f214f558a8b583faa57f4214"], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7739, @void, @value}, 0x94)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r8 = accept4(r7, 0x0, 0x0, 0x800)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r10=>0x0})
r11 = syz_open_dev$vim2m(&(0x7f0000000240), 0x2000a54, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r11, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1, 0x0, 0xf8})
ioctl$vim2m_VIDIOC_EXPBUF(r11, 0xc0405610, &(0x7f0000000080)={0x0, 0x1, 0x1, 0x4880})
r12 = socket$netlink(0x10, 0x3, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r13, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r14=>0x0})
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000001000030500000004000000000000000047ba4f0eb924ba94fdf7b4512774b34f417d8aa6de2767539896ffe6f2b062c5ab8ded4a7735ddd6a2984d5b7ac074fb43c73dd77d6e867fb835e506f4adf4afdc458cda9d9cc4b3570e20028262a2a7e6a404100788c2e1330c0d127e6033e8c0000000007a0078859dc1fd8c00", @ANYRES32=0x0, @ANYBLOB="1546010000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r10, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r14, @ANYBLOB], 0x44}}, 0x20008040)
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb09587", 0x4b}, {&(0x7f00000003c0)='hp.DM', 0x5}], 0x3, 0x0, 0x0, 0x20008004}], 0x1, 0x20040884)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/85, 0x55}], 0x2}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

1.717771501s ago: executing program 0 (id=3972):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000009c0)=ANY=[@ANYBLOB="40020000", @ANYRES16=r2, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r3, @ANYBLOB="10005a800c000180050006000000000014025a8024000180050007000200000005000700020000000500040002000000050004000100000090000080050006000000000005000700000000000500040002000000140005"], 0x240}}, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8808000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x11c, r2, 0x4, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x7ff}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x2}, @NL80211_ATTR_STA_EXT_CAPABILITY={0xf6, 0xac, "e758bfbc28c42a2c11ed5040941dd212bcc24c4d55838b4ff963a97deeabc19ecdeffb1de685d90c1f42079d34bfc256073c6b528d1868fa2d03c1b968ddd39544a370e7687f96d62398e43f0a608b10a4530411430e197dcbf72c576948b6dd39035cdf9db308d0792bc9afade0bf95ded4abc996f238177301f38adb200173ba4c44d530cb8f864d65cf9f010df644c4f35608e415cec4264f3cb19d1969f281e5643e257962f5b575dbb8efaf47111dd6e6080698908d79b89435d808078bcafe4a8df259825b93f4bb8766e2d6b0c431a570f4e258fc306b39c70f3a8bb89812c3845b4ff9bae0a735c27d4379159bd2"}]}, 0x11c}, 0x1, 0x0, 0x0, 0x81}, 0x40088d0)
r4 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={<r6=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/net', 0x0, 0x0)
getdents(r7, &(0x7f0000000fc0)=""/4096, 0x1000)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r7, 0x84, 0x6e, &(0x7f0000000240)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2a}}, @in6={0xa, 0x4e20, 0x10001, @mcast2}, @in6={0xa, 0x4e24, 0xffffffff, @local, 0x8}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e21, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10001}], 0x74)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000200)=@assoc_value={r6, 0x5}, 0x8)
write$binfmt_elf32(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03000000110000000d60390170f74f9ef4"], 0xd8)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000009c0)=ANY=[@ANYBLOB="40020000", @ANYRES16=r2, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r3, @ANYBLOB="10005a800c000180050006000000000014025a8024000180050007000200000005000700020000000500040002000000050004000100000090000080050006000000000005000700000000000500040002000000140005"], 0x240}}, 0x0) (async)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8808000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x11c, r2, 0x4, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x7ff}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x2}, @NL80211_ATTR_STA_EXT_CAPABILITY={0xf6, 0xac, "e758bfbc28c42a2c11ed5040941dd212bcc24c4d55838b4ff963a97deeabc19ecdeffb1de685d90c1f42079d34bfc256073c6b528d1868fa2d03c1b968ddd39544a370e7687f96d62398e43f0a608b10a4530411430e197dcbf72c576948b6dd39035cdf9db308d0792bc9afade0bf95ded4abc996f238177301f38adb200173ba4c44d530cb8f864d65cf9f010df644c4f35608e415cec4264f3cb19d1969f281e5643e257962f5b575dbb8efaf47111dd6e6080698908d79b89435d808078bcafe4a8df259825b93f4bb8766e2d6b0c431a570f4e258fc306b39c70f3a8bb89812c3845b4ff9bae0a735c27d4379159bd2"}]}, 0x11c}, 0x1, 0x0, 0x0, 0x81}, 0x40088d0) (async)
memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0) (async)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
shutdown(r5, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/net', 0x0, 0x0) (async)
getdents(r7, &(0x7f0000000fc0)=""/4096, 0x1000) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r7, 0x84, 0x6e, &(0x7f0000000240)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2a}}, @in6={0xa, 0x4e20, 0x10001, @mcast2}, @in6={0xa, 0x4e24, 0xffffffff, @local, 0x8}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e21, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10001}], 0x74) (async)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000200)=@assoc_value={r6, 0x5}, 0x8) (async)
write$binfmt_elf32(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03000000110000000d60390170f74f9ef4"], 0xd8) (async)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) (async)

1.717449903s ago: executing program 0 (id=3973):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @mss, @sack_perm], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)

1.607856422s ago: executing program 4 (id=3974):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_clone(0xa120000, 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0xee01, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x22000000)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r3 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, 0x0)

827.590092ms ago: executing program 0 (id=3975):
socket(0x10, 0x3, 0x0) (async)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001200010a001800000000000080"], 0x14}}, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) (async)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xc, 0x8, 0xb8, 0x1, 0x80320, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
accept4$unix(r1, &(0x7f00000007c0)=@abs, &(0x7f0000000240)=0x6e, 0x800)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x9, <r3=>0x0}, 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000480)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}], &(0x7f0000000500)='GPL\x00', 0xaf57, 0xd4, &(0x7f0000000540)=""/212, 0x41100, 0x26, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000680)={0x5, 0xd, 0x3ff, 0x2}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f00000006c0)=[{0x4, 0x5, 0x5}, {0x4, 0x1, 0x0, 0x7}, {0x2, 0x1, 0xe, 0x2}, {0x4, 0x4, 0x1, 0x3}], 0x10, 0x1, @void, @value}, 0x94)
r5 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x1a, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0xb1ad, 0x63, &(0x7f0000000380)=""/99, 0x41000, 0x4, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0xe, 0x3, 0x1}, 0x10, r3, r4, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x1a, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0xb1ad, 0x63, &(0x7f0000000380)=""/99, 0x41000, 0x4, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0xe, 0x3, 0x1}, 0x10, r3, r4, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
timer_create(0x2, 0x0, &(0x7f0000000340))
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000880)=r6, 0x4)

368.242553ms ago: executing program 2 (id=3976):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'vlan0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@deltaction={0x28, 0x31, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x28}}, 0x0)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000009)
lsm_get_self_attr(0x69, 0x0, &(0x7f0000000080), 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x7c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x50, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0xe, 0x1, 0x3, 0x1, 0x4, 0x2, 0x6, 0xfffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0x8801, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xffff, 0xa}}]}}]}, 0x7c}}, 0x24040084)

297.869844ms ago: executing program 2 (id=3977):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

215.511051ms ago: executing program 2 (id=3978):
syz_usb_ep_read(0xffffffffffffffff, 0x8, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000540)={0x2c, &(0x7f0000000740)={0x20, 0x30, 0xc1, {0xc1, 0x6, "ea4c4af0ac0399a6cd74d71429bfaaf9af15c4b446228f8968a2c2f5f2d942773cfe4165b9112f4ba3c74866b5c47195fa8815377b1d761d3399c93119c13ce20725d2ff70e75fc8eaabcdbd57b8a2443c890873ca411b1a55f74cc4c88427bc781fbf41cf362800efdddf719b2446252291f0572bf43246a2e4ed63f4026a7d08ea8ea15d3b6282b11ca7664b91a9aaa0175c4d57ff42f0eba4eb9a7cbf9b34a610904709b568965b438b70e2e74ae430253b0bc0985cac299cba5f9ee4be"}}, &(0x7f0000000840)={0x0, 0x3, 0x9f, @string={0x9f, 0x3, "6b1b5373b9ac48d0ca6ea306dc800e7c7881d5ac36fabcb128760a3bbe8f706d53c353bdcd9943500c62df9895479038038ae91d7954338723d7d12bef8f52e17ed64c5880f156ea4bf0cd41729989dfc2cd156e02893b3a8c0148a2998a37fbb8653c9413097b4c5b8cb2b9a850d680cc81b3fed4b0690a32c6ebacf471729337df2f30b579d3076f028fd5c78398edff0f8a81157326a57ed0a89dab"}}, &(0x7f0000000900)={0x0, 0xf, 0x6d, {0x5, 0xf, 0x6d, 0x6, [@ss_container_id={0x14, 0x10, 0x4, 0x2, "3f0645d5c9e373932c06d0e3cdb1ff17"}, @ssp_cap={0x20, 0x10, 0xa, 0xb8, 0x5, 0x2, 0xf0f, 0xfff9, [0xff000f, 0xffc0c0, 0xffc0, 0x3f3f, 0xc0]}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x9, 0x0, 0x2}, @wireless={0xb, 0x10, 0x1, 0xc, 0x84, 0x1, 0x40, 0x53, 0x1}, @wireless={0xb, 0x10, 0x1, 0xc, 0x10, 0xff, 0x0, 0x400, 0x10}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "de8c6076bca8dea0cb8b118a875fd546"}]}}, &(0x7f0000000300)={0x20, 0x29, 0xf, {0xf, 0x29, 0x8d, 0x0, 0x4f, 0x3, "f7620b55", "7445f099"}}, &(0x7f0000000340)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x4, 0x6, 0x1c, 0x7, 0x400, 0x1}}}, &(0x7f0000000d00)={0x22, &(0x7f0000000600)={0x0, 0x17, 0x47, "97ff290bac6d5d6c1b3174f9e175b9b7810ed37b9cf4a4846789c8481a27af233910e9206b6e38ce9c94cc3d9fc0757ade4c3a977d16b7477a3ef1b69ea0634e04ed5bd6c95647"}, &(0x7f0000000580)={0x0, 0xa, 0x1, 0xf7}, &(0x7f00000006c0)={0x0, 0x8, 0x1, 0x7}, &(0x7f00000009c0)={0x20, 0x0, 0x4, {0x1}}, &(0x7f0000000a00)=ANY=[@ANYBLOB=' \x00\b\x00'], &(0x7f0000000a40)={0x40, 0x7, 0x2, 0x1}, &(0x7f0000000a80)={0x40, 0x9, 0x1, 0x9d}, &(0x7f0000000ac0)={0x40, 0xb, 0x2}, &(0x7f0000000b00)={0x40, 0xf, 0x2, 0x7}, &(0x7f0000000b40)={0x40, 0x13, 0xfc91, @random="35cbfcf5f906"}, &(0x7f0000000b80)={0x40, 0x17, 0x6, @remote}, &(0x7f0000000bc0)={0x40, 0x19, 0x2, "83ff"}, &(0x7f0000000c00)={0x40, 0x1a, 0x2, 0xa45d}, &(0x7f0000000c40)={0x40, 0x1c, 0x1, 0xd}, &(0x7f0000000c80)={0x40, 0x1e, 0x1, 0x44}, &(0x7f0000000cc0)={0x40, 0x21, 0x1, 0x18}})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'})
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
r5 = open(&(0x7f00000002c0)='./file0\x00', 0x40800, 0x81)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x4, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r6, &(0x7f0000000280), &(0x7f0000001840)=@udp6=r7}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r6, &(0x7f0000000140), &(0x7f0000000000)=""/82}, 0x20)
r8 = accept4(r4, 0x0, 0x0, 0x800)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r5, 0xc0984124, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/71, 0x47}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r10 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000980), 0x200002, 0x0)
ioctl$CDROMRESET(r10, 0x5312)
r11 = syz_open_dev$video4linux(&(0x7f0000000140), 0x4, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r11, 0xc0585605, &(0x7f0000000180)={0x0, 0x0, {0x6, 0x3, 0x100d, 0x9, 0x7ef7cb5e8d242b63, 0xa, 0x1, 0x5}})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r9, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r12, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)={0x10, 0x1403, 0x4, 0x70bd2d, 0x25dfdbfd}, 0x10}, 0x1, 0x0, 0x0, 0x801}, 0x0)

92.453507ms ago: executing program 4 (id=3979):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef) (fail_nth: 1)

86.028176ms ago: executing program 5 (id=3980):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f0000001940)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x800}, 0x1c)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x1, 0x8f)
openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r5 = syz_open_dev$dri(0x0, 0x1, 0x2100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000300)={0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000a000001f080000db0b15161681603a5b7361e584c565501d78fc43d3fd808edf3b8a7a4214de5ad0fbdd9de3e87ab88cf5382e6444151d9a7400acc3f7bc4886b49e447ae649731b97859fb291dd95ad6a874357bb40beb5ff29ace112e7023dfeb8c6b0e742f4ea4dbd8cb2626ccc050c6c05110f7f15c0d7da06a9bfcf9e4a58e9027c80e8769f15d58b6accc6ce4665487444547b2b0d2667eb2bd01700"/177, @ANYRES32, @ANYBLOB="00000000031201002c0012800b00010062726964676500001c00"], 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000180)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6}, @exit]}, &(0x7f0000000200)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0xfff9, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x1ff}, @TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xf01d}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40085}, 0x1)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r9 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r9, 0xc1004110, &(0x7f0000000000)={0x0, [0x5, 0xffff133a, 0x1], [{0x40, 0xffffffff, 0x0, 0x1}, {0xa96, 0x35}, {0x0, 0x8}, {0xffffffff}, {0x0, 0x800}, {}, {}, {}, {}, {0xff}, {0x400}, {0x0, 0x4}], 0xa})
openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2c, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x2c}}, 0xc0c4)

843.887µs ago: executing program 5 (id=3981):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000080)=@sr0, 0x0, 0x0)
socket$kcm(0x2, 0x0, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x7, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
preadv(r3, 0x0, 0x0, 0x3c, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
socket$kcm(0x29, 0x7, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
unshare(0x42000000)
r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, 0xffffffffffffffff, 0x0)
r6 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r6, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x4}, 0x68)
chdir(&(0x7f0000000540)='./file0\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
fcntl$lock(r4, 0x26, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000640)="14654cbc84084af6efdf05", 0xb}], 0x1)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r7 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x44)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r7, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(r8, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xffffffffffffff20, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="10002bbd70000000002510000000"], 0xc}}, 0xc114)

0s ago: executing program 0 (id=3982):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4c, 0x0, 0x100c3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0xffffa888}, 0x0) (async)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r1)
sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f0000000280)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0xc4, r2, 0x0, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x60, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x20}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x9}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x36}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x4}}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2f}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x17, 0x4}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}]}, 0xc4}}, 0x4010)

kernel console output (not intermixed with test programs):

er_alloc+0x10/0x10
[  388.403785][T16754]  ? find_held_lock+0x2b/0x80
[  388.403798][T16754]  ? tun_get+0x191/0x370
[  388.403811][T16754]  tun_chr_write_iter+0xdc/0x210
[  388.403830][T16754]  vfs_write+0x5ba/0x1180
[  388.403839][T16754]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  388.403854][T16754]  ? __pfx_vfs_write+0x10/0x10
[  388.403861][T16754]  ? find_held_lock+0x2b/0x80
[  388.403882][T16754]  ksys_write+0x12a/0x240
[  388.403890][T16754]  ? __pfx_ksys_write+0x10/0x10
[  388.403899][T16754]  ? rcu_is_watching+0x12/0xc0
[  388.403915][T16754]  do_syscall_64+0xcd/0x260
[  388.403927][T16754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.403938][T16754] RIP: 0033:0x7f6813f8d169
[  388.403947][T16754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.403957][T16754] RSP: 002b:00007f6814eab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  388.403967][T16754] RAX: ffffffffffffffda RBX: 00007f68141a5fa0 RCX: 00007f6813f8d169
[  388.403973][T16754] RDX: 000000000000fdef RSI: 0000200000000240 RDI: 0000000000000003
[  388.403979][T16754] RBP: 00007f6814eab090 R08: 0000000000000000 R09: 0000000000000000
[  388.403985][T16754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.403990][T16754] R13: 0000000000000000 R14: 00007f68141a5fa0 R15: 00007ffd3e1d17d8
[  388.404012][T16754]  </TASK>
[  388.471827][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.580915][T16764] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3723'.
[  388.583731][T16764] netlink: 'syz.2.3723': attribute type 2 has an invalid length.
[  388.585854][T16764] netlink: 248 bytes leftover after parsing attributes in process `syz.2.3723'.
[  388.613609][T16769] kernel read not supported for file /eth0 (pid: 16769 comm: syz.2.3724)
[  388.613919][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  388.613928][   T40] audit: type=1400 audit(388.502:63052): avc:  denied  { execmem } for  pid=16767 comm="syz.2.3724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  388.626874][   T40] audit: type=1400 audit(388.502:63053): avc:  denied  { write } for  pid=16768 comm="syz.5.3725" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  388.634746][   T40] audit: type=1800 audit(388.502:63054): pid=16769 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.3724" name="eth0" dev="mqueue" ino=99671 res=0 errno=0
[  388.953547][T16801] FAULT_INJECTION: forcing a failure.
[  388.953547][T16801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.958198][T16801] CPU: 1 UID: 0 PID: 16801 Comm: syz.4.3738 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  388.958218][T16801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  388.958228][T16801] Call Trace:
[  388.958235][T16801]  <TASK>
[  388.958241][T16801]  dump_stack_lvl+0x16c/0x1f0
[  388.958263][T16801]  should_fail_ex+0x512/0x640
[  388.958282][T16801]  _copy_from_user+0x2e/0xd0
[  388.958301][T16801]  iommufd_fops_ioctl+0x2e7/0x4e0
[  388.958320][T16801]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  388.958338][T16801]  ? hook_file_ioctl_common+0x145/0x410
[  388.958368][T16801]  ? selinux_file_ioctl+0x180/0x270
[  388.958394][T16801]  ? selinux_file_ioctl+0xb4/0x270
[  388.958417][T16801]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  388.958433][T16801]  __x64_sys_ioctl+0x190/0x200
[  388.958457][T16801]  do_syscall_64+0xcd/0x260
[  388.958478][T16801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.958494][T16801] RIP: 0033:0x7f9235f8d169
[  388.958508][T16801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.958522][T16801] RSP: 002b:00007f9236e29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  388.958537][T16801] RAX: ffffffffffffffda RBX: 00007f92361a5fa0 RCX: 00007f9235f8d169
[  388.958547][T16801] RDX: 0000200000000200 RSI: 0000000000003ba0 RDI: 0000000000000003
[  388.958556][T16801] RBP: 00007f9236e29090 R08: 0000000000000000 R09: 0000000000000000
[  388.958566][T16801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.958573][T16801] R13: 0000000000000000 R14: 00007f92361a5fa0 R15: 00007ffe9dd7da08
[  388.958594][T16801]  </TASK>
[  389.125528][T16817] FAULT_INJECTION: forcing a failure.
[  389.125528][T16817] name failslab, interval 1, probability 0, space 0, times 0
[  389.128983][T16817] CPU: 0 UID: 0 PID: 16817 Comm: syz.4.3744 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  389.128996][T16817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  389.129003][T16817] Call Trace:
[  389.129007][T16817]  <TASK>
[  389.129011][T16817]  dump_stack_lvl+0x16c/0x1f0
[  389.129026][T16817]  should_fail_ex+0x512/0x640
[  389.129037][T16817]  ? fs_reclaim_acquire+0xae/0x150
[  389.129053][T16817]  ? tomoyo_encode2+0x100/0x3e0
[  389.129066][T16817]  should_failslab+0xc2/0x120
[  389.129079][T16817]  __kmalloc_noprof+0xd2/0x510
[  389.129093][T16817]  tomoyo_encode2+0x100/0x3e0
[  389.129108][T16817]  tomoyo_encode+0x29/0x50
[  389.129133][T16817]  tomoyo_realpath_from_path+0x18f/0x6e0
[  389.129148][T16817]  ? tomoyo_profile+0x47/0x60
[  389.129164][T16817]  tomoyo_path_number_perm+0x245/0x580
[  389.129176][T16817]  ? tomoyo_path_number_perm+0x237/0x580
[  389.129188][T16817]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  389.129201][T16817]  ? find_held_lock+0x2b/0x80
[  389.129226][T16817]  ? find_held_lock+0x2b/0x80
[  389.129238][T16817]  ? hook_file_ioctl_common+0x145/0x410
[  389.129257][T16817]  ? __fget_files+0x20e/0x3c0
[  389.129269][T16817]  security_file_ioctl+0x9b/0x240
[  389.129284][T16817]  __x64_sys_ioctl+0xb7/0x200
[  389.129300][T16817]  do_syscall_64+0xcd/0x260
[  389.129313][T16817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.129324][T16817] RIP: 0033:0x7f9235f8d169
[  389.129332][T16817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.129342][T16817] RSP: 002b:00007f9236e29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  389.129352][T16817] RAX: ffffffffffffffda RBX: 00007f92361a5fa0 RCX: 00007f9235f8d169
[  389.129358][T16817] RDX: 0000200000000300 RSI: 000000004008ae6a RDI: 0000000000000004
[  389.129364][T16817] RBP: 00007f9236e29090 R08: 0000000000000000 R09: 0000000000000000
[  389.129374][T16817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.129380][T16817] R13: 0000000000000000 R14: 00007f92361a5fa0 R15: 00007ffe9dd7da08
[  389.129392][T16817]  </TASK>
[  389.129444][T16817] ERROR: Out of memory at tomoyo_realpath_from_path.
[  389.312738][ T9097] net_ratelimit: 7 callbacks suppressed
[  389.312748][ T9097] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.381806][T16836] tmpfs: Bad value for 'mpol'
[  389.431054][ T5983] usb 7-1: new full-speed USB device number 36 using dummy_hcd
[  389.472294][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.523489][T16833] FAULT_INJECTION: forcing a failure.
[  389.523489][T16833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.528410][T16833] CPU: 3 UID: 0 PID: 16833 Comm: syz.4.3750 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  389.528433][T16833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  389.528444][T16833] Call Trace:
[  389.528450][T16833]  <TASK>
[  389.528458][T16833]  dump_stack_lvl+0x16c/0x1f0
[  389.528483][T16833]  should_fail_ex+0x512/0x640
[  389.528504][T16833]  copy_fpstate_to_sigframe+0x878/0xb10
[  389.528526][T16833]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  389.528550][T16833]  ? collect_signal+0x263/0x540
[  389.528572][T16833]  get_sigframe+0x4a8/0x9c0
[  389.528599][T16833]  ? __pfx_get_sigframe+0x10/0x10
[  389.528625][T16833]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.528641][T16833]  ? siginfo_layout+0x177/0x290
[  389.528666][T16833]  x64_setup_rt_frame+0x12e/0xcf0
[  389.528697][T16833]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  389.528728][T16833]  arch_do_signal_or_restart+0x5e6/0x7d0
[  389.528755][T16833]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  389.528787][T16833]  ? __pfx_do_writev+0x10/0x10
[  389.528812][T16833]  ? rcu_is_watching+0x12/0xc0
[  389.528838][T16833]  syscall_exit_to_user_mode+0x150/0x2a0
[  389.528859][T16833]  do_syscall_64+0xda/0x260
[  389.528881][T16833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.528898][T16833] RIP: 0033:0x7f9235f8d169
[  389.528912][T16833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.528928][T16833] RSP: 002b:00007f9236e29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  389.528945][T16833] RAX: fffffffffffffffc RBX: 00007f92361a5fa0 RCX: 00007f9235f8d169
[  389.528955][T16833] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 000000000000000c
[  389.528965][T16833] RBP: 00007f9236e29090 R08: 0000000000000000 R09: 0000000000000000
[  389.528974][T16833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.528984][T16833] R13: 0000000000000000 R14: 00007f92361a5fa0 R15: 00007ffe9dd7da08
[  389.529007][T16833]  </TASK>
[  389.613182][ T5983] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  389.617080][ T5983] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  389.624620][ T5983] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  389.628041][ T5983] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.631187][ T5983] usb 7-1: Product: syz
[  389.632821][ T5983] usb 7-1: Manufacturer: syz
[  389.634601][ T5983] usb 7-1: SerialNumber: syz
[  389.644477][ T5983] usb 7-1: selecting invalid altsetting 1
[  389.681135][ T1474] usb 5-1: new full-speed USB device number 47 using dummy_hcd
[  389.701897][T16851] FAULT_INJECTION: forcing a failure.
[  389.701897][T16851] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.706930][T16851] CPU: 2 UID: 0 PID: 16851 Comm: syz.4.3755 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  389.706953][T16851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  389.706964][T16851] Call Trace:
[  389.706971][T16851]  <TASK>
[  389.706992][T16851]  dump_stack_lvl+0x16c/0x1f0
[  389.707017][T16851]  should_fail_ex+0x512/0x640
[  389.707037][T16851]  _copy_to_user+0x32/0xd0
[  389.707058][T16851]  simple_read_from_buffer+0xcb/0x170
[  389.707087][T16851]  proc_fail_nth_read+0x197/0x270
[  389.707113][T16851]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  389.707138][T16851]  ? rw_verify_area+0xcf/0x680
[  389.707158][T16851]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  389.707182][T16851]  vfs_read+0x1de/0xc70
[  389.707211][T16851]  ? __pfx___mutex_lock+0x10/0x10
[  389.707231][T16851]  ? __pfx_vfs_read+0x10/0x10
[  389.707263][T16851]  ? __fget_files+0x20e/0x3c0
[  389.707287][T16851]  ksys_read+0x12a/0x240
[  389.707321][T16851]  ? __pfx_ksys_read+0x10/0x10
[  389.707345][T16851]  do_syscall_64+0xcd/0x260
[  389.707366][T16851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.707382][T16851] RIP: 0033:0x7f9235f8bb7c
[  389.707396][T16851] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  389.707418][T16851] RSP: 002b:00007f9236e29030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  389.707435][T16851] RAX: ffffffffffffffda RBX: 00007f92361a5fa0 RCX: 00007f9235f8bb7c
[  389.707446][T16851] RDX: 000000000000000f RSI: 00007f9236e290a0 RDI: 0000000000000005
[  389.707456][T16851] RBP: 00007f9236e29090 R08: 0000000000000000 R09: 0000000000000000
[  389.707467][T16851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.707476][T16851] R13: 0000000000000000 R14: 00007f92361a5fa0 R15: 00007ffe9dd7da08
[  389.707500][T16851]  </TASK>
[  389.835761][T16855] befs: (nullb0): No write support. Marking filesystem read-only
[  389.838567][T16855] befs: (nullb0): invalid magic header
[  389.862227][ T1474] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  389.865042][ T1474] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  389.869892][ T1474] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  389.872559][ T1474] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.874685][ T1474] usb 5-1: Product: syz
[  389.875897][ T1474] usb 5-1: Manufacturer: syz
[  389.877199][ T1474] usb 5-1: SerialNumber: syz
[  389.884670][ T1474] usb 5-1: selecting invalid altsetting 1
[  389.982559][T16871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.984743][T16871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.986806][T16871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.989334][T16871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.992074][T16871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.994094][T16871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.997431][T16871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.999891][T16871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  390.004472][T16873] sctp: [Deprecated]: syz.4.3765 (pid 16873) Use of int in maxseg socket option.
[  390.004472][T16873] Use struct sctp_assoc_value instead
[  390.047339][ T5983] cdc_ncm 7-1:1.0: failed GET_NTB_PARAMETERS
[  390.049098][ T5983] cdc_ncm 7-1:1.0: bind() failure
[  390.054610][ T5983] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[  390.056917][ T5983] cdc_ncm 7-1:1.1: bind() failure
[  390.067540][   T40] audit: type=1400 audit(389.952:63055): avc:  denied  { execute } for  pid=16881 comm="syz.4.3768" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=99922 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  390.285476][ T1474] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS
[  390.287231][ T1474] cdc_ncm 5-1:1.0: bind() failure
[  390.290678][ T1474] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  390.293089][ T1474] cdc_ncm 5-1:1.1: bind() failure
[  390.702929][   T40] audit: type=1400 audit(390.592:63056): avc:  denied  { setopt } for  pid=16889 comm="syz.4.3770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  390.814752][   T40] audit: type=1400 audit(390.702:63057): avc:  denied  { create } for  pid=16818 comm="syz.2.3745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  390.821336][   T40] audit: type=1400 audit(390.702:63058): avc:  denied  { accept } for  pid=16818 comm="syz.2.3745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  390.874098][   T40] audit: type=1400 audit(390.762:63059): avc:  denied  { ioctl } for  pid=16818 comm="syz.2.3745" path="socket:[101662]" dev="sockfs" ino=101662 ioctlcmd=0x8990 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  391.380531][T16895] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  391.528357][T16905] FAULT_INJECTION: forcing a failure.
[  391.528357][T16905] name failslab, interval 1, probability 0, space 0, times 0
[  391.531994][T16905] CPU: 2 UID: 0 PID: 16905 Comm: syz.5.3774 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  391.532009][T16905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  391.532015][T16905] Call Trace:
[  391.532020][T16905]  <TASK>
[  391.532024][T16905]  dump_stack_lvl+0x16c/0x1f0
[  391.532039][T16905]  should_fail_ex+0x512/0x640
[  391.532050][T16905]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  391.532068][T16905]  should_failslab+0xc2/0x120
[  391.532080][T16905]  __kmalloc_cache_noprof+0x6a/0x3e0
[  391.532095][T16905]  ? __pfx___might_resched+0x10/0x10
[  391.532111][T16905]  ? vhost_task_create+0xe5/0x2e0
[  391.532122][T16905]  ? rcu_is_watching+0x12/0xc0
[  391.532135][T16905]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  391.532148][T16905]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  391.532163][T16905]  vhost_task_create+0xe5/0x2e0
[  391.532185][T16905]  ? __pfx_vhost_task_create+0x10/0x10
[  391.532198][T16905]  ? register_lock_class+0x41/0x4c0
[  391.532211][T16905]  ? __pfx_vhost_task_fn+0x10/0x10
[  391.532223][T16905]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  391.532236][T16905]  kvm_mmu_post_init_vm+0x1b7/0x370
[  391.532248][T16905]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  391.532264][T16905]  ? kvm_vcpu_ioctl+0x14c2/0x1680
[  391.532276][T16905]  kvm_vcpu_ioctl+0x5e9/0x1680
[  391.532286][T16905]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  391.532300][T16905]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  391.532316][T16905]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  391.532336][T16905]  ? hook_file_ioctl_common+0x145/0x410
[  391.532355][T16905]  ? selinux_file_ioctl+0x180/0x270
[  391.532374][T16905]  ? selinux_file_ioctl+0xb4/0x270
[  391.532389][T16905]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  391.532399][T16905]  __x64_sys_ioctl+0x190/0x200
[  391.532414][T16905]  do_syscall_64+0xcd/0x260
[  391.532428][T16905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.532438][T16905] RIP: 0033:0x7fc85e58d169
[  391.532447][T16905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.532457][T16905] RSP: 002b:00007fc85f3c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  391.532467][T16905] RAX: ffffffffffffffda RBX: 00007fc85e7a5fa0 RCX: 00007fc85e58d169
[  391.532473][T16905] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  391.532479][T16905] RBP: 00007fc85f3c3090 R08: 0000000000000000 R09: 0000000000000000
[  391.532484][T16905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.532490][T16905] R13: 0000000000000000 R14: 00007fc85e7a5fa0 R15: 00007ffdc1a2d238
[  391.532503][T16905]  </TASK>
[  391.767300][T16922] FAULT_INJECTION: forcing a failure.
[  391.767300][T16922] name failslab, interval 1, probability 0, space 0, times 0
[  391.770765][T16922] CPU: 3 UID: 0 PID: 16922 Comm: syz.4.3782 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  391.770778][T16922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  391.770785][T16922] Call Trace:
[  391.770789][T16922]  <TASK>
[  391.770793][T16922]  dump_stack_lvl+0x16c/0x1f0
[  391.770809][T16922]  should_fail_ex+0x512/0x640
[  391.770822][T16922]  ? io_cqring_event_overflow+0xcb/0x6f0
[  391.770832][T16922]  should_failslab+0xc2/0x120
[  391.770844][T16922]  __kmalloc_noprof+0xd2/0x510
[  391.770854][T16922]  ? __pfx_do_epoll_ctl+0x10/0x10
[  391.770873][T16922]  io_cqring_event_overflow+0xcb/0x6f0
[  391.770885][T16922]  io_req_cqe_overflow+0x101/0x1e0
[  391.770896][T16922]  __io_submit_flush_completions+0x94a/0x1750
[  391.770914][T16922]  io_submit_sqes+0x9e2/0x25d0
[  391.770935][T16922]  __do_sys_io_uring_enter+0xd6a/0x1630
[  391.770952][T16922]  ? __fget_files+0x20e/0x3c0
[  391.770972][T16922]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  391.770990][T16922]  ? fput+0x70/0xf0
[  391.771002][T16922]  ? ksys_write+0x1b9/0x240
[  391.771011][T16922]  ? __pfx_ksys_write+0x10/0x10
[  391.771019][T16922]  ? rcu_is_watching+0x12/0xc0
[  391.771036][T16922]  do_syscall_64+0xcd/0x260
[  391.771049][T16922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.771060][T16922] RIP: 0033:0x7f9235f8d169
[  391.771069][T16922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.771079][T16922] RSP: 002b:00007f9236e29038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  391.771089][T16922] RAX: ffffffffffffffda RBX: 00007f92361a5fa0 RCX: 00007f9235f8d169
[  391.771095][T16922] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000003
[  391.771101][T16922] RBP: 00007f9236e29090 R08: 0000000000000000 R09: 0000000000000000
[  391.771106][T16922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.771112][T16922] R13: 0000000000000000 R14: 00007f92361a5fa0 R15: 00007ffe9dd7da08
[  391.771124][T16922]  </TASK>
[  391.841654][T16923] FAULT_INJECTION: forcing a failure.
[  391.841654][T16923] name failslab, interval 1, probability 0, space 0, times 0
[  391.845568][T16923] CPU: 1 UID: 0 PID: 16923 Comm: syz.5.3783 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  391.845591][T16923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  391.845602][T16923] Call Trace:
[  391.845608][T16923]  <TASK>
[  391.845615][T16923]  dump_stack_lvl+0x16c/0x1f0
[  391.845639][T16923]  should_fail_ex+0x512/0x640
[  391.845655][T16923]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  391.845684][T16923]  should_failslab+0xc2/0x120
[  391.845703][T16923]  __kmalloc_cache_noprof+0x6a/0x3e0
[  391.845728][T16923]  ? __pfx___might_resched+0x10/0x10
[  391.845751][T16923]  ? vhost_task_create+0xe5/0x2e0
[  391.845768][T16923]  ? rcu_is_watching+0x12/0xc0
[  391.845788][T16923]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  391.845809][T16923]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  391.845834][T16923]  vhost_task_create+0xe5/0x2e0
[  391.845852][T16923]  ? __pfx_vhost_task_create+0x10/0x10
[  391.845871][T16923]  ? register_lock_class+0x41/0x4c0
[  391.845894][T16923]  ? __pfx_vhost_task_fn+0x10/0x10
[  391.845914][T16923]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  391.845939][T16923]  kvm_mmu_post_init_vm+0x1b7/0x370
[  391.845958][T16923]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  391.845985][T16923]  ? kvm_vcpu_ioctl+0x14c2/0x1680
[  391.846006][T16923]  kvm_vcpu_ioctl+0x5e9/0x1680
[  391.846026][T16923]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  391.846054][T16923]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  391.846083][T16923]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  391.846117][T16923]  ? hook_file_ioctl_common+0x145/0x410
[  391.846152][T16923]  ? selinux_file_ioctl+0x180/0x270
[  391.846175][T16923]  ? selinux_file_ioctl+0xb4/0x270
[  391.846200][T16923]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  391.846218][T16923]  __x64_sys_ioctl+0x190/0x200
[  391.846245][T16923]  do_syscall_64+0xcd/0x260
[  391.846267][T16923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.846284][T16923] RIP: 0033:0x7fc85e58d169
[  391.846297][T16923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.846313][T16923] RSP: 002b:00007fc85f3c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  391.846329][T16923] RAX: ffffffffffffffda RBX: 00007fc85e7a5fa0 RCX: 00007fc85e58d169
[  391.846340][T16923] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  391.846350][T16923] RBP: 00007fc85f3c3090 R08: 0000000000000000 R09: 0000000000000000
[  391.846360][T16923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.846369][T16923] R13: 0000000000000000 R14: 00007fc85e7a5fa0 R15: 00007ffdc1a2d238
[  391.846392][T16923]  </TASK>
[  391.859539][T16927] netlink: 'syz.4.3784': attribute type 16 has an invalid length.
[  392.351389][ T9097] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[  392.405014][ T1460] usb 7-1: USB disconnect, device number 36
[  392.440800][ T1334] usb 5-1: USB disconnect, device number 47
[  392.469740][   T40] audit: type=1400 audit(392.352:63060): avc:  denied  { view } for  pid=16969 comm="syz.0.3787" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  392.501789][ T9097] usb 10-1: Using ep0 maxpacket: 8
[  392.506997][ T9097] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[  392.510443][ T9097] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[  392.513295][ T9097] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[  392.515864][ T9097] usb 10-1: config 250 has no interface number 0
[  392.517681][ T9097] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  392.520917][ T9097] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  392.525241][ T9097] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.528971][ T9097] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  392.531924][ T9097] usb 10-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  392.535653][ T9097] usb 10-1: config 250 interface 228 has no altsetting 0
[  392.538996][ T9097] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  392.542208][ T9097] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  392.544612][ T9097] usb 10-1: Product: syz
[  392.545853][ T9097] usb 10-1: SerialNumber: syz
[  392.551992][ T9097] hub 10-1:250.228: bad descriptor, ignoring hub
[  392.553976][ T9097] hub 10-1:250.228: probe with driver hub failed with error -5
[  392.750892][ T9097] usblp 10-1:250.228: usblp0: USB Bidirectional printer dev 27 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  392.751253][ T1460] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  392.911284][ T1460] usb 7-1: Using ep0 maxpacket: 8
[  392.914840][T17003] lo speed is unknown, defaulting to 1000
[  392.923969][ T1460] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[  392.926939][ T1460] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[  392.929923][ T1460] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[  392.933471][ T1460] usb 7-1: config 250 has no interface number 0
[  392.935725][ T1460] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  392.939770][ T1460] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  392.943874][ T1460] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.947467][ T1460] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  392.951620][T16944] FAULT_INJECTION: forcing a failure.
[  392.951620][T16944] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.951898][ T1460] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  392.955329][T16944] CPU: 3 UID: 0 PID: 16944 Comm: syz.5.3785 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  392.955345][T16944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  392.955351][T16944] Call Trace:
[  392.955355][T16944]  <TASK>
[  392.955359][T16944]  dump_stack_lvl+0x16c/0x1f0
[  392.955375][T16944]  should_fail_ex+0x512/0x640
[  392.955388][T16944]  strncpy_from_user+0x3b/0x2e0
[  392.955405][T16944]  getname_flags.part.0+0x8b/0x540
[  392.955420][T16944]  getname_flags+0x93/0xf0
[  392.955436][T16944]  do_sys_openat2+0xb8/0x1d0
[  392.955449][T16944]  ? __pfx_do_sys_openat2+0x10/0x10
[  392.955462][T16944]  ? __fget_files+0x20e/0x3c0
[  392.955475][T16944]  __x64_sys_openat+0x174/0x210
[  392.955488][T16944]  ? __pfx___x64_sys_openat+0x10/0x10
[  392.955500][T16944]  ? ksys_write+0x1b9/0x240
[  392.955509][T16944]  ? rcu_is_watching+0x12/0xc0
[  392.955526][T16944]  do_syscall_64+0xcd/0x260
[  392.955538][T16944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.955549][T16944] RIP: 0033:0x7fc85e58bad0
[  392.955558][T16944] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  392.955567][T16944] RSP: 002b:00007fc85f3c2b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  392.955577][T16944] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc85e58bad0
[  392.955584][T16944] RDX: 0000000000000002 RSI: 00007fc85f3c2c10 RDI: 00000000ffffff9c
[  392.955589][T16944] RBP: 00007fc85f3c2c10 R08: 0000000000000000 R09: 00007fc85f3c2987
[  392.955595][T16944] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  392.955601][T16944] R13: 0000000000000000 R14: 00007fc85e7a5fa0 R15: 00007ffdc1a2d238
[  392.955613][T16944]  </TASK>
[  393.019137][ T1460] usb 7-1: config 250 interface 228 has no altsetting 0
[  393.022780][ T1460] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  393.025243][ T1460] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  393.027505][ T1460] usb 7-1: Product: syz
[  393.028669][ T1460] usb 7-1: SerialNumber: syz
[  393.035903][ T1460] hub 7-1:250.228: bad descriptor, ignoring hub
[  393.037693][ T1460] hub 7-1:250.228: probe with driver hub failed with error -5
[  393.072300][ T1334] usb 10-1: USB disconnect, device number 27
[  393.081330][ T1334] usblp0: removed
[  393.239647][ T1460] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 37 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  393.398201][   T40] audit: type=1400 audit(393.282:63061): avc:  denied  { bind } for  pid=17024 comm="syz.0.3802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  393.707005][T17029] SELinux: syz.5.3803 (17029) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  394.064439][T17044] __nla_validate_parse: 8 callbacks suppressed
[  394.064449][T17044] netlink: 204 bytes leftover after parsing attributes in process `syz.5.3809'.
[  394.084288][T17046] FAULT_INJECTION: forcing a failure.
[  394.084288][T17046] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  394.088077][T17046] CPU: 3 UID: 0 PID: 17046 Comm: syz.4.3808 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  394.088096][T17046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  394.088105][T17046] Call Trace:
[  394.088117][T17046]  <TASK>
[  394.088125][T17046]  dump_stack_lvl+0x16c/0x1f0
[  394.088148][T17046]  should_fail_ex+0x512/0x640
[  394.088167][T17046]  _copy_to_user+0x32/0xd0
[  394.088187][T17046]  simple_read_from_buffer+0xcb/0x170
[  394.088212][T17046]  proc_fail_nth_read+0x197/0x270
[  394.088231][T17046]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  394.088247][T17046]  ? rw_verify_area+0xcf/0x680
[  394.088261][T17046]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  394.088281][T17046]  vfs_read+0x1de/0xc70
[  394.088306][T17046]  ? __pfx___mutex_lock+0x10/0x10
[  394.088323][T17046]  ? __pfx_vfs_read+0x10/0x10
[  394.088350][T17046]  ? __fget_files+0x20e/0x3c0
[  394.088373][T17046]  ksys_read+0x12a/0x240
[  394.088386][T17046]  ? __pfx_ksys_read+0x10/0x10
[  394.088405][T17046]  do_syscall_64+0xcd/0x260
[  394.088418][T17046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.088429][T17046] RIP: 0033:0x7f9235f8bb7c
[  394.088443][T17046] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  394.088457][T17046] RSP: 002b:00007f9236e29030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  394.088472][T17046] RAX: ffffffffffffffda RBX: 00007f92361a5fa0 RCX: 00007f9235f8bb7c
[  394.088482][T17046] RDX: 000000000000000f RSI: 00007f9236e290a0 RDI: 0000000000000004
[  394.088490][T17046] RBP: 00007f9236e29090 R08: 0000000000000000 R09: 0000000000000000
[  394.088499][T17046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  394.088508][T17046] R13: 0000000000000000 R14: 00007f92361a5fa0 R15: 00007ffe9dd7da08
[  394.088530][T17046]  </TASK>
[  394.097766][T17048] netlink: 'syz.5.3810': attribute type 10 has an invalid length.
[  394.159991][T17049] FAULT_INJECTION: forcing a failure.
[  394.159991][T17049] name failslab, interval 1, probability 0, space 0, times 0
[  394.161033][T17048] bridge0: port 3(syz_tun) entered disabled state
[  394.167723][T17048] syz_tun: left allmulticast mode
[  394.169250][T17048] bridge0: port 3(syz_tun) entered disabled state
[  394.169581][T17049] CPU: 0 UID: 0 PID: 17049 Comm: syz.5.3810 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  394.169596][T17049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  394.169603][T17049] Call Trace:
[  394.169607][T17049]  <TASK>
[  394.169612][T17049]  dump_stack_lvl+0x16c/0x1f0
[  394.169628][T17049]  should_fail_ex+0x512/0x640
[  394.169639][T17049]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  394.169651][T17049]  should_failslab+0xc2/0x120
[  394.169663][T17049]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  394.169674][T17049]  ? __alloc_skb+0x2b2/0x380
[  394.169686][T17049]  __alloc_skb+0x2b2/0x380
[  394.169697][T17049]  ? __pfx___alloc_skb+0x10/0x10
[  394.169706][T17049]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  394.169719][T17049]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  394.169735][T17049]  netlink_alloc_large_skb+0x69/0x130
[  394.169749][T17049]  netlink_sendmsg+0x6a1/0xdd0
[  394.169763][T17049]  ? __pfx_netlink_sendmsg+0x10/0x10
[  394.169780][T17049]  __sys_sendto+0x495/0x510
[  394.169791][T17049]  ? __pfx___sys_sendto+0x10/0x10
[  394.169805][T17049]  ? count_memcg_events_mm.constprop.0+0x138/0x340
[  394.169827][T17049]  __x64_sys_sendto+0xe0/0x1c0
[  394.169836][T17049]  ? do_syscall_64+0x91/0x260
[  394.169848][T17049]  ? lockdep_hardirqs_on+0x7c/0x110
[  394.169859][T17049]  do_syscall_64+0xcd/0x260
[  394.169871][T17049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.169882][T17049] RIP: 0033:0x7fc85e58effc
[  394.169891][T17049] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  394.169901][T17049] RSP: 002b:00007fc85f3a0ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  394.169911][T17049] RAX: ffffffffffffffda RBX: 00007fc85f3a0fc0 RCX: 00007fc85e58effc
[  394.169917][T17049] RDX: 0000000000000024 RSI: 00007fc85f3a1010 RDI: 0000000000000003
[  394.169923][T17049] RBP: 0000000000000000 R08: 00007fc85f3a0f14 R09: 000000000000000c
[  394.169929][T17049] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  394.169935][T17049] R13: 00007fc85f3a0f68 R14: 00007fc85f3a1010 R15: 0000000000000000
[  394.169947][T17049]  </TASK>
[  394.245366][T17048] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  394.314763][ T5991] usb 7-1: USB disconnect, device number 37
[  394.324511][ T5991] usblp0: removed
[  394.338985][T17057] FAULT_INJECTION: forcing a failure.
[  394.338985][T17057] name failslab, interval 1, probability 0, space 0, times 0
[  394.345380][T17057] CPU: 2 UID: 0 PID: 17057 Comm: syz.5.3814 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  394.345403][T17057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  394.345413][T17057] Call Trace:
[  394.345418][T17057]  <TASK>
[  394.345425][T17057]  dump_stack_lvl+0x16c/0x1f0
[  394.345449][T17057]  should_fail_ex+0x512/0x640
[  394.345464][T17057]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  394.345492][T17057]  should_failslab+0xc2/0x120
[  394.345511][T17057]  __kmalloc_cache_noprof+0x6a/0x3e0
[  394.345535][T17057]  ? __pfx___might_resched+0x10/0x10
[  394.345555][T17057]  ? vhost_task_create+0xe5/0x2e0
[  394.345573][T17057]  ? rcu_is_watching+0x12/0xc0
[  394.345591][T17057]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  394.345618][T17057]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  394.345641][T17057]  vhost_task_create+0xe5/0x2e0
[  394.345659][T17057]  ? __pfx_vhost_task_create+0x10/0x10
[  394.345678][T17057]  ? register_lock_class+0x41/0x4c0
[  394.345703][T17057]  ? __pfx_vhost_task_fn+0x10/0x10
[  394.345724][T17057]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  394.345748][T17057]  kvm_mmu_post_init_vm+0x1b7/0x370
[  394.345769][T17057]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  394.345795][T17057]  ? kvm_vcpu_ioctl+0x14c2/0x1680
[  394.345817][T17057]  kvm_vcpu_ioctl+0x5e9/0x1680
[  394.345836][T17057]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  394.345861][T17057]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  394.345889][T17057]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  394.345923][T17057]  ? hook_file_ioctl_common+0x145/0x410
[  394.345957][T17057]  ? selinux_file_ioctl+0x180/0x270
[  394.345980][T17057]  ? selinux_file_ioctl+0xb4/0x270
[  394.346006][T17057]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  394.346028][T17057]  __x64_sys_ioctl+0x190/0x200
[  394.346054][T17057]  do_syscall_64+0xcd/0x260
[  394.346077][T17057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.346093][T17057] RIP: 0033:0x7fc85e58d169
[  394.346108][T17057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.346124][T17057] RSP: 002b:00007fc85f3c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  394.346140][T17057] RAX: ffffffffffffffda RBX: 00007fc85e7a5fa0 RCX: 00007fc85e58d169
[  394.346150][T17057] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  394.346160][T17057] RBP: 00007fc85f3c3090 R08: 0000000000000000 R09: 0000000000000000
[  394.346170][T17057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  394.346180][T17057] R13: 0000000000000000 R14: 00007fc85e7a5fa0 R15: 00007ffdc1a2d238
[  394.346204][T17057]  </TASK>
[  394.352019][   T40] audit: type=1400 audit(394.242:63062): avc:  denied  { watch_mount } for  pid=17059 comm="syz.0.3815" path="/265" dev="tmpfs" ino=1440 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  394.475776][T17066] Can't find a SQUASHFS superblock on nullb0
[  394.754752][ T1474] net_ratelimit: 96 callbacks suppressed
[  394.754768][ T1474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  394.907835][T17077] loop6: detected capacity change from 0 to 524287999
[  394.913521][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.917322][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.924190][   T12] loop: Write error at byte offset 1, length 4096.
[  394.926772][    C0] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  394.930359][    C0] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  394.971414][T17090] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3824'.
[  394.986956][T17085] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3820'.
[  395.286956][T17104] syzkaller1: entered promiscuous mode
[  395.288824][T17104] syzkaller1: entered allmulticast mode
[  395.331177][ T1334] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  395.391404][ T9097] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  395.491052][ T1334] usb 7-1: Using ep0 maxpacket: 8
[  395.494837][ T1334] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[  395.497995][ T1334] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[  395.501188][ T1334] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[  395.504490][ T1334] usb 7-1: config 250 has no interface number 0
[  395.506771][ T1334] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  395.510854][ T1334] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  395.514745][ T1334] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  395.518408][ T1334] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  395.522155][ T1334] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  395.526958][ T1334] usb 7-1: config 250 interface 228 has no altsetting 0
[  395.530821][ T1334] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  395.534200][ T1334] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  395.537238][ T1334] usb 7-1: Product: syz
[  395.538827][ T1334] usb 7-1: SerialNumber: syz
[  395.546386][ T1334] hub 7-1:250.228: bad descriptor, ignoring hub
[  395.548799][ T1334] hub 7-1:250.228: probe with driver hub failed with error -5
[  395.755730][T17095] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  395.758943][T17095] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  395.772996][ T1334] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 38 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  395.792153][ T1474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  396.014287][T17111] IPVS: length: 184 != 24
[  396.016080][T17113] netlink: 'syz.4.3834': attribute type 10 has an invalid length.
[  396.020415][T17113] syz_tun: entered promiscuous mode
[  396.031771][T17113] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  396.042143][T17113] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3834'.
[  396.174412][T17130] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3837'.
[  396.201405][ T9061] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  396.295853][T17138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  396.298267][T17138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  396.300722][T17138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  396.304544][T17137] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  396.307175][T17137] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  396.317222][T17140] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=22 sclass=netlink_tcpdiag_socket pid=17140 comm=syz.0.3842
[  396.335175][T17142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  396.337919][T17142] FAULT_INJECTION: forcing a failure.
[  396.337919][T17142] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.344064][T17142] CPU: 0 UID: 0 PID: 17142 Comm: syz.5.3843 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  396.344079][T17142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  396.344085][T17142] Call Trace:
[  396.344089][T17142]  <TASK>
[  396.344093][T17142]  dump_stack_lvl+0x16c/0x1f0
[  396.344110][T17142]  should_fail_ex+0x512/0x640
[  396.344123][T17142]  _copy_to_user+0x32/0xd0
[  396.344136][T17142]  simple_read_from_buffer+0xcb/0x170
[  396.344154][T17142]  proc_fail_nth_read+0x197/0x270
[  396.344171][T17142]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  396.344188][T17142]  ? rw_verify_area+0xcf/0x680
[  396.344202][T17142]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  396.344218][T17142]  vfs_read+0x1de/0xc70
[  396.344235][T17142]  ? __pfx___mutex_lock+0x10/0x10
[  396.344247][T17142]  ? __pfx_vfs_read+0x10/0x10
[  396.344265][T17142]  ? __fget_files+0x20e/0x3c0
[  396.344283][T17142]  ksys_read+0x12a/0x240
[  396.344291][T17142]  ? __pfx_ksys_read+0x10/0x10
[  396.344299][T17142]  ? rcu_is_watching+0x12/0xc0
[  396.344316][T17142]  do_syscall_64+0xcd/0x260
[  396.344329][T17142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.344340][T17142] RIP: 0033:0x7fc85e58bb7c
[  396.344349][T17142] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  396.344358][T17142] RSP: 002b:00007fc85f3c3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  396.344368][T17142] RAX: ffffffffffffffda RBX: 00007fc85e7a5fa0 RCX: 00007fc85e58bb7c
[  396.344374][T17142] RDX: 000000000000000f RSI: 00007fc85f3c30a0 RDI: 0000000000000004
[  396.344380][T17142] RBP: 00007fc85f3c3090 R08: 0000000000000000 R09: 0000000000000000
[  396.344385][T17142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.344391][T17142] R13: 0000000000000000 R14: 00007fc85e7a5fa0 R15: 00007ffdc1a2d238
[  396.344404][T17142]  </TASK>
[  396.350518][T17144] syzkaller1: entered promiscuous mode
[  396.406897][T17144] syzkaller1: entered allmulticast mode
[  396.457190][T17152] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3847'.
[  396.643630][T17162] syzkaller1: entered promiscuous mode
[  396.645649][T17162] syzkaller1: entered allmulticast mode
[  396.686908][T17167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  396.696242][T17167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.701922][T17167] macsec1: entered allmulticast mode
[  396.781073][T17173] FAULT_INJECTION: forcing a failure.
[  396.781073][T17173] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.786179][T17173] CPU: 0 UID: 0 PID: 17173 Comm: syz.4.3856 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  396.786203][T17173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  396.786214][T17173] Call Trace:
[  396.786221][T17173]  <TASK>
[  396.786228][T17173]  dump_stack_lvl+0x16c/0x1f0
[  396.786253][T17173]  should_fail_ex+0x512/0x640
[  396.786274][T17173]  _copy_from_user+0x2e/0xd0
[  396.786293][T17173]  restore_altstack+0x93/0x170
[  396.786312][T17173]  ? __pfx_restore_altstack+0x10/0x10
[  396.786328][T17173]  ? _raw_spin_unlock_irq+0x23/0x50
[  396.786351][T17173]  ? lockdep_hardirqs_on+0x7c/0x110
[  396.786368][T17173]  ? _raw_spin_unlock_irq+0x2e/0x50
[  396.786384][T17173]  ? set_current_blocked+0xdd/0x120
[  396.786405][T17173]  __do_sys_rt_sigreturn+0x13c/0x230
[  396.786431][T17173]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  396.786464][T17173]  do_syscall_64+0xcd/0x260
[  396.786487][T17173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.786504][T17173] RIP: 0033:0x7f9235f29359
[  396.786519][T17173] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  396.786535][T17173] RSP: 002b:00007f9236e28340 EFLAGS: 00000206 ORIG_RAX: 000000000000000f
[  396.786551][T17173] RAX: ffffffffffffffda RBX: 00007f92361a5fa0 RCX: 00007f9235f29359
[  396.786562][T17173] RDX: 00007f9236e28340 RSI: 00007f9236e28470 RDI: 0000000000000021
[  396.786572][T17173] RBP: 00007f9236e29090 R08: 0000000000000000 R09: 0000000000000000
[  396.786582][T17173] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  396.786591][T17173] R13: 0000000000000000 R14: 00007f92361a5fa0 R15: 00007ffe9dd7da08
[  396.786613][T17173]  </TASK>
[  396.831903][   T40] audit: type=1400 audit(396.692:63063): avc:  denied  { create } for  pid=17178 comm="syz.5.3859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  396.833730][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.839008][   T40] audit: type=1400 audit(396.692:63064): avc:  denied  { write } for  pid=17178 comm="syz.5.3859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  396.842647][ T5992] usb 7-1: USB disconnect, device number 38
[  396.842959][   T40] audit: type=1400 audit(396.692:63065): avc:  denied  { nlmsg_write } for  pid=17178 comm="syz.5.3859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  396.846685][ T5992] usblp0: removed
[  396.924605][T17190] FAULT_INJECTION: forcing a failure.
[  396.924605][T17190] name failslab, interval 1, probability 0, space 0, times 0
[  396.925281][T17183] FAULT_INJECTION: forcing a failure.
[  396.925281][T17183] name failslab, interval 1, probability 0, space 0, times 0
[  396.928183][T17190] CPU: 1 UID: 0 PID: 17190 Comm: syz.5.3863 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  396.928200][T17190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  396.928207][T17190] Call Trace:
[  396.928212][T17190]  <TASK>
[  396.928217][T17190]  dump_stack_lvl+0x16c/0x1f0
[  396.928233][T17190]  should_fail_ex+0x512/0x640
[  396.928243][T17190]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  396.928256][T17190]  should_failslab+0xc2/0x120
[  396.928268][T17190]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  396.928279][T17190]  ? __alloc_skb+0x2b2/0x380
[  396.928292][T17190]  __alloc_skb+0x2b2/0x380
[  396.928302][T17190]  ? __pfx___alloc_skb+0x10/0x10
[  396.928316][T17190]  alloc_skb_with_frags+0xe0/0x860
[  396.928329][T17190]  ? __might_fault+0xe3/0x190
[  396.928344][T17190]  ? __might_fault+0xe3/0x190
[  396.928356][T17190]  sock_alloc_send_pskb+0x7fb/0x990
[  396.928367][T17190]  ? _copy_from_iter+0x161/0x15b0
[  396.928381][T17190]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  396.928393][T17190]  ? _kstrtoull+0x145/0x200
[  396.928406][T17190]  ? __pfx__kstrtoull+0x10/0x10
[  396.928419][T17190]  ? iov_iter_advance+0x7d/0x6c0
[  396.928431][T17190]  tun_get_user+0x502/0x3b10
[  396.928450][T17190]  ? __pfx_tun_get_user+0x10/0x10
[  396.928462][T17190]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  396.928476][T17190]  ? find_held_lock+0x2b/0x80
[  396.928490][T17190]  ? tun_get+0x191/0x370
[  396.928504][T17190]  tun_chr_write_iter+0xdc/0x210
[  396.928517][T17190]  vfs_write+0x5ba/0x1180
[  396.928528][T17190]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  396.928541][T17190]  ? __pfx_vfs_write+0x10/0x10
[  396.928549][T17190]  ? find_held_lock+0x2b/0x80
[  396.928569][T17190]  ksys_write+0x12a/0x240
[  396.928578][T17190]  ? __pfx_ksys_write+0x10/0x10
[  396.928586][T17190]  ? rcu_is_watching+0x12/0xc0
[  396.928602][T17190]  do_syscall_64+0xcd/0x260
[  396.928616][T17190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.928627][T17190] RIP: 0033:0x7fc85e58d169
[  396.928637][T17190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.928647][T17190] RSP: 002b:00007fc85f3c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  396.928657][T17190] RAX: ffffffffffffffda RBX: 00007fc85e7a5fa0 RCX: 00007fc85e58d169
[  396.928664][T17190] RDX: 000000000000fdef RSI: 0000200000000240 RDI: 0000000000000003
[  396.928669][T17190] RBP: 00007fc85f3c3090 R08: 0000000000000000 R09: 0000000000000000
[  396.928675][T17190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.928681][T17190] R13: 0000000000000000 R14: 00007fc85e7a5fa0 R15: 00007ffdc1a2d238
[  396.928693][T17190]  </TASK>
[  396.949619][T17192] FAULT_INJECTION: forcing a failure.
[  396.949619][T17192] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.950213][T17183] CPU: 1 UID: 0 PID: 17183 Comm: syz.0.3860 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  396.950234][T17183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  396.950243][T17183] Call Trace:
[  396.950249][T17183]  <TASK>
[  396.950256][T17183]  dump_stack_lvl+0x16c/0x1f0
[  396.950276][T17183]  should_fail_ex+0x512/0x640
[  396.950293][T17183]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  396.950312][T17183]  should_failslab+0xc2/0x120
[  396.950329][T17183]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  396.950364][T17183]  ? alloc_empty_file+0x55/0x1e0
[  396.950386][T17183]  alloc_empty_file+0x55/0x1e0
[  396.950405][T17183]  path_openat+0xe0/0x2d40
[  396.950420][T17183]  ? arch_stack_walk+0xa6/0x100
[  396.950446][T17183]  ? __pfx_path_openat+0x10/0x10
[  396.950460][T17183]  ? stack_trace_save+0x8e/0xc0
[  396.950479][T17183]  ? __pfx_stack_trace_save+0x10/0x10
[  396.950498][T17183]  ? stack_depot_save_flags+0x28/0xa50
[  396.950517][T17183]  do_filp_open+0x20b/0x470
[  396.950533][T17183]  ? __pfx_do_filp_open+0x10/0x10
[  396.950546][T17183]  ? __kasan_slab_alloc+0x89/0x90
[  396.950560][T17183]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  396.950573][T17183]  ? getname_flags.part.0+0x48/0x540
[  396.950616][T17183]  do_open_execat+0xf9/0x450
[  396.950637][T17183]  ? __pfx_do_open_execat+0x10/0x10
[  396.950659][T17183]  ? __might_fault+0xe3/0x190
[  396.950673][T17183]  ? __might_fault+0x13b/0x190
[  396.950692][T17183]  alloc_bprm+0x2d/0xdd0
[  396.950713][T17183]  ? strncpy_from_user+0x203/0x2e0
[  396.950736][T17183]  do_execveat_common.isra.0+0x1ce/0x610
[  396.950763][T17183]  __x64_sys_execve+0x8e/0xb0
[  396.950777][T17183]  do_syscall_64+0xcd/0x260
[  396.950795][T17183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.950810][T17183] RIP: 0033:0x7f00df78d169
[  396.950825][T17183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.950839][T17183] RSP: 002b:00007f00e0575038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  396.950854][T17183] RAX: ffffffffffffffda RBX: 00007f00df9a5fa0 RCX: 00007f00df78d169
[  396.950864][T17183] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  396.950873][T17183] RBP: 00007f00e0575090 R08: 0000000000000000 R09: 0000000000000000
[  396.950882][T17183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.950890][T17183] R13: 0000000000000000 R14: 00007f00df9a5fa0 R15: 00007ffd2f694a18
[  396.950909][T17183]  </TASK>
[  397.097649][T17192] CPU: 3 UID: 0 PID: 17192 Comm: syz.4.3861 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  397.097674][T17192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  397.097684][T17192] Call Trace:
[  397.097691][T17192]  <TASK>
[  397.097698][T17192]  dump_stack_lvl+0x16c/0x1f0
[  397.097721][T17192]  should_fail_ex+0x512/0x640
[  397.097741][T17192]  _copy_from_user+0x2e/0xd0
[  397.097760][T17192]  get_user_ifreq+0xf1/0x250
[  397.097782][T17192]  inet_ioctl+0x37e/0x3f0
[  397.097805][T17192]  ? __pfx_inet_ioctl+0x10/0x10
[  397.097839][T17192]  ? tomoyo_path_number_perm+0x18d/0x580
[  397.097862][T17192]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  397.097882][T17192]  sock_do_ioctl+0x115/0x280
[  397.097905][T17192]  ? __pfx_sock_do_ioctl+0x10/0x10
[  397.097930][T17192]  ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450
[  397.097954][T17192]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  397.097979][T17192]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  397.098005][T17192]  sock_ioctl+0x227/0x6b0
[  397.098029][T17192]  ? __pfx_sock_ioctl+0x10/0x10
[  397.098048][T17192]  ? hook_file_ioctl_common+0x145/0x410
[  397.098078][T17192]  ? selinux_file_ioctl+0x180/0x270
[  397.098097][T17192]  ? selinux_file_ioctl+0xb4/0x270
[  397.098119][T17192]  ? __pfx_sock_ioctl+0x10/0x10
[  397.098142][T17192]  __x64_sys_ioctl+0x190/0x200
[  397.098166][T17192]  do_syscall_64+0xcd/0x260
[  397.098186][T17192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.098203][T17192] RIP: 0033:0x7f9235f8d169
[  397.098231][T17192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.098258][T17192] RSP: 002b:00007f9236e08038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  397.098274][T17192] RAX: ffffffffffffffda RBX: 00007f92361a6080 RCX: 00007f9235f8d169
[  397.098284][T17192] RDX: 0000200000000040 RSI: 0000000000008914 RDI: 0000000000000005
[  397.098293][T17192] RBP: 00007f9236e08090 R08: 0000000000000000 R09: 0000000000000000
[  397.098307][T17192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.098316][T17192] R13: 0000000000000001 R14: 00007f92361a6080 R15: 00007ffe9dd7da08
[  397.098339][T17192]  </TASK>
[  397.275722][   T40] audit: type=1401 audit(397.162:63066): op=setxattr invalid_context="system_u:object_r:crond_var_run_t:s0"
[  397.276203][T17197] program syz.5.3865 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  397.291470][T17199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  397.294475][T17199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.297767][T17199] macsec1: entered allmulticast mode
[  397.389907][   T40] audit: type=1400 audit(397.272:63067): avc:  denied  { connect } for  pid=17202 comm="syz.2.3868" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  397.397523][   T40] audit: type=1400 audit(397.272:63068): avc:  denied  { append } for  pid=17204 comm="syz.0.3869" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  397.469917][T17212] FAULT_INJECTION: forcing a failure.
[  397.469917][T17212] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  397.475541][T17212] CPU: 2 UID: 0 PID: 17212 Comm: syz.0.3871 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  397.475565][T17212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  397.475574][T17212] Call Trace:
[  397.475577][T17212]  <TASK>
[  397.475582][T17212]  dump_stack_lvl+0x16c/0x1f0
[  397.475602][T17212]  should_fail_ex+0x512/0x640
[  397.475621][T17212]  _copy_from_user+0x2e/0xd0
[  397.475638][T17212]  ? __pfx_do_get_msr+0x10/0x10
[  397.475656][T17212]  msr_io+0x93/0x2a0
[  397.475680][T17212]  ? __pfx_msr_io+0x10/0x10
[  397.475699][T17212]  ? arch_stack_walk+0xa6/0x100
[  397.475716][T17212]  kvm_arch_vcpu_ioctl+0x2cac/0x4f00
[  397.475730][T17212]  ? kvm_arch_vcpu_ioctl+0x2c88/0x4f00
[  397.475751][T17212]  ? stack_trace_save+0x8e/0xc0
[  397.475772][T17212]  ? stack_depot_save_flags+0x28/0xa50
[  397.475788][T17212]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  397.475806][T17212]  ? __lock_acquire+0xaa4/0x1ba0
[  397.475824][T17212]  ? kasan_save_stack+0x42/0x60
[  397.475837][T17212]  ? kasan_save_stack+0x33/0x60
[  397.475850][T17212]  ? kasan_save_track+0x14/0x30
[  397.475862][T17212]  ? kasan_save_free_info+0x3b/0x60
[  397.475882][T17212]  ? __kasan_slab_free+0x51/0x70
[  397.475893][T17212]  ? kfree+0x2b6/0x4d0
[  397.475907][T17212]  ? tomoyo_path_number_perm+0x470/0x580
[  397.475918][T17212]  ? security_file_ioctl+0x9b/0x240
[  397.475931][T17212]  ? __x64_sys_ioctl+0xb7/0x200
[  397.475947][T17212]  ? __lock_acquire+0xaa4/0x1ba0
[  397.475961][T17212]  ? __mutex_trylock_common+0xe9/0x250
[  397.475971][T17212]  ? __pfx___mutex_trylock_common+0x10/0x10
[  397.475982][T17212]  ? __pfx___might_resched+0x10/0x10
[  397.476003][T17212]  ? rcu_is_watching+0x12/0xc0
[  397.476016][T17212]  ? trace_contention_end+0xdd/0x130
[  397.476026][T17212]  ? __mutex_lock+0x1ca/0xb90
[  397.476039][T17212]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  397.476050][T17212]  ? __pfx___mutex_lock+0x10/0x10
[  397.476067][T17212]  ? tomoyo_path_number_perm+0x18d/0x580
[  397.476087][T17212]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  397.476098][T17212]  kvm_vcpu_ioctl+0x1232/0x1680
[  397.476112][T17212]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  397.476132][T17212]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  397.476149][T17212]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  397.476169][T17212]  ? hook_file_ioctl_common+0x145/0x410
[  397.476189][T17212]  ? selinux_file_ioctl+0x180/0x270
[  397.476202][T17212]  ? selinux_file_ioctl+0xb4/0x270
[  397.476219][T17212]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  397.476229][T17212]  __x64_sys_ioctl+0x190/0x200
[  397.476247][T17212]  do_syscall_64+0xcd/0x260
[  397.476260][T17212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.476271][T17212] RIP: 0033:0x7f00df78d169
[  397.476279][T17212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.476289][T17212] RSP: 002b:00007f00e0575038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  397.476299][T17212] RAX: ffffffffffffffda RBX: 00007f00df9a5fa0 RCX: 00007f00df78d169
[  397.476305][T17212] RDX: 0000200000000c80 RSI: 00000000c008ae88 RDI: 0000000000000005
[  397.476311][T17212] RBP: 00007f00e0575090 R08: 0000000000000000 R09: 0000000000000000
[  397.476317][T17212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.476323][T17212] R13: 0000000000000000 R14: 00007f00df9a5fa0 R15: 00007ffd2f694a18
[  397.476336][T17212]  </TASK>
[  397.649215][T17221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.652099][T17221] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.881126][ T9061] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[  398.031241][ T9061] usb 7-1: Using ep0 maxpacket: 16
[  398.033888][ T9061] usb 7-1: config 1 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 250, changing to 11
[  398.038996][ T9061] usb 7-1: config 1 interface 0 altsetting 5 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  398.043719][ T9061] usb 7-1: config 1 interface 0 has no altsetting 0
[  398.047140][ T9061] usb 7-1: New USB device found, idVendor=056a, idProduct=0064, bcdDevice= 0.40
[  398.049854][ T9061] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  398.053866][ T9061] usb 7-1: Product: ક䟥ꈐ㼰쮦ਁ㼪뤒뿸ꈦ籯䃪Ὗ몋덇ᨉ救붓譔炆⡝挱ꐢ⁏섓ク⩰ℊ吨㮂ꥆ㛵ᒂ꒛㷏푉씪⩁ઋ扜컭ꌖ圬﵆⨦㯉蓻⇻ހ蝹百⋱Ꞥ鲢㍧댾ⓡ焋理﷍촞ㄋ㿅銇᫦쏷ﶹ㐎퐮銝闫짞ꏯ᪑鿡溒
[  398.060809][ T9061] usb 7-1: Manufacturer: 《
[  398.062403][ T9061] usb 7-1: SerialNumber: я
[  398.071415][ T9061] usb 7-1: rejected 1 configuration due to insufficient available bus power
[  398.074720][ T9061] usb 7-1: no configuration chosen from 1 choice
[  398.166396][   T40] audit: type=1804 audit(398.052:63069): pid=17237 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.3882" name="/newroot/554/file0" dev="tmpfs" ino=2976 res=1 errno=0
[  398.173450][T17237] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -6053, delta: 1
[  398.176254][T17237] ref_ctr increment failed for inode: 0xba0 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88802af0b200
[  398.304298][   T40] audit: type=1400 audit(398.192:63070): avc:  denied  { getopt } for  pid=17243 comm="syz.4.3885" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  398.678773][T17259] lo speed is unknown, defaulting to 1000
[  398.831021][ T1474] usb 5-1: new full-speed USB device number 48 using dummy_hcd
[  398.938537][T17266] loop6: detected capacity change from 0 to 524287999
[  398.940944][T17266] FAULT_INJECTION: forcing a failure.
[  398.940944][T17266] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  398.944684][T17266] CPU: 1 UID: 0 PID: 17266 Comm: syz.4.3891 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  398.944697][T17266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  398.944704][T17266] Call Trace:
[  398.944708][T17266]  <TASK>
[  398.944712][T17266]  dump_stack_lvl+0x16c/0x1f0
[  398.944728][T17266]  should_fail_ex+0x512/0x640
[  398.944741][T17266]  should_fail_alloc_page+0xe7/0x130
[  398.944754][T17266]  prepare_alloc_pages+0x3c2/0x610
[  398.944771][T17266]  __alloc_frozen_pages_noprof+0x18d/0x2370
[  398.944786][T17266]  ? find_held_lock+0x2b/0x80
[  398.944800][T17266]  ? rcu_is_watching+0x12/0xc0
[  398.944813][T17266]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  398.944831][T17266]  ? __lock_acquire+0x5ca/0x1ba0
[  398.944840][T17266]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  398.944852][T17266]  ? policy_nodemask+0xea/0x4e0
[  398.944865][T17266]  alloc_pages_mpol+0x1fb/0x550
[  398.944877][T17266]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  398.944889][T17266]  ? filemap_get_entry+0x1a7/0x3b0
[  398.944904][T17266]  folio_alloc_noprof+0x20/0x2d0
[  398.944917][T17266]  filemap_alloc_folio_noprof+0x3a1/0x470
[  398.944936][T17266]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  398.944956][T17266]  __filemap_get_folio+0x5e9/0xc10
[  398.944972][T17266]  iomap_write_begin+0x691/0x1680
[  398.944986][T17266]  ? _raw_spin_unlock_irq+0x2e/0x50
[  398.945000][T17266]  ? __pfx_iomap_write_begin+0x10/0x10
[  398.945013][T17266]  ? fault_in_readable+0x1a7/0x200
[  398.945027][T17266]  ? __pfx_fault_in_readable+0x10/0x10
[  398.945044][T17266]  ? I_BDEV+0xd/0x20
[  398.945057][T17266]  ? inode_to_bdi+0x9e/0x160
[  398.945072][T17266]  iomap_file_buffered_write+0x43b/0xcc0
[  398.945091][T17266]  ? __pfx_iomap_file_buffered_write+0x10/0x10
[  398.945127][T17266]  ? __mark_inode_dirty+0x2a7/0xe50
[  398.945149][T17266]  ? preempt_count_add+0x76/0x150
[  398.945167][T17266]  ? mnt_put_write_access_file+0xc1/0xf0
[  398.945185][T17266]  blkdev_write_iter+0x57d/0xdf0
[  398.945206][T17266]  vfs_write+0x5ba/0x1180
[  398.945221][T17266]  ? __pfx_blkdev_write_iter+0x10/0x10
[  398.945240][T17266]  ? __pfx_vfs_write+0x10/0x10
[  398.945253][T17266]  ? find_held_lock+0x2b/0x80
[  398.945288][T17266]  ksys_write+0x12a/0x240
[  398.945302][T17266]  ? __pfx_ksys_write+0x10/0x10
[  398.945323][T17266]  do_syscall_64+0xcd/0x260
[  398.945345][T17266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.945362][T17266] RIP: 0033:0x7f9235f8d169
[  398.945376][T17266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.945391][T17266] RSP: 002b:00007f9236e29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  398.945407][T17266] RAX: ffffffffffffffda RBX: 00007f92361a5fa0 RCX: 00007f9235f8d169
[  398.945418][T17266] RDX: 0000000000001006 RSI: 00002000000003c0 RDI: 0000000000000005
[  398.945428][T17266] RBP: 00007f9236e29090 R08: 0000000000000000 R09: 0000000000000000
[  398.945438][T17266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.945447][T17266] R13: 0000000000000000 R14: 00007f92361a5fa0 R15: 00007ffe9dd7da08
[  398.945469][T17266]  </TASK>
[  398.945695][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  399.004872][ T1474] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  399.006330][ T1140] loop: Write error at byte offset 1, length 4096.
[  399.006809][ T1474] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  399.008428][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  399.010852][ T1474] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  399.011100][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  399.057080][ T1474] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.057104][ T1474] usb 5-1: Product: syz
[  399.057118][ T1474] usb 5-1: Manufacturer: syz
[  399.057132][ T1474] usb 5-1: SerialNumber: syz
[  399.063671][ T1474] usb 5-1: selecting invalid altsetting 1
[  399.868293][T17263] FAULT_INJECTION: forcing a failure.
[  399.868293][T17263] name failslab, interval 1, probability 0, space 0, times 0
[  399.873012][T17263] CPU: 3 UID: 0 PID: 17263 Comm: syz.0.3890 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  399.873036][T17263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  399.873061][T17263] Call Trace:
[  399.873067][T17263]  <TASK>
[  399.873075][T17263]  dump_stack_lvl+0x16c/0x1f0
[  399.873101][T17263]  should_fail_ex+0x512/0x640
[  399.873123][T17263]  should_failslab+0xc2/0x120
[  399.873144][T17263]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  399.873163][T17263]  ? __alloc_skb+0x2b2/0x380
[  399.873185][T17263]  __alloc_skb+0x2b2/0x380
[  399.873203][T17263]  ? __pfx___alloc_skb+0x10/0x10
[  399.873230][T17263]  ax25_send_control+0xb6/0x520
[  399.873249][T17263]  ? ax25_find_cb+0x2e4/0x3f0
[  399.873274][T17263]  ax25_std_establish_data_link+0x110/0x130
[  399.873293][T17263]  ax25_connect+0xca8/0x1350
[  399.873324][T17263]  ? __pfx_ax25_connect+0x10/0x10
[  399.873345][T17263]  ? rcu_is_watching+0x12/0xc0
[  399.873366][T17263]  ? __local_bh_enable_ip+0xa4/0x120
[  399.873388][T17263]  ? lockdep_hardirqs_on+0x7c/0x110
[  399.873406][T17263]  ? selinux_netlbl_socket_connect+0x30/0x40
[  399.873429][T17263]  ? __local_bh_enable_ip+0xa4/0x120
[  399.873452][T17263]  ? selinux_netlbl_socket_connect+0x30/0x40
[  399.873474][T17263]  ? selinux_socket_connect+0x6b/0x80
[  399.873498][T17263]  ? __pfx_ax25_connect+0x10/0x10
[  399.873519][T17263]  __sys_connect_file+0x13e/0x1a0
[  399.873538][T17263]  __sys_connect+0x14d/0x170
[  399.873554][T17263]  ? __pfx___sys_connect+0x10/0x10
[  399.873579][T17263]  ? __pfx_ksys_write+0x10/0x10
[  399.873594][T17263]  ? rcu_is_watching+0x12/0xc0
[  399.873619][T17263]  __x64_sys_connect+0x72/0xb0
[  399.873634][T17263]  ? lockdep_hardirqs_on+0x7c/0x110
[  399.873652][T17263]  do_syscall_64+0xcd/0x260
[  399.873674][T17263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.873691][T17263] RIP: 0033:0x7f00df78d169
[  399.873706][T17263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.873722][T17263] RSP: 002b:00007f00e0575038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  399.873738][T17263] RAX: ffffffffffffffda RBX: 00007f00df9a5fa0 RCX: 00007f00df78d169
[  399.873750][T17263] RDX: 0000000000000048 RSI: 00002000000001c0 RDI: 000000000000000b
[  399.873760][T17263] RBP: 00007f00e0575090 R08: 0000000000000000 R09: 0000000000000000
[  399.873769][T17263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  399.873779][T17263] R13: 0000000000000000 R14: 00007f00df9a5fa0 R15: 00007ffd2f694a18
[  399.873802][T17263]  </TASK>
[  399.920667][T17280] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  400.285980][T17289] FAULT_INJECTION: forcing a failure.
[  400.285980][T17289] name failslab, interval 1, probability 0, space 0, times 0
[  400.290700][T17289] CPU: 3 UID: 0 PID: 17289 Comm: syz.4.3898 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  400.290723][T17289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  400.290733][T17289] Call Trace:
[  400.290739][T17289]  <TASK>
[  400.290746][T17289]  dump_stack_lvl+0x16c/0x1f0
[  400.290770][T17289]  should_fail_ex+0x512/0x640
[  400.290787][T17289]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  400.290808][T17289]  should_failslab+0xc2/0x120
[  400.290828][T17289]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  400.290844][T17289]  ? down_write+0x14d/0x200
[  400.290865][T17289]  ? __d_alloc+0x31/0xaa0
[  400.290885][T17289]  __d_alloc+0x31/0xaa0
[  400.290904][T17289]  d_alloc+0x4a/0x1e0
[  400.290921][T17289]  d_alloc_parallel+0xe3/0x12e0
[  400.290950][T17289]  ? __lock_acquire+0xaa4/0x1ba0
[  400.290978][T17289]  ? __pfx_d_alloc_parallel+0x10/0x10
[  400.291003][T17289]  ? lockdep_init_map_type+0x5c/0x280
[  400.291018][T17289]  ? lockdep_init_map_type+0x5c/0x280
[  400.291038][T17289]  __lookup_slow+0x193/0x460
[  400.291061][T17289]  ? __pfx___lookup_slow+0x10/0x10
[  400.291094][T17289]  ? lookup_fast+0x156/0x610
[  400.291117][T17289]  walk_component+0x353/0x5b0
[  400.291140][T17289]  path_lookupat+0x17e/0x780
[  400.291166][T17289]  filename_lookup+0x224/0x5f0
[  400.291182][T17289]  ? __pfx_filename_lookup+0x10/0x10
[  400.291235][T17289]  ? find_held_lock+0x2b/0x80
[  400.291254][T17289]  ? __might_fault+0xe3/0x190
[  400.291269][T17289]  ? __might_fault+0xe3/0x190
[  400.291283][T17289]  ? __might_fault+0x13b/0x190
[  400.291306][T17289]  vfs_statx+0xf8/0x210
[  400.291325][T17289]  ? __pfx_vfs_statx+0x10/0x10
[  400.291344][T17289]  ? getname_flags.part.0+0x1c2/0x540
[  400.291369][T17289]  vfs_fstatat+0x7b/0xf0
[  400.291389][T17289]  __do_sys_newfstatat+0xa1/0x130
[  400.291409][T17289]  ? __pfx___do_sys_newfstatat+0x10/0x10
[  400.291428][T17289]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  400.291461][T17289]  ? ksys_write+0x1b9/0x240
[  400.291476][T17289]  ? __pfx_ksys_write+0x10/0x10
[  400.291499][T17289]  do_syscall_64+0xcd/0x260
[  400.291519][T17289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.291536][T17289] RIP: 0033:0x7f9235f8d169
[  400.291549][T17289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.291565][T17289] RSP: 002b:00007f9236de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
[  400.291581][T17289] RAX: ffffffffffffffda RBX: 00007f92361a6160 RCX: 00007f9235f8d169
[  400.291591][T17289] RDX: 0000000000000000 RSI: 0000200000000ac0 RDI: ffffffffffffff9c
[  400.291601][T17289] RBP: 00007f9236de7090 R08: 0000000000000000 R09: 0000000000000000
[  400.291611][T17289] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[  400.291620][T17289] R13: 0000000000000001 R14: 00007f92361a6160 R15: 00007ffe9dd7da08
[  400.291642][T17289]  </TASK>
[  400.328171][T17286] ipt_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[  400.537188][T17302] tipc: Started in network mode
[  400.538730][T17302] tipc: Node identity 080211000001, cluster identity 4711
[  400.541103][T17302] tipc: Enabled bearer <eth:wlan1>, priority 10
[  400.612799][T17310] loop6: detected capacity change from 0 to 524287999
[  400.615787][    C3] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  400.618509][    C2] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  400.622158][ T1140] loop: Write error at byte offset 1, length 4096.
[  400.624087][    C3] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  400.626685][    C3] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  400.657787][ T1334] usb 7-1: USB disconnect, device number 39
[  400.685945][T17315] FAULT_INJECTION: forcing a failure.
[  400.685945][T17315] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  400.690386][T17315] CPU: 3 UID: 0 PID: 17315 Comm: syz.2.3906 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  400.690402][T17315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  400.690408][T17315] Call Trace:
[  400.690412][T17315]  <TASK>
[  400.690416][T17315]  dump_stack_lvl+0x16c/0x1f0
[  400.690432][T17315]  should_fail_ex+0x512/0x640
[  400.690444][T17315]  _copy_from_user+0x2e/0xd0
[  400.690456][T17315]  kvm_vm_ioctl+0x18c0/0x3d40
[  400.690475][T17315]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  400.690495][T17315]  ? kasan_quarantine_put+0x10a/0x240
[  400.690505][T17315]  ? lockdep_hardirqs_on+0x7c/0x110
[  400.690518][T17315]  ? find_held_lock+0x2b/0x80
[  400.690531][T17315]  ? tomoyo_path_number_perm+0x295/0x580
[  400.690546][T17315]  ? tomoyo_path_number_perm+0x18d/0x580
[  400.690559][T17315]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  400.690571][T17315]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  400.690583][T17315]  ? do_vfs_ioctl+0x512/0x1990
[  400.690598][T17315]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  400.690615][T17315]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  400.690632][T17315]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  400.690650][T17315]  ? hook_file_ioctl_common+0x145/0x410
[  400.690669][T17315]  ? selinux_file_ioctl+0x180/0x270
[  400.690683][T17315]  ? selinux_file_ioctl+0xb4/0x270
[  400.690698][T17315]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  400.690711][T17315]  __x64_sys_ioctl+0x190/0x200
[  400.690726][T17315]  do_syscall_64+0xcd/0x260
[  400.690740][T17315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.690750][T17315] RIP: 0033:0x7f6813f8d169
[  400.690759][T17315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.690769][T17315] RSP: 002b:00007f6814eab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  400.690778][T17315] RAX: ffffffffffffffda RBX: 00007f68141a5fa0 RCX: 00007f6813f8d169
[  400.690785][T17315] RDX: 00002000000000c0 RSI: 000000004020ae76 RDI: 0000000000000005
[  400.690790][T17315] RBP: 00007f6814eab090 R08: 0000000000000000 R09: 0000000000000000
[  400.690796][T17315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.690802][T17315] R13: 0000000000000000 R14: 00007f68141a5fa0 R15: 00007ffd3e1d17d8
[  400.690814][T17315]  </TASK>
[  400.850432][   T40] audit: type=1400 audit(400.732:63071): avc:  denied  { mount } for  pid=17318 comm="syz.4.3908" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  400.872565][T17331] NILFS (nbd2): device size too small
[  400.881045][ T9097] usb 10-1: new full-speed USB device number 28 using dummy_hcd
[  400.943576][   T40] audit: type=1400 audit(400.832:63072): avc:  denied  { unmount } for  pid=11034 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  400.960033][T17338] loop6: detected capacity change from 0 to 524287999
[  400.963224][    C2] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  400.966032][    C2] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  400.968674][   T13] loop: Write error at byte offset 1, length 4096.
[  400.970622][    C2] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  400.973446][    C2] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  401.033183][ T9097] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  401.037001][ T9097] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  401.042985][ T9097] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  401.046269][ T9097] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.049173][ T9097] usb 10-1: Product: syz
[  401.050738][ T9097] usb 10-1: Manufacturer: syz
[  401.052625][ T9097] usb 10-1: SerialNumber: syz
[  401.059544][ T9097] usb 10-1: selecting invalid altsetting 1
[  401.141105][ T1460] usb 7-1: new full-speed USB device number 40 using dummy_hcd
[  401.293233][ T1460] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  401.296910][ T1460] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  401.305668][ T1460] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  401.308878][ T1460] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.311885][ T1460] usb 7-1: Product: syz
[  401.313416][ T1460] usb 7-1: Manufacturer: syz
[  401.315095][ T1460] usb 7-1: SerialNumber: syz
[  401.322589][ T1460] usb 7-1: selecting invalid altsetting 1
[  401.569552][ T1474] cdc_ncm 5-1:1.0: SET_NTB_FORMAT failed
[  401.590424][   T40] audit: type=1400 audit(401.472:63073): avc:  denied  { mount } for  pid=17344 comm="syz.0.3913" name="/" dev="9p" ino=36831264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  401.596729][ T1474] usb 5-1: selecting invalid altsetting 1
[  401.598396][ T1474] cdc_ncm 5-1:1.0: bind() failure
[  401.599237][   T40] audit: type=1400 audit(401.482:63074): avc:  denied  { append } for  pid=17344 comm="syz.0.3913" name="cpu.stat" dev="9p" ino=36831497 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  401.604340][ T1474] usb 5-1: USB disconnect, device number 48
[  401.672674][   T24] tipc: Node number set to 134418688
[  401.699585][   T40] audit: type=1400 audit(401.582:63075): avc:  denied  { unmount } for  pid=13909 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  401.843818][T17347] FAULT_INJECTION: forcing a failure.
[  401.843818][T17347] name failslab, interval 1, probability 0, space 0, times 0
[  401.847736][T17347] CPU: 2 UID: 0 PID: 17347 Comm: syz.0.3914 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  401.847750][T17347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  401.847757][T17347] Call Trace:
[  401.847761][T17347]  <TASK>
[  401.847765][T17347]  dump_stack_lvl+0x16c/0x1f0
[  401.847782][T17347]  should_fail_ex+0x512/0x640
[  401.847792][T17347]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  401.847810][T17347]  ? __pfx_v9fs_xattr_handler_get+0x10/0x10
[  401.847821][T17347]  should_failslab+0xc2/0x120
[  401.847833][T17347]  __kmalloc_cache_noprof+0x6a/0x3e0
[  401.847850][T17347]  ? p9_fid_create+0x41/0x260
[  401.847863][T17347]  ? __pfx_v9fs_xattr_handler_get+0x10/0x10
[  401.847874][T17347]  p9_fid_create+0x41/0x260
[  401.847885][T17347]  p9_client_xattrwalk+0x47/0x290
[  401.847900][T17347]  ? __pfx_v9fs_xattr_handler_get+0x10/0x10
[  401.847911][T17347]  v9fs_fid_xattr_get+0x10a/0x300
[  401.847922][T17347]  ? __pfx_v9fs_fid_xattr_get+0x10/0x10
[  401.847933][T17347]  ? __pfx_v9fs_fid_find+0x10/0x10
[  401.847948][T17347]  ? v9fs_fid_lookup+0xe9/0xeb0
[  401.847962][T17347]  v9fs_xattr_handler_get+0x6b/0x120
[  401.847974][T17347]  __vfs_getxattr+0x13a/0x1a0
[  401.847984][T17347]  ? __pfx___vfs_getxattr+0x10/0x10
[  401.847997][T17347]  cap_inode_need_killpriv+0x40/0x60
[  401.848009][T17347]  security_inode_need_killpriv+0x1b9/0x1e0
[  401.848023][T17347]  file_remove_privs_flags+0x331/0x580
[  401.848038][T17347]  ? __pfx_file_remove_privs_flags+0x10/0x10
[  401.848055][T17347]  ? generic_write_checks+0x311/0x480
[  401.848071][T17347]  ? __pfx_generic_write_checks+0x10/0x10
[  401.848090][T17347]  netfs_unbuffered_write_iter+0x1d1/0x6d0
[  401.848103][T17347]  v9fs_file_write_iter+0xbf/0x100
[  401.848113][T17347]  vfs_write+0x5ba/0x1180
[  401.848123][T17347]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  401.848133][T17347]  ? __pfx___mutex_lock+0x10/0x10
[  401.848146][T17347]  ? __pfx_vfs_write+0x10/0x10
[  401.848163][T17347]  ksys_write+0x12a/0x240
[  401.848172][T17347]  ? __pfx_ksys_write+0x10/0x10
[  401.848180][T17347]  ? madvise_unlock+0xf6/0x190
[  401.848196][T17347]  do_syscall_64+0xcd/0x260
[  401.848209][T17347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.848220][T17347] RIP: 0033:0x7f00df78d169
[  401.848229][T17347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.848239][T17347] RSP: 002b:00007f00e0575038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  401.848249][T17347] RAX: ffffffffffffffda RBX: 00007f00df9a5fa0 RCX: 00007f00df78d169
[  401.848255][T17347] RDX: 0000000000001006 RSI: 0000200000001980 RDI: 0000000000000003
[  401.848261][T17347] RBP: 00007f00e0575090 R08: 0000000000000000 R09: 0000000000000000
[  401.848267][T17347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.848273][T17347] R13: 0000000000000000 R14: 00007f00df9a5fa0 R15: 00007ffd2f694a18
[  401.848285][T17347]  </TASK>
[  401.926046][   T40] audit: type=1400 audit(401.792:63076): avc:  denied  { ioctl } for  pid=17348 comm="syz.4.3915" path="socket:[104539]" dev="sockfs" ino=104539 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  401.926841][T17353] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  402.122439][T17336] bpq0: entered allmulticast mode
[  402.128793][ T9097] cdc_ncm 10-1:1.0: SET_NTB_FORMAT failed
[  402.131134][T17336] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  402.135344][ T1460] cdc_ncm 7-1:1.0: SET_NTB_FORMAT failed
[  402.141081][ T9097] usb 10-1: selecting invalid altsetting 1
[  402.142607][ T9097] cdc_ncm 10-1:1.0: bind() failure
[  402.146636][ T9097] usb 10-1: USB disconnect, device number 28
[  402.151065][ T1460] usb 7-1: selecting invalid altsetting 1
[  402.152716][ T1460] cdc_ncm 7-1:1.0: bind() failure
[  402.173116][ T1460] usb 7-1: USB disconnect, device number 40
[  402.174075][T17368] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  402.176472][T17368] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  402.179006][T17368] vhci_hcd vhci_hcd.0: Device attached
[  402.182605][T17368] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(12)
[  402.184437][T17368] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  402.186524][T17368] vhci_hcd vhci_hcd.0: Device attached
[  402.188881][T17368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3922'.
[  402.200685][T17371] vhci_hcd: connection closed
[  402.200892][   T72] vhci_hcd: stop threads
[  402.200938][T17369] vhci_hcd: connection closed
[  402.202618][   T72] vhci_hcd: release socket
[  402.206814][   T72] vhci_hcd: disconnect device
[  402.208363][   T72] vhci_hcd: stop threads
[  402.209617][   T72] vhci_hcd: release socket
[  402.210903][   T72] vhci_hcd: disconnect device
[  402.541318][ T5991] usb 9-1: new high-speed USB device number 32 using dummy_hcd
[  402.691601][ T5991] usb 9-1: Using ep0 maxpacket: 8
[  402.694771][ T5991] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  402.696436][T17378] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  402.696980][ T5991] usb 9-1: config 0 has no interface number 0
[  402.700646][ T5991] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  402.703866][ T5991] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  402.706360][ T5991] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.710275][ T5991] usb 9-1: config 0 descriptor??
[  402.714516][ T5991] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  402.733159][T17380] FAULT_INJECTION: forcing a failure.
[  402.733159][T17380] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.738090][T17380] CPU: 1 UID: 0 PID: 17380 Comm: syz.0.3926 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  402.738111][T17380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  402.738122][T17380] Call Trace:
[  402.738128][T17380]  <TASK>
[  402.738135][T17380]  dump_stack_lvl+0x16c/0x1f0
[  402.738159][T17380]  should_fail_ex+0x512/0x640
[  402.738180][T17380]  _copy_to_user+0x32/0xd0
[  402.738205][T17380]  simple_read_from_buffer+0xcb/0x170
[  402.738232][T17380]  proc_fail_nth_read+0x197/0x270
[  402.738259][T17380]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  402.738286][T17380]  ? rw_verify_area+0xcf/0x680
[  402.738310][T17380]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  402.738336][T17380]  vfs_read+0x1de/0xc70
[  402.738364][T17380]  ? __pfx___mutex_lock+0x10/0x10
[  402.738383][T17380]  ? __pfx_vfs_read+0x10/0x10
[  402.738415][T17380]  ? __fget_files+0x20e/0x3c0
[  402.738440][T17380]  ksys_read+0x12a/0x240
[  402.738456][T17380]  ? __pfx_ksys_read+0x10/0x10
[  402.738469][T17380]  ? rcu_is_watching+0x12/0xc0
[  402.738498][T17380]  do_syscall_64+0xcd/0x260
[  402.738521][T17380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.738538][T17380] RIP: 0033:0x7f00df78bb7c
[  402.738552][T17380] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  402.738568][T17380] RSP: 002b:00007f00e0575030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  402.738584][T17380] RAX: ffffffffffffffda RBX: 00007f00df9a5fa0 RCX: 00007f00df78bb7c
[  402.738595][T17380] RDX: 000000000000000f RSI: 00007f00e05750a0 RDI: 0000000000000004
[  402.738605][T17380] RBP: 00007f00e0575090 R08: 0000000000000000 R09: 0000000000000000
[  402.738616][T17380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.738626][T17380] R13: 0000000000000000 R14: 00007f00df9a5fa0 R15: 00007ffd2f694a18
[  402.738650][T17380]  </TASK>
[  402.853460][T17378] /dev/sr0: Can't open blockdev
[  402.891142][ T1474] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[  402.918015][ T1334] usb 9-1: USB disconnect, device number 32
[  402.955441][T17391] netlink: 'syz.2.3930': attribute type 29 has an invalid length.
[  402.961933][T17391] netlink: 'syz.2.3930': attribute type 29 has an invalid length.
[  403.041134][ T1474] usb 10-1: Using ep0 maxpacket: 8
[  403.044332][ T1474] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  403.046621][ T1474] usb 10-1: config 0 has no interface number 0
[  403.048398][ T1474] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  403.051586][ T1474] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  403.054465][ T1474] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.058934][ T1474] usb 10-1: config 0 descriptor??
[  403.063996][ T1474] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  403.081066][ T1460] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  403.241116][ T1460] usb 5-1: Using ep0 maxpacket: 8
[  403.243861][ T1460] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  403.246054][ T1460] usb 5-1: config 0 has no interface number 0
[  403.247746][ T1460] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  403.250717][ T1460] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  403.253238][ T1460] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.257252][ T1460] usb 5-1: config 0 descriptor??
[  403.261122][ T1460] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1
[  403.269503][ T5991] usb 10-1: USB disconnect, device number 29
[  403.462265][ T1334] usb 5-1: USB disconnect, device number 49
[  403.662215][T17398] loop6: detected capacity change from 0 to 524287999
[  403.666222][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  403.669873][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  403.673082][ T1140] loop: Write error at byte offset 1, length 4096.
[  403.674888][    C2] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  403.677437][    C2] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  403.680559][ T1140] loop: Write error at byte offset 1, length 4096.
[  403.683151][    C3] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  403.686518][    C3] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  403.802095][T17409] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3939'.
[  403.804336][   T40] audit: type=1400 audit(403.692:63077): avc:  denied  { connect } for  pid=17406 comm="syz.4.3938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  403.806000][T17409] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3939'.
[  403.873313][T17412] FAULT_INJECTION: forcing a failure.
[  403.873313][T17412] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  403.877354][T17412] CPU: 0 UID: 0 PID: 17412 Comm: syz.5.3940 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  403.877368][T17412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  403.877375][T17412] Call Trace:
[  403.877380][T17412]  <TASK>
[  403.877384][T17412]  dump_stack_lvl+0x16c/0x1f0
[  403.877401][T17412]  should_fail_ex+0x512/0x640
[  403.877414][T17412]  should_fail_alloc_page+0xe7/0x130
[  403.877427][T17412]  prepare_alloc_pages+0x3c2/0x610
[  403.877444][T17412]  __alloc_frozen_pages_noprof+0x18d/0x2370
[  403.877458][T17412]  ? __pfx_get_page_from_freelist+0x10/0x10
[  403.877468][T17412]  ? should_fail_alloc_page+0xee/0x130
[  403.877480][T17412]  ? rcu_is_watching+0x12/0xc0
[  403.877494][T17412]  ? trace_mm_page_alloc+0x11f/0x1a0
[  403.877508][T17412]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  403.877519][T17412]  ? __lock_acquire+0xaa4/0x1ba0
[  403.877535][T17412]  ? do_raw_spin_lock+0x12c/0x2b0
[  403.877546][T17412]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  403.877558][T17412]  ? policy_nodemask+0xea/0x4e0
[  403.877571][T17412]  alloc_pages_mpol+0x1fb/0x550
[  403.877583][T17412]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  403.877595][T17412]  ? __lock_acquire+0x5ca/0x1ba0
[  403.877606][T17412]  folio_alloc_mpol_noprof+0x36/0x2f0
[  403.877620][T17412]  vma_alloc_folio_noprof+0xed/0x1e0
[  403.877633][T17412]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  403.877663][T17412]  do_pte_missing+0x223d/0x3fb0
[  403.877685][T17412]  __handle_mm_fault+0x103d/0x2a40
[  403.877705][T17412]  ? __pfx___handle_mm_fault+0x10/0x10
[  403.877720][T17412]  ? __pte_offset_map_lock+0x155/0x2f0
[  403.877734][T17412]  ? find_held_lock+0x2b/0x80
[  403.877746][T17412]  ? find_held_lock+0x2b/0x80
[  403.877767][T17412]  handle_mm_fault+0x3fe/0xad0
[  403.877786][T17412]  __get_user_pages+0x771/0x36f0
[  403.877806][T17412]  ? __pfx___get_user_pages+0x10/0x10
[  403.877820][T17412]  ? __pfx_down_read_killable+0x10/0x10
[  403.877838][T17412]  get_user_pages_unlocked+0x1c1/0x780
[  403.877855][T17412]  ? __pfx_get_user_pages_unlocked+0x10/0x10
[  403.877870][T17412]  ? get_user_pages_fast_only+0xae/0xf0
[  403.877884][T17412]  ? __pfx_get_user_pages_fast_only+0x10/0x10
[  403.877899][T17412]  ? __pfx___might_resched+0x10/0x10
[  403.877913][T17412]  ? bpf_ksym_find+0x127/0x1c0
[  403.877929][T17412]  hva_to_pfn+0x886/0xe40
[  403.877943][T17412]  ? __lock_acquire+0x5ca/0x1ba0
[  403.877952][T17412]  ? __pfx_hva_to_pfn+0x10/0x10
[  403.877965][T17412]  ? __lock_acquire+0x5ca/0x1ba0
[  403.877976][T17412]  ? lock_acquire+0x179/0x350
[  403.877994][T17412]  kvm_follow_pfn+0x29f/0x3f0
[  403.878008][T17412]  __kvm_faultin_pfn+0x11c/0x1a0
[  403.878020][T17412]  ? __pfx___kvm_faultin_pfn+0x10/0x10
[  403.878032][T17412]  ? __pfx_xa_load+0x10/0x10
[  403.878047][T17412]  ? kvm_tdp_mmu_map+0x90b/0x1f70
[  403.878064][T17412]  kvm_mmu_faultin_pfn+0x581/0x2170
[  403.878079][T17412]  ? __pfx_fast_page_fault+0x10/0x10
[  403.878091][T17412]  ? __pfx_kvm_mmu_faultin_pfn+0x10/0x10
[  403.878104][T17412]  ? __kvm_mmu_topup_memory_cache+0x332/0x600
[  403.878115][T17412]  ? find_held_lock+0x2b/0x80
[  403.878132][T17412]  kvm_tdp_page_fault+0x186/0x3f0
[  403.878148][T17412]  kvm_mmu_do_page_fault+0x588/0x6c0
[  403.878165][T17412]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  403.878180][T17412]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  403.878198][T17412]  ? unwind_get_return_address+0x59/0xa0
[  403.878212][T17412]  ? arch_stack_walk+0xa6/0x100
[  403.878229][T17412]  kvm_mmu_page_fault+0x225/0x1cb0
[  403.878245][T17412]  ? stack_trace_save+0x8e/0xc0
[  403.878259][T17412]  ? __pfx_stack_trace_save+0x10/0x10
[  403.878274][T17412]  ? __pfx_kvm_mmu_page_fault+0x10/0x10
[  403.878289][T17412]  ? __lock_acquire+0xaa4/0x1ba0
[  403.878299][T17412]  ? __vmx_complete_interrupts+0x238/0x4e0
[  403.878313][T17412]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  403.878327][T17412]  handle_ept_violation+0x254/0x640
[  403.878342][T17412]  ? __pfx_handle_ept_violation+0x10/0x10
[  403.878355][T17412]  vmx_handle_exit+0x6ab/0x1cc0
[  403.878371][T17412]  vcpu_run+0x304c/0x52d0
[  403.878393][T17412]  ? __pfx_vcpu_run+0x10/0x10
[  403.878410][T17412]  ? fpu_swap_kvm_fpstate+0x235/0x4a0
[  403.878425][T17412]  ? __local_bh_enable_ip+0xa4/0x120
[  403.878441][T17412]  ? kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[  403.878456][T17412]  kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[  403.878476][T17412]  kvm_vcpu_ioctl+0x5e9/0x1680
[  403.878488][T17412]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  403.878501][T17412]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  403.878518][T17412]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  403.878537][T17412]  ? hook_file_ioctl_common+0x145/0x410
[  403.878557][T17412]  ? selinux_file_ioctl+0x180/0x270
[  403.878571][T17412]  ? selinux_file_ioctl+0xb4/0x270
[  403.878586][T17412]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  403.878595][T17412]  __x64_sys_ioctl+0x190/0x200
[  403.878611][T17412]  do_syscall_64+0xcd/0x260
[  403.878624][T17412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.878634][T17412] RIP: 0033:0x7fc85e58d169
[  403.878643][T17412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.878653][T17412] RSP: 002b:00007fc85f3c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  403.878663][T17412] RAX: ffffffffffffffda RBX: 00007fc85e7a5fa0 RCX: 00007fc85e58d169
[  403.878669][T17412] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  403.878675][T17412] RBP: 00007fc85f3c3090 R08: 0000000000000000 R09: 0000000000000000
[  403.878680][T17412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.878686][T17412] R13: 0000000000000000 R14: 00007fc85e7a5fa0 R15: 00007ffdc1a2d238
[  403.878699][T17412]  </TASK>
[  404.036026][    C0] vkms_vblank_simulate: vblank timer overrun
[  404.095998][T17410] could not allocate digest TFM handle cryptd(blake2b-160)
[  404.115290][T17435] FAULT_INJECTION: forcing a failure.
[  404.115290][T17435] name failslab, interval 1, probability 0, space 0, times 0
[  404.118863][T17435] CPU: 0 UID: 0 PID: 17435 Comm: syz.2.3946 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  404.118878][T17435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.118884][T17435] Call Trace:
[  404.118888][T17435]  <TASK>
[  404.118892][T17435]  dump_stack_lvl+0x16c/0x1f0
[  404.118908][T17435]  should_fail_ex+0x512/0x640
[  404.118918][T17435]  ? __kmalloc_noprof+0xbf/0x510
[  404.118930][T17435]  ? alloc_pipe_info+0x1ec/0x590
[  404.118941][T17435]  should_failslab+0xc2/0x120
[  404.118952][T17435]  __kmalloc_noprof+0xd2/0x510
[  404.118965][T17435]  alloc_pipe_info+0x1ec/0x590
[  404.118981][T17435]  splice_direct_to_actor+0x77d/0xa30
[  404.118999][T17435]  ? __pfx_direct_splice_actor+0x10/0x10
[  404.119014][T17435]  ? inode_has_perm+0x16f/0x1d0
[  404.119026][T17435]  ? file_has_perm+0x27d/0x350
[  404.119035][T17435]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  404.119051][T17435]  ? __pfx_file_has_perm+0x10/0x10
[  404.119064][T17435]  do_splice_direct+0x174/0x240
[  404.119080][T17435]  ? __pfx_do_splice_direct+0x10/0x10
[  404.119096][T17435]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  404.119112][T17435]  ? bpf_lsm_file_permission+0x9/0x10
[  404.119127][T17435]  ? security_file_permission+0x71/0x210
[  404.119142][T17435]  ? rw_verify_area+0xcf/0x680
[  404.119157][T17435]  do_sendfile+0xafd/0xe50
[  404.119191][T17435]  ? __pfx_do_sendfile+0x10/0x10
[  404.119207][T17435]  ? __fget_files+0x20e/0x3c0
[  404.119221][T17435]  __x64_sys_sendfile64+0x1d8/0x220
[  404.119232][T17435]  ? ksys_write+0x1b9/0x240
[  404.119241][T17435]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  404.119252][T17435]  ? rcu_is_watching+0x12/0xc0
[  404.119269][T17435]  do_syscall_64+0xcd/0x260
[  404.119282][T17435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.119292][T17435] RIP: 0033:0x7f6813f8d169
[  404.119301][T17435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.119310][T17435] RSP: 002b:00007f6814eab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  404.119320][T17435] RAX: ffffffffffffffda RBX: 00007f68141a5fa0 RCX: 00007f6813f8d169
[  404.119326][T17435] RDX: 0000000000000000 RSI: 000000000000000e RDI: 000000000000000f
[  404.119332][T17435] RBP: 00007f6814eab090 R08: 0000000000000000 R09: 0000000000000000
[  404.119338][T17435] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000001
[  404.119344][T17435] R13: 0000000000000000 R14: 00007f68141a5fa0 R15: 00007ffd3e1d17d8
[  404.119356][T17435]  </TASK>
[  404.210014][    C0] vkms_vblank_simulate: vblank timer overrun
[  404.234072][T17431] lo speed is unknown, defaulting to 1000
[  404.264614][   T40] audit: type=1400 audit(404.152:63078): avc:  denied  { execmod } for  pid=17440 comm="syz.5.3949" path="/533/blkio.bfq.io_service_bytes_recursive" dev="tmpfs" ino=2907 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  404.323365][   T40] audit: type=1400 audit(404.202:63079): avc:  denied  { mounton } for  pid=17449 comm="syz.5.3952" path="/proc/1378/cgroup" dev="proc" ino=104783 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  404.330130][T17445] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3950'.
[  404.346761][T17452] loop6: detected capacity change from 0 to 524287999
[  404.349116][   T13] loop: Write error at byte offset 1, length 4096.
[  404.350935][    C3] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  404.356344][   T13] loop: Write error at byte offset 1, length 4096.
[  404.358908][    C3] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  404.366916][T17452] FAULT_INJECTION: forcing a failure.
[  404.366916][T17452] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.370547][T17452] CPU: 3 UID: 0 PID: 17452 Comm: syz.2.3953 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  404.370560][T17452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.370567][T17452] Call Trace:
[  404.370571][T17452]  <TASK>
[  404.370576][T17452]  dump_stack_lvl+0x16c/0x1f0
[  404.370591][T17452]  should_fail_ex+0x512/0x640
[  404.370603][T17452]  _copy_to_user+0x32/0xd0
[  404.370616][T17452]  simple_read_from_buffer+0xcb/0x170
[  404.370633][T17452]  proc_fail_nth_read+0x197/0x270
[  404.370650][T17452]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  404.370667][T17452]  ? rw_verify_area+0xcf/0x680
[  404.370680][T17452]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  404.370696][T17452]  vfs_read+0x1de/0xc70
[  404.370713][T17452]  ? __pfx___mutex_lock+0x10/0x10
[  404.370725][T17452]  ? __pfx_vfs_read+0x10/0x10
[  404.370744][T17452]  ? __fget_files+0x20e/0x3c0
[  404.370758][T17452]  ksys_read+0x12a/0x240
[  404.370766][T17452]  ? __pfx_ksys_read+0x10/0x10
[  404.370774][T17452]  ? rcu_is_watching+0x12/0xc0
[  404.370791][T17452]  do_syscall_64+0xcd/0x260
[  404.370804][T17452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.370814][T17452] RIP: 0033:0x7f6813f8bb7c
[  404.370822][T17452] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  404.370833][T17452] RSP: 002b:00007f6814eab030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  404.370843][T17452] RAX: ffffffffffffffda RBX: 00007f68141a5fa0 RCX: 00007f6813f8bb7c
[  404.370849][T17452] RDX: 000000000000000f RSI: 00007f6814eab0a0 RDI: 0000000000000006
[  404.370855][T17452] RBP: 00007f6814eab090 R08: 0000000000000000 R09: 0000000000000000
[  404.370861][T17452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.370866][T17452] R13: 0000000000000000 R14: 00007f68141a5fa0 R15: 00007ffd3e1d17d8
[  404.370879][T17452]  </TASK>
[  404.487966][T17462] loop6: detected capacity change from 0 to 524287999
[  404.490811][ T1224] loop: Write error at byte offset 1, length 4096.
[  404.498035][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  404.500458][    C1] Buffer I/O error on dev loop6, logical block 65535968, async page read
[  404.505260][ T1224] loop: Write error at byte offset 1, length 4096.
[  404.507272][    C3] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  404.521510][   T40] audit: type=1400 audit(404.402:63080): avc:  denied  { accept } for  pid=17459 comm="syz.4.3955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  404.556515][T17466] FAULT_INJECTION: forcing a failure.
[  404.556515][T17466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.565757][T17466] CPU: 1 UID: 0 PID: 17466 Comm: syz.2.3957 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  404.565779][T17466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.565789][T17466] Call Trace:
[  404.565795][T17466]  <TASK>
[  404.565801][T17466]  dump_stack_lvl+0x16c/0x1f0
[  404.565825][T17466]  should_fail_ex+0x512/0x640
[  404.565845][T17466]  _copy_from_user+0x2e/0xd0
[  404.565863][T17466]  mon_bin_ioctl+0xa31/0xcd0
[  404.565883][T17466]  ? hook_file_ioctl_common+0x145/0x410
[  404.565908][T17466]  ? __pfx_mon_bin_ioctl+0x10/0x10
[  404.565929][T17466]  ? selinux_file_ioctl+0x180/0x270
[  404.565950][T17466]  ? selinux_file_ioctl+0xb4/0x270
[  404.565971][T17466]  ? __pfx_mon_bin_ioctl+0x10/0x10
[  404.565994][T17466]  __x64_sys_ioctl+0x190/0x200
[  404.566019][T17466]  do_syscall_64+0xcd/0x260
[  404.566038][T17466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.566054][T17466] RIP: 0033:0x7f6813f8d169
[  404.566065][T17466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.566080][T17466] RSP: 002b:00007f6814eab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  404.566095][T17466] RAX: ffffffffffffffda RBX: 00007f68141a5fa0 RCX: 00007f6813f8d169
[  404.566106][T17466] RDX: 0000200000000180 RSI: 0000000040189206 RDI: 0000000000000004
[  404.566115][T17466] RBP: 00007f6814eab090 R08: 0000000000000000 R09: 0000000000000000
[  404.566124][T17466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.566132][T17466] R13: 0000000000000000 R14: 00007f68141a5fa0 R15: 00007ffd3e1d17d8
[  404.566153][T17466]  </TASK>
[  404.626583][T17469] bridge0: left allmulticast mode
[  404.632219][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.635318][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.638377][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.644238][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.647351][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.650362][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.653476][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.656571][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.659599][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.662666][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.665752][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.672259][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.675441][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.679725][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.692225][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.695355][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.698686][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.702352][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.705379][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.708526][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.716231][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.719951][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.723340][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.726400][T17478] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3962'.
[  404.728987][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.732191][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.735270][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.738334][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.741420][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.745021][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.748057][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.751111][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.754117][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.757253][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.761288][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.764499][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.767746][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.771309][T17480] FAULT_INJECTION: forcing a failure.
[  404.771309][T17480] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.775048][T17480] CPU: 2 UID: 0 PID: 17480 Comm: syz.2.3963 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  404.775061][T17480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.775068][T17480] Call Trace:
[  404.775072][T17480]  <TASK>
[  404.775077][T17480]  dump_stack_lvl+0x16c/0x1f0
[  404.775092][T17480]  should_fail_ex+0x512/0x640
[  404.775105][T17480]  _copy_from_user+0x2e/0xd0
[  404.775117][T17480]  do_sys_poll+0x1d5/0xe00
[  404.775133][T17480]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  404.775151][T17480]  ? kernel_text_address+0x8d/0x100
[  404.775178][T17480]  ? __kernel_text_address+0xd/0x40
[  404.775191][T17480]  ? __pfx_do_sys_poll+0x10/0x10
[  404.775218][T17480]  ? find_held_lock+0x2b/0x80
[  404.775255][T17480]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  404.775269][T17480]  ? set_user_sigmask+0x21b/0x2b0
[  404.775281][T17480]  ? __pfx_set_user_sigmask+0x10/0x10
[  404.775293][T17480]  ? __fget_files+0x20e/0x3c0
[  404.775305][T17480]  __x64_sys_ppoll+0x254/0x2d0
[  404.775315][T17480]  ? __pfx___x64_sys_ppoll+0x10/0x10
[  404.775324][T17480]  ? ksys_write+0x1b9/0x240
[  404.775333][T17480]  ? __pfx_ksys_write+0x10/0x10
[  404.775341][T17480]  ? rcu_is_watching+0x12/0xc0
[  404.775357][T17480]  do_syscall_64+0xcd/0x260
[  404.775370][T17480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.775381][T17480] RIP: 0033:0x7f6813f8d169
[  404.775389][T17480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.775399][T17480] RSP: 002b:00007f6814eab038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  404.775408][T17480] RAX: ffffffffffffffda RBX: 00007f68141a5fa0 RCX: 00007f6813f8d169
[  404.775414][T17480] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[  404.775420][T17480] RBP: 00007f6814eab090 R08: 0000000000000000 R09: 0000000000000000
[  404.775426][T17480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.775432][T17480] R13: 0000000000000000 R14: 00007f68141a5fa0 R15: 00007ffd3e1d17d8
[  404.775445][T17480]  </TASK>
[  404.775879][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.835869][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.838849][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.841982][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.845148][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.848163][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.851671][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.855503][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.859348][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.862419][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.865400][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.868379][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.871531][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.874508][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.877507][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.880487][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.883571][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.886636][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.889622][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.892680][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.896003][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.899027][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.901069][ T1460] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[  404.902108][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.907197][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.910150][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.913199][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.916427][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.919398][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.922479][T17468] bond0: peer notification delay (2507) is not a multiple of miimon (262148), value rounded to 0 ms
[  404.947082][T17484] ALSA: seq fatal error: cannot create timer (-22)
[  405.052587][ T1460] usb 10-1: Using ep0 maxpacket: 8
[  405.055894][ T1460] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  405.058227][ T1460] usb 10-1: config 0 has no interface number 0
[  405.060014][ T1460] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  405.064645][ T1460] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  405.067917][ T1460] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.073241][ T1460] usb 10-1: config 0 descriptor??
[  405.079957][ T1460] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  405.098796][T17501] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3971'.
[  405.196262][T17503] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3972'.
[  405.271178][ T5992] usb 7-1: new high-speed USB device number 41 using dummy_hcd
[  405.452345][ T5992] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  405.455457][ T5992] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  405.458161][ T5992] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  405.462033][ T5992] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  405.464633][ T5992] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.468490][ T5992] usb 7-1: config 0 descriptor??
[  405.551297][ T1474] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[  405.703432][ T1474] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  405.707422][ T1474] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  405.710872][ T1474] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  405.715686][ T1474] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  405.718918][ T1474] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.723801][ T1474] usb 9-1: config 0 descriptor??
[  405.877842][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.879909][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.882246][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.884234][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.886203][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.888158][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.890190][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.892501][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.894517][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.896533][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.898531][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.900561][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.902627][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.904703][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.906761][ T5992] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  405.909238][ T5992] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  405.914036][ T5992] plantronics 0003:047F:FFFF.000E: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  406.077844][ T5992] usb 7-1: USB disconnect, device number 41
[  406.092720][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  406.092734][   T40] audit: type=1400 audit(405.982:63083): avc:  denied  { append } for  pid=17513 comm="syz.0.3975" name="pfkey" dev="proc" ino=4026534584 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  406.145799][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.147964][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.150001][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.152394][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.154463][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.156474][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.158485][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.160536][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.162616][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.164646][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.166696][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.168729][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.170758][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.172865][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.174886][ T1474] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  406.177255][ T1474] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[  406.181819][ T1474] plantronics 0003:047F:FFFF.000F: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  406.345495][ T5992] usb 9-1: USB disconnect, device number 33
[  406.356782][ T1334] usb 10-1: USB disconnect, device number 30
[  406.886141][T17525] FAULT_INJECTION: forcing a failure.
[  406.886141][T17525] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  406.889852][T17525] CPU: 2 UID: 0 PID: 17525 Comm: syz.4.3979 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  406.889866][T17525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  406.889873][T17525] Call Trace:
[  406.889877][T17525]  <TASK>
[  406.889881][T17525]  dump_stack_lvl+0x16c/0x1f0
[  406.889897][T17525]  should_fail_ex+0x512/0x640
[  406.889910][T17525]  _copy_from_iter+0x2a4/0x15b0
[  406.889923][T17525]  ? __lock_acquire+0xaa4/0x1ba0
[  406.889933][T17525]  ? __pfx__copy_from_iter+0x10/0x10
[  406.889945][T17525]  ? _kstrtoull+0x145/0x200
[  406.889958][T17525]  ? __pfx__kstrtoull+0x10/0x10
[  406.889974][T17525]  tun_get_user+0x240/0x3b10
[  406.889990][T17525]  ? __lock_acquire+0x5ca/0x1ba0
[  406.890000][T17525]  ? __pfx_tun_get_user+0x10/0x10
[  406.890012][T17525]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  406.890026][T17525]  ? find_held_lock+0x2b/0x80
[  406.890039][T17525]  ? tun_get+0x191/0x370
[  406.890053][T17525]  tun_chr_write_iter+0xdc/0x210
[  406.890071][T17525]  vfs_write+0x5ba/0x1180
[  406.890081][T17525]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  406.890094][T17525]  ? __pfx_vfs_write+0x10/0x10
[  406.890102][T17525]  ? find_held_lock+0x2b/0x80
[  406.890123][T17525]  ksys_write+0x12a/0x240
[  406.890132][T17525]  ? __pfx_ksys_write+0x10/0x10
[  406.890140][T17525]  ? rcu_is_watching+0x12/0xc0
[  406.890156][T17525]  do_syscall_64+0xcd/0x260
[  406.890169][T17525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.890180][T17525] RIP: 0033:0x7f9235f8d169
[  406.890188][T17525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.890198][T17525] RSP: 002b:00007f9236e29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  406.890208][T17525] RAX: ffffffffffffffda RBX: 00007f92361a5fa0 RCX: 00007f9235f8d169
[  406.890214][T17525] RDX: 000000000000fdef RSI: 0000200000000240 RDI: 0000000000000003
[  406.890220][T17525] RBP: 00007f9236e29090 R08: 0000000000000000 R09: 0000000000000000
[  406.890226][T17525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.890232][T17525] R13: 0000000000000000 R14: 00007f92361a5fa0 R15: 00007ffe9dd7da08
[  406.890244][T17525]  </TASK>
[  406.975969][T17530] lo: left promiscuous mode
[  406.977863][T17528] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  406.978755][T17530] tunl0: left allmulticast mode
[  406.981944][T17530] gre0: left allmulticast mode
[  406.984775][T17530] gretap0: left allmulticast mode
[  406.987056][T17530] erspan0: left allmulticast mode
[  406.989465][T17530] ip_vti0: left allmulticast mode
[  406.991622][T17530] ip6_vti0: left allmulticast mode
[  406.993747][T17530] sit0: left allmulticast mode
[  406.997383][T17530] ip6tnl0: left allmulticast mode
[  406.999579][T17530] ip6gre0: left allmulticast mode
[  407.003925][T17530] syz_tun: left allmulticast mode
[  407.006190][T17530] ip6gretap0: left allmulticast mode
[  407.009240][T17530] vcan0: left allmulticast mode
[  407.011836][T17530] bond0: left allmulticast mode
[  407.014663][T17530] 8021q: adding VLAN 0 to HW filter on device bond0
[  407.016974][T17530] team0: left allmulticast mode
[  407.018698][T17530] 8021q: adding VLAN 0 to HW filter on device team0
[  407.021450][T17530] dummy0: left allmulticast mode
[  407.023723][T17530] nlmon0: left allmulticast mode
[  407.025674][T17530] batadv0: left allmulticast mode
[  407.026554][T17532] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17532 comm=syz.0.3982
[  407.027877][T17530] 8021q: adding VLAN 0 to HW filter on device batadv0
[  407.033862][T17530] vxcan0: left allmulticast mode
[  407.035813][T17530] vxcan1: left allmulticast mode
[  407.037664][T17530] veth0: left allmulticast mode
[  407.039607][T17530] veth1: left allmulticast mode
[  407.042501][T17530] wg0: left allmulticast mode
[  407.045633][T17530] wg1: left allmulticast mode
[  407.048360][T17530] wg2: left allmulticast mode
[  407.050295][T17530] veth0_to_bridge: left allmulticast mode
[  407.053632][T17530] veth1_to_bridge: left allmulticast mode
[  407.056447][T17530] veth0_to_bond: left allmulticast mode
[  407.058523][T17530] bond_slave_0: left allmulticast mode
[  407.060518][T17530] veth1_to_bond: left allmulticast mode
[  407.063231][T17530] bond_slave_1: left allmulticast mode
[  407.065050][   T12] 
[  407.065191][T17530] veth0_to_team: left allmulticast mode
[  407.065885][   T12] =============================
[  407.065911][   T12] WARNING: suspicious RCU usage
[  407.065915][   T12] 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 Not tainted
[  407.068058][T17530] team_slave_0: left allmulticast mode
[  407.068844][   T12] -----------------------------
[  407.070622][T17530] veth1_to_team: left allmulticast mode
[  407.072813][   T12] net/sched/sch_generic.c:1251 suspicious rcu_dereference_protected() usage!
[  407.072824][   T12] 
[  407.072824][   T12] other info that might help us debug this:
[  407.072824][   T12] 
[  407.072828][   T12] 
[  407.072828][   T12] rcu_scheduler_active = 2, debug_locks = 1
[  407.072835][   T12] 3 locks held by kworker/u32:0/12:
[  407.072841][   T12]  #0: ffff8880361f0948 ((wq_completion)bond0#9){+.+.}-{0:0}
[  407.077864][T17530] team_slave_1: left allmulticast mode
[  407.078634][   T12] , at: process_one_work+0x12a2/0x1b70
[  407.091674][T17530] veth0_to_batadv: left allmulticast mode
[  407.092385][T17530] batadv_slave_0: left allmulticast mode
[  407.093511][   T12]  #1: 
[  407.096063][T17530] batman_adv: batadv0: Interface activated: batadv_slave_0
[  407.096767][   T12] ffffc900000f7d18 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  407.096800][   T12]  #2: ffffffff8e3c15c0 (rcu_read_lock
[  407.098228][T17530] veth1_to_batadv: left allmulticast mode
[  407.099856][   T12] ){....}-{1:3}, at: bond_mii_monitor+0x134/0x2dc0
[  407.099875][   T12] 
[  407.099875][   T12] stack backtrace:
[  407.099882][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  407.099895][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.099902][   T12] Workqueue: bond0 bond_mii_monitor
[  407.099913][   T12] Call Trace:
[  407.099917][   T12]  <TASK>
[  407.099921][   T12]  dump_stack_lvl+0x16c/0x1f0
[  407.099935][   T12]  lockdep_rcu_suspicious+0x166/0x260
[  407.099953][   T12]  dev_activate+0x45c/0x12d0
[  407.099964][   T12]  ? ethtool_op_get_link+0x1d/0x70
[  407.099976][   T12]  ? bond_check_dev_link+0x196/0x480
[  407.099990][   T12]  ? bond_mii_monitor+0x3c0/0x2dc0
[  407.099999][   T12]  ? process_one_work+0x9cc/0x1b70
[  407.100010][   T12]  ? worker_thread+0x6c8/0xf10
[  407.100020][   T12]  ? kthread+0x3c2/0x780
[  407.100029][   T12]  ? ret_from_fork+0x45/0x80
[  407.100041][   T12]  ? __pfx_dev_activate+0x10/0x10
[  407.100052][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.100068][   T12]  linkwatch_do_dev+0x13d/0x160
[  407.100083][   T12]  linkwatch_sync_dev+0x181/0x210
[  407.100099][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  407.100110][   T12]  ethtool_op_get_link+0x1d/0x70
[  407.100123][   T12]  bond_check_dev_link+0x196/0x480
[  407.100138][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  407.100158][   T12]  bond_mii_monitor+0x3c0/0x2dc0
[  407.100172][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  407.100185][   T12]  ? preempt_schedule_thunk+0x16/0x30
[  407.100203][   T12]  process_one_work+0x9cc/0x1b70
[  407.100220][   T12]  ? __pfx_process_one_work+0x10/0x10
[  407.100234][   T12]  ? assign_work+0x1a0/0x250
[  407.100247][   T12]  worker_thread+0x6c8/0xf10
[  407.100263][   T12]  ? __pfx_worker_thread+0x10/0x10
[  407.100275][   T12]  kthread+0x3c2/0x780
[  407.100285][   T12]  ? __pfx_kthread+0x10/0x10
[  407.100294][   T12]  ? __pfx_kthread+0x10/0x10
[  407.100303][   T12]  ? __pfx_kthread+0x10/0x10
[  407.100312][   T12]  ? __pfx_kthread+0x10/0x10
[  407.100322][   T12]  ? rcu_is_watching+0x12/0xc0
[  407.100334][   T12]  ? __pfx_kthread+0x10/0x10
[  407.100345][   T12]  ret_from_fork+0x45/0x80
[  407.100354][   T12]  ? __pfx_kthread+0x10/0x10
[  407.100364][   T12]  ret_from_fork_asm+0x1a/0x30
[  407.100385][   T12]  </TASK>
[  407.100424][   T12] 
[  407.106973][T17530] batadv_slave_1: left allmulticast mode
[  407.107363][   T12] =============================
[  407.107368][   T12] WARNING: suspicious RCU usage
[  407.107372][   T12] 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 Not tainted
[  407.110359][T17530] batman_adv: batadv0: Interface activated: batadv_slave_1
[  407.111499][   T12] -----------------------------
[  407.111505][   T12] net/sched/sch_generic.c:1229 suspicious rcu_dereference_protected() usage!
[  407.121831][T17530] xfrm0: left allmulticast mode
[  407.122085][   T12] 
[  407.122085][   T12] other info that might help us debug this:
[  407.122085][   T12] 
[  407.122091][   T12] 
[  407.122091][   T12] rcu_scheduler_active = 2, debug_locks = 1
[  407.125045][T17530] veth0_to_hsr: left allmulticast mode
[  407.125240][   T12] 3 locks held by kworker/u32:0/12:
[  407.125249][   T12]  #0: 
[  407.128584][T17530] veth1_to_hsr: left allmulticast mode
[  407.129842][   T12] ffff8880361f0948 ((wq_completion)bond0
[  407.137242][T17530] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  407.137335][   T12] #9){+.+.}-{0:0}
[  407.139200][T17530] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  407.140692][   T12] , at: process_one_work+0x12a2/0x1b70
[  407.143008][T17530] hsr0: left allmulticast mode
[  407.144363][   T12]  #1: ffffc900000f7d18 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}
[  407.146336][T17530] hsr_slave_0: left allmulticast mode
[  407.147779][   T12] , at: process_one_work+0x929/0x1b70
[  407.149656][T17530] hsr_slave_1: left allmulticast mode
[  407.151724][   T12]  #2: ffffffff8e3c15c0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x134/0x2dc0
[  407.151776][   T12] 
[  407.151776][   T12] stack backtrace:
[  407.151786][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  407.151807][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.151819][   T12] Workqueue: bond0 bond_mii_monitor
[  407.151835][   T12] Call Trace:
[  407.151841][   T12]  <TASK>
[  407.151848][   T12]  dump_stack_lvl+0x16c/0x1f0
[  407.151869][   T12]  lockdep_rcu_suspicious+0x166/0x260
[  407.151899][   T12]  transition_one_qdisc+0x1d4/0x210
[  407.151924][   T12]  dev_activate+0x216/0x12d0
[  407.151942][   T12]  ? worker_thread+0x6c8/0xf10
[  407.151958][   T12]  ? kthread+0x3c2/0x780
[  407.151973][   T12]  ? ret_from_fork+0x45/0x80
[  407.151991][   T12]  ? __pfx_dev_activate+0x10/0x10
[  407.152009][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.152033][   T12]  linkwatch_do_dev+0x13d/0x160
[  407.152055][   T12]  linkwatch_sync_dev+0x181/0x210
[  407.152078][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  407.152098][   T12]  ethtool_op_get_link+0x1d/0x70
[  407.152117][   T12]  bond_check_dev_link+0x196/0x480
[  407.152142][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  407.152177][   T12]  bond_mii_monitor+0x3c0/0x2dc0
[  407.152210][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  407.152232][   T12]  ? preempt_schedule_thunk+0x16/0x30
[  407.152256][   T12]  process_one_work+0x9cc/0x1b70
[  407.152284][   T12]  ? __pfx_process_one_work+0x10/0x10
[  407.152309][   T12]  ? assign_work+0x1a0/0x250
[  407.152330][   T12]  worker_thread+0x6c8/0xf10
[  407.152361][   T12]  ? __pfx_worker_thread+0x10/0x10
[  407.152379][   T12]  kthread+0x3c2/0x780
[  407.152396][   T12]  ? __pfx_kthread+0x10/0x10
[  407.152412][   T12]  ? __pfx_kthread+0x10/0x10
[  407.152427][   T12]  ? __pfx_kthread+0x10/0x10
[  407.152442][   T12]  ? __pfx_kthread+0x10/0x10
[  407.152458][   T12]  ? rcu_is_watching+0x12/0xc0
[  407.152478][   T12]  ? __pfx_kthread+0x10/0x10
[  407.152497][   T12]  ret_from_fork+0x45/0x80
[  407.152513][   T12]  ? __pfx_kthread+0x10/0x10
[  407.152530][   T12]  ret_from_fork_asm+0x1a/0x30
[  407.152567][   T12]  </TASK>
[  407.152582][   T12] 
[  407.159637][T17530] veth1_virt_wifi: left allmulticast mode
[  407.159865][   T12] =============================
[  407.159871][   T12] WARNING: suspicious RCU usage
[  407.162820][T17530] veth0_virt_wifi: left allmulticast mode
[  407.163746][   T12] 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 Not tainted
[  407.166509][T17530] net veth1_virt_wifi virt_wifi0: left allmulticast mode
[  407.167263][   T12] -----------------------------
[  407.170524][T17530] veth1_vlan: left promiscuous mode
[  407.170759][   T12] ./include/linux/rtnetlink.h:163 suspicious rcu_dereference_protected() usage!
[  407.175598][T17530] veth1_vlan: left allmulticast mode
[  407.175964][   T12] 
[  407.175964][   T12] other info that might help us debug this:
[  407.175964][   T12] 
[  407.177752][T17530] veth0_vlan: left promiscuous mode
[  407.179064][   T12] 
[  407.179064][   T12] rcu_scheduler_active = 2, debug_locks = 1
[  407.180445][   T40] audit: type=1400 audit(407.062:63084): avc:  denied  { map } for  pid=17527 comm="syz.5.3981" path="/538/file0/file0" dev="tmpfs" ino=2934 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  407.181548][T17530] veth0_vlan: entered promiscuous mode
[  407.182212][   T12] 3 locks held by kworker/u32:0/12:
[  407.182931][T17530] vlan0: left allmulticast mode
[  407.183172][T17530] vlan1: left allmulticast mode
[  407.183388][T17530] veth1_vlan: entered promiscuous mode
[  407.183396][T17530] veth1_vlan: entered allmulticast mode
[  407.183409][T17530] macvlan0: left allmulticast mode
[  407.183417][T17530] veth1_vlan: left allmulticast mode
[  407.185260][   T12]  #0: ffff8880361f0948 ((wq_completion)bond0#9){+.+.}-{0:0}
[  407.186862][T17530] veth1_vlan: entered allmulticast mode
[  407.187206][   T12] , at: process_one_work+0x12a2/0x1b70
[  407.187231][   T12]  #1: ffffc900000f7d18 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}
[  407.188902][T17530] macvlan1: left allmulticast mode
[  407.190635][   T12] , at: process_one_work+0x929/0x1b70
[  407.190657][   T12]  #2: ffffffff8e3c15c0 (rcu_read_lock){....}-{1:3}
[  407.192647][T17530] veth1_vlan: left allmulticast mode
[  407.194904][   T12] , at: bond_mii_monitor+0x134/0x2dc0
[  407.198681][T17530] ipvlan0: left allmulticast mode
[  407.198778][   T12] 
[  407.198778][   T12] stack backtrace:
[  407.202033][T17530] ipvlan1: left allmulticast mode
[  407.203156][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  407.203176][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.203185][   T12] Workqueue: bond0 bond_mii_monitor
[  407.203203][   T12] Call Trace:
[  407.203208][   T12]  <TASK>
[  407.203213][   T12]  dump_stack_lvl+0x16c/0x1f0
[  407.203232][   T12]  lockdep_rcu_suspicious+0x166/0x260
[  407.203262][   T12]  dev_activate+0x7f8/0x12d0
[  407.203282][   T12]  ? worker_thread+0x6c8/0xf10
[  407.203300][   T12]  ? kthread+0x3c2/0x780
[  407.203315][   T12]  ? ret_from_fork+0x45/0x80
[  407.203334][   T12]  ? __pfx_dev_activate+0x10/0x10
[  407.203353][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.203378][   T12]  linkwatch_do_dev+0x13d/0x160
[  407.203403][   T12]  linkwatch_sync_dev+0x181/0x210
[  407.203429][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  407.203450][   T12]  ethtool_op_get_link+0x1d/0x70
[  407.203471][   T12]  bond_check_dev_link+0x196/0x480
[  407.203497][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  407.203534][   T12]  bond_mii_monitor+0x3c0/0x2dc0
[  407.203560][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  407.203583][   T12]  ? preempt_schedule_thunk+0x16/0x30
[  407.203608][   T12]  process_one_work+0x9cc/0x1b70
[  407.203637][   T12]  ? __pfx_process_one_work+0x10/0x10
[  407.203665][   T12]  ? assign_work+0x1a0/0x250
[  407.203686][   T12]  worker_thread+0x6c8/0xf10
[  407.203717][   T12]  ? __pfx_worker_thread+0x10/0x10
[  407.203737][   T12]  kthread+0x3c2/0x780
[  407.203755][   T12]  ? __pfx_kthread+0x10/0x10
[  407.203772][   T12]  ? __pfx_kthread+0x10/0x10
[  407.203788][   T12]  ? __pfx_kthread+0x10/0x10
[  407.203805][   T12]  ? __pfx_kthread+0x10/0x10
[  407.203821][   T12]  ? rcu_is_watching+0x12/0xc0
[  407.203843][   T12]  ? __pfx_kthread+0x10/0x10
[  407.203861][   T12]  ret_from_fork+0x45/0x80
[  407.203878][   T12]  ? __pfx_kthread+0x10/0x10
[  407.203895][   T12]  ret_from_fork_asm+0x1a/0x30
[  407.203933][   T12]  </TASK>
[  407.203949][   T12] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1523
[  407.206003][T17530] veth0_vlan: left allmulticast mode
[  407.209055][   T12] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 12, name: kworker/u32:0
[  407.212179][T17530] veth1_macvtap: left promiscuous mode
[  407.212651][   T12] preempt_count: 0, expected: 0
[  407.213337][T17530] veth1_macvtap: left allmulticast mode
[  407.215377][   T12] RCU nest depth: 1, expected: 0
[  407.217424][T17530] veth0_macvtap: left promiscuous mode
[  407.220545][   T12] 3 locks held by kworker/u32:0/12:
[  407.221707][T17530] veth0_macvtap: left allmulticast mode
[  407.225320][   T12]  #0: 
[  407.227559][T17530] veth0_macvtap: entered promiscuous mode
[  407.228593][   T12] ffff8880361f0948
[  407.231098][T17530] veth0_macvtap: entered allmulticast mode
[  407.232999][   T12]  (
[  407.234417][T17530] macvtap0: left allmulticast mode
[  407.236295][   T12] (wq_completion)bond0
[  407.238816][T17530] veth0_macvtap: left allmulticast mode
[  407.240886][   T12] #9
[  407.245593][T17530] veth1_macvtap: entered promiscuous mode
[  407.247805][   T12] ){+.+.}-{0:0}
[  407.249312][T17530] veth1_macvtap: entered allmulticast mode
[  407.250381][   T12] , at: process_one_work+0x12a2/0x1b70
[  407.251335][T17530] macsec0: left allmulticast mode
[  407.254772][   T12]  #1: 
[  407.256015][T17530] veth1_macvtap: left allmulticast mode
[  407.257677][   T12] ffffc900000f7d18
[  407.259837][T17530] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  407.260543][   T12]  ((work_completion)(&(&bond->mii_work)->work)
[  407.262543][T17530] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  407.263873][   T12] ){+.+.}-{0:0}
[  407.265569][T17530] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  407.267318][   T12] , at: process_one_work+0x929/0x1b70
[  407.268757][T17530] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  407.270747][   T12]  #2: 
[  407.274460][T17530] geneve1: left allmulticast mode
[  407.276031][   T12] ffffffff8e3c15c0
[  407.278312][T17530] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[  407.279298][   T12]  (
[  407.281523][T17530] netdevsim netdevsim0 netdevsim1: left allmulticast mode
[  407.282257][   T12] rcu_read_lock
[  407.284096][T17530] netdevsim netdevsim0 netdevsim2: left allmulticast mode
[  407.284967][   T12] ){....}-{1:3}
[  407.286594][T17530] netdevsim netdevsim0 netdevsim3: left allmulticast mode
[  407.287587][   T12] , at: bond_mii_monitor+0x134/0x2dc0
[  407.289209][T17530] mac80211_hwsim hwsim17 wlan0: left allmulticast mode
[  407.289949][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  407.289963][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.289970][   T12] Workqueue: bond0 bond_mii_monitor
[  407.289982][   T12] Call Trace:
[  407.289986][   T12]  <TASK>
[  407.289991][   T12]  dump_stack_lvl+0x16c/0x1f0
[  407.290004][   T12]  __might_resched+0x3c0/0x5e0
[  407.290020][   T12]  ? __pfx___might_resched+0x10/0x10
[  407.290037][   T12]  down_read+0x74/0x480
[  407.290050][   T12]  ? __pfx_down_read+0x10/0x10
[  407.290064][   T12]  ? dev_map_notification+0x6a/0xb00
[  407.290080][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.290094][   T12]  wireless_nlevent_flush+0x1b/0x100
[  407.290107][   T12]  wext_netdev_notifier_call+0xe/0x20
[  407.290118][   T12]  notifier_call_chain+0xb9/0x410
[  407.290133][   T12]  ? __pfx_wext_netdev_notifier_call+0x10/0x10
[  407.290147][   T12]  call_netdevice_notifiers_info+0xbe/0x140
[  407.290164][   T12]  netdev_state_change+0x113/0x150
[  407.290178][   T12]  ? __pfx_netdev_state_change+0x10/0x10
[  407.290194][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.290207][   T12]  linkwatch_do_dev+0x12b/0x160
[  407.290223][   T12]  linkwatch_sync_dev+0x181/0x210
[  407.290238][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  407.290251][   T12]  ethtool_op_get_link+0x1d/0x70
[  407.290264][   T12]  bond_check_dev_link+0x196/0x480
[  407.290279][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  407.290301][   T12]  bond_mii_monitor+0x3c0/0x2dc0
[  407.290316][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  407.290328][   T12]  ? preempt_schedule_thunk+0x16/0x30
[  407.290343][   T12]  process_one_work+0x9cc/0x1b70
[  407.290360][   T12]  ? __pfx_process_one_work+0x10/0x10
[  407.290375][   T12]  ? assign_work+0x1a0/0x250
[  407.290388][   T12]  worker_thread+0x6c8/0xf10
[  407.290405][   T12]  ? __pfx_worker_thread+0x10/0x10
[  407.290417][   T12]  kthread+0x3c2/0x780
[  407.290428][   T12]  ? __pfx_kthread+0x10/0x10
[  407.290437][   T12]  ? __pfx_kthread+0x10/0x10
[  407.290446][   T12]  ? __pfx_kthread+0x10/0x10
[  407.290455][   T12]  ? __pfx_kthread+0x10/0x10
[  407.290465][   T12]  ? rcu_is_watching+0x12/0xc0
[  407.290478][   T12]  ? __pfx_kthread+0x10/0x10
[  407.290489][   T12]  ret_from_fork+0x45/0x80
[  407.290500][   T12]  ? __pfx_kthread+0x10/0x10
[  407.290510][   T12]  ret_from_fork_asm+0x1a/0x30
[  407.290532][   T12]  </TASK>
[  407.290536][   T12] 
[  407.291629][T17530] net_ratelimit: 5 callbacks suppressed
[  407.291637][T17530] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  407.292524][   T12] =============================
[  407.292529][   T12] [ BUG: Invalid wait context ]
[  407.299165][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.300261][   T12] 6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 Tainted: G        W          
[  407.300269][   T12] -----------------------------
[  407.300272][   T12] kworker/u32:0/12 is trying to lock:
[  407.300278][   T12] ffffffff90114510 (net_rwsem){++++}-{4:4}, at: wireless_nlevent_flush+0x1b/0x100
[  407.300305][   T12] other info that might help us debug this:
[  407.300309][   T12] context-{5:5}
[  407.300313][   T12] 3 locks held by kworker/u32:0/12:
[  407.300319][   T12]  #0: ffff8880361f0948 ((wq_completion)bond0#9
[  407.301522][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  407.302139][   T12] ){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  407.305216][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.305463][   T12]  #1: ffffc900000f7d18 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  407.305493][   T12]  #2: ffffffff8e3c15c0
[  407.307282][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  407.308756][   T12]  (rcu_read_lock){....}-{1:3}
[  407.382039][T17538] lo speed is unknown, defaulting to 1000
[  407.382103][   T12] , at: bond_mii_monitor+0x134/0x2dc0
[  407.585814][   T12] stack backtrace:
[  407.586866][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u32:0 Tainted: G        W           6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  407.586882][   T12] Tainted: [W]=WARN
[  407.586886][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.586894][   T12] Workqueue: bond0 bond_mii_monitor
[  407.586908][   T12] Call Trace:
[  407.586914][   T12]  <TASK>
[  407.586918][   T12]  dump_stack_lvl+0x116/0x1f0
[  407.586934][   T12]  __lock_acquire+0x3ff/0x1ba0
[  407.586945][   T12]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  407.586958][   T12]  lock_acquire+0x179/0x350
[  407.586966][   T12]  ? wireless_nlevent_flush+0x1b/0x100
[  407.586978][   T12]  ? __pfx___might_resched+0x10/0x10
[  407.586994][   T12]  down_read+0x9b/0x480
[  407.587006][   T12]  ? wireless_nlevent_flush+0x1b/0x100
[  407.587017][   T12]  ? __pfx_down_read+0x10/0x10
[  407.587030][   T12]  ? dev_map_notification+0x6a/0xb00
[  407.587045][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.587056][   T12]  wireless_nlevent_flush+0x1b/0x100
[  407.587068][   T12]  wext_netdev_notifier_call+0xe/0x20
[  407.587079][   T12]  notifier_call_chain+0xb9/0x410
[  407.587093][   T12]  ? __pfx_wext_netdev_notifier_call+0x10/0x10
[  407.587106][   T12]  call_netdevice_notifiers_info+0xbe/0x140
[  407.587121][   T12]  netdev_state_change+0x113/0x150
[  407.587149][   T12]  ? __pfx_netdev_state_change+0x10/0x10
[  407.587164][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.587175][   T12]  linkwatch_do_dev+0x12b/0x160
[  407.587190][   T12]  linkwatch_sync_dev+0x181/0x210
[  407.587204][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  407.587217][   T12]  ethtool_op_get_link+0x1d/0x70
[  407.587229][   T12]  bond_check_dev_link+0x196/0x480
[  407.587244][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  407.587261][   T12]  bond_mii_monitor+0x3c0/0x2dc0
[  407.587272][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  407.587283][   T12]  ? preempt_schedule_thunk+0x16/0x30
[  407.587294][   T12]  process_one_work+0x9cc/0x1b70
[  407.587308][   T12]  ? __pfx_process_one_work+0x10/0x10
[  407.587320][   T12]  ? assign_work+0x1a0/0x250
[  407.587331][   T12]  worker_thread+0x6c8/0xf10
[  407.587344][   T12]  ? __pfx_worker_thread+0x10/0x10
[  407.587355][   T12]  kthread+0x3c2/0x780
[  407.587365][   T12]  ? __pfx_kthread+0x10/0x10
[  407.587374][   T12]  ? __pfx_kthread+0x10/0x10
[  407.587383][   T12]  ? __pfx_kthread+0x10/0x10
[  407.587392][   T12]  ? __pfx_kthread+0x10/0x10
[  407.587401][   T12]  ? rcu_is_watching+0x12/0xc0
[  407.587413][   T12]  ? __pfx_kthread+0x10/0x10
[  407.587423][   T12]  ret_from_fork+0x45/0x80
[  407.587433][   T12]  ? __pfx_kthread+0x10/0x10
[  407.587443][   T12]  ret_from_fork_asm+0x1a/0x30
[  407.587460][   T12]  </TASK>
[  407.659187][   T12] ------------[ cut here ]------------
[  407.660670][   T12] RTNL: assertion failed at net/ipv4/devinet.c (1587)
[  407.662947][   T12] WARNING: CPU: 1 PID: 12 at net/ipv4/devinet.c:1587 inetdev_event+0xc49/0x18a0
[  407.665333][   T12] Modules linked in:
[  407.666394][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u32:0 Tainted: G        W           6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  407.669819][   T12] Tainted: [W]=WARN
[  407.670855][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.673733][   T12] Workqueue: bond0 bond_mii_monitor
[  407.675123][   T12] RIP: 0010:inetdev_event+0xc49/0x18a0
[  407.676587][   T12] Code: c4 f4 ff ff e8 08 e4 ce f7 c6 05 8d 34 82 06 01 90 ba 33 06 00 00 48 c7 c6 a0 a7 cd 8c 48 c7 c7 e0 a7 cd 8c e8 38 72 8e f7 90 <0f> 0b 90 90 e9 95 f4 ff ff e8 d9 e3 ce f7 4c 89 ef e8 61 d6 ff ff
[  407.681660][   T12] RSP: 0018:ffffc900000f77c8 EFLAGS: 00010286
[  407.683312][   T12] RAX: 0000000000000000 RBX: ffff888043c87400 RCX: ffffffff817ad048
[  407.685398][   T12] RDX: ffff88801cae4880 RSI: ffffffff817ad055 RDI: 0000000000000001
[  407.687496][   T12] RBP: 1ffff9200001eeff R08: 0000000000000001 R09: 0000000000000000
[  407.689591][   T12] R10: 0000000000000001 R11: 7361203a4c4e5452 R12: 0000000000000004
[  407.691745][   T12] R13: ffff8880272d8000 R14: 0000000000000000 R15: ffff8880272d8418
[  407.693832][   T12] FS:  0000000000000000(0000) GS:ffff8880d6abb000(0000) knlGS:0000000000000000
[  407.696179][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  407.697916][   T12] CR2: 00007fc85f3a2d58 CR3: 0000000031ef2000 CR4: 0000000000352ef0
[  407.700071][   T12] Call Trace:
[  407.701031][   T12]  <TASK>
[  407.701856][   T12]  ? ib_netdevice_event+0xfc/0x330
[  407.703223][   T12]  ? __pfx_inetdev_event+0x10/0x10
[  407.704602][   T12]  ? cfg802154_netdev_notifier_call+0x391/0xa00
[  407.706273][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.707856][   T12]  notifier_call_chain+0xb9/0x410
[  407.709213][   T12]  ? __pfx_inetdev_event+0x10/0x10
[  407.710582][   T12]  call_netdevice_notifiers_info+0xbe/0x140
[  407.712605][   T12]  netdev_state_change+0x113/0x150
[  407.714000][   T12]  ? __pfx_netdev_state_change+0x10/0x10
[  407.715530][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.717045][   T12]  linkwatch_do_dev+0x12b/0x160
[  407.718363][   T12]  linkwatch_sync_dev+0x181/0x210
[  407.719845][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  407.721452][   T12]  ethtool_op_get_link+0x1d/0x70
[  407.722830][   T12]  bond_check_dev_link+0x196/0x480
[  407.724201][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  407.725702][   T12]  bond_mii_monitor+0x3c0/0x2dc0
[  407.727018][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  407.728457][   T12]  ? preempt_schedule_thunk+0x16/0x30
[  407.729869][   T12]  process_one_work+0x9cc/0x1b70
[  407.731268][   T12]  ? __pfx_process_one_work+0x10/0x10
[  407.732691][   T12]  ? assign_work+0x1a0/0x250
[  407.733921][   T12]  worker_thread+0x6c8/0xf10
[  407.735177][   T12]  ? __pfx_worker_thread+0x10/0x10
[  407.736655][   T12]  kthread+0x3c2/0x780
[  407.737766][   T12]  ? __pfx_kthread+0x10/0x10
[  407.739014][   T12]  ? __pfx_kthread+0x10/0x10
[  407.740287][   T12]  ? __pfx_kthread+0x10/0x10
[  407.741584][   T12]  ? __pfx_kthread+0x10/0x10
[  407.742826][   T12]  ? rcu_is_watching+0x12/0xc0
[  407.744134][   T12]  ? __pfx_kthread+0x10/0x10
[  407.745366][   T12]  ret_from_fork+0x45/0x80
[  407.746580][   T12]  ? __pfx_kthread+0x10/0x10
[  407.747842][   T12]  ret_from_fork_asm+0x1a/0x30
[  407.749136][   T12]  </TASK>
[  407.749976][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  407.751927][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u32:0 Tainted: G        W           6.14.0-syzkaller-12456-gacc4d5ff0b61 #0 PREEMPT(full) 
[  407.755337][   T12] Tainted: [W]=WARN
[  407.756382][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.759190][   T12] Workqueue: bond0 bond_mii_monitor
[  407.760742][   T12] Call Trace:
[  407.761663][   T12]  <TASK>
[  407.762464][   T12]  dump_stack_lvl+0x3d/0x1f0
[  407.763703][   T12]  panic+0x71c/0x800
[  407.764750][   T12]  ? __pfx_panic+0x10/0x10
[  407.765963][   T12]  ? show_trace_log_lvl+0x29b/0x3e0
[  407.767367][   T12]  ? check_panic_on_warn+0x1f/0xb0
[  407.768733][   T12]  ? inetdev_event+0xc49/0x18a0
[  407.770041][   T12]  check_panic_on_warn+0xab/0xb0
[  407.771429][   T12]  __warn+0xf6/0x3c0
[  407.772636][   T12]  ? inetdev_event+0xc49/0x18a0
[  407.774399][   T12]  report_bug+0x3c3/0x580
[  407.775729][   T12]  ? inetdev_event+0xc49/0x18a0
[  407.777032][   T12]  handle_bug+0x184/0x210
[  407.778207][   T12]  exc_invalid_op+0x17/0x50
[  407.779453][   T12]  asm_exc_invalid_op+0x1a/0x20
[  407.780770][   T12] RIP: 0010:inetdev_event+0xc49/0x18a0
[  407.782234][   T12] Code: c4 f4 ff ff e8 08 e4 ce f7 c6 05 8d 34 82 06 01 90 ba 33 06 00 00 48 c7 c6 a0 a7 cd 8c 48 c7 c7 e0 a7 cd 8c e8 38 72 8e f7 90 <0f> 0b 90 90 e9 95 f4 ff ff e8 d9 e3 ce f7 4c 89 ef e8 61 d6 ff ff
[  407.787356][   T12] RSP: 0018:ffffc900000f77c8 EFLAGS: 00010286
[  407.789004][   T12] RAX: 0000000000000000 RBX: ffff888043c87400 RCX: ffffffff817ad048
[  407.791657][   T12] RDX: ffff88801cae4880 RSI: ffffffff817ad055 RDI: 0000000000000001
[  407.794168][   T12] RBP: 1ffff9200001eeff R08: 0000000000000001 R09: 0000000000000000
[  407.796294][   T12] R10: 0000000000000001 R11: 7361203a4c4e5452 R12: 0000000000000004
[  407.798420][   T12] R13: ffff8880272d8000 R14: 0000000000000000 R15: ffff8880272d8418
[  407.800555][   T12]  ? __warn_printk+0x198/0x350
[  407.801872][   T12]  ? __warn_printk+0x1a5/0x350
[  407.803195][   T12]  ? inetdev_event+0xc48/0x18a0
[  407.804548][   T12]  ? ib_netdevice_event+0xfc/0x330
[  407.805953][   T12]  ? __pfx_inetdev_event+0x10/0x10
[  407.807366][   T12]  ? cfg802154_netdev_notifier_call+0x391/0xa00
[  407.809059][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.810684][   T12]  notifier_call_chain+0xb9/0x410
[  407.812101][   T12]  ? __pfx_inetdev_event+0x10/0x10
[  407.813502][   T12]  call_netdevice_notifiers_info+0xbe/0x140
[  407.815129][   T12]  netdev_state_change+0x113/0x150
[  407.816560][   T12]  ? __pfx_netdev_state_change+0x10/0x10
[  407.818046][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.819657][   T12]  linkwatch_do_dev+0x12b/0x160
[  407.821017][   T12]  linkwatch_sync_dev+0x181/0x210
[  407.822412][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  407.823964][   T12]  ethtool_op_get_link+0x1d/0x70
[  407.825323][   T12]  bond_check_dev_link+0x196/0x480
[  407.826724][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  407.828274][   T12]  bond_mii_monitor+0x3c0/0x2dc0
[  407.829632][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  407.831083][   T12]  ? preempt_schedule_thunk+0x16/0x30
[  407.832579][   T12]  process_one_work+0x9cc/0x1b70
[  407.833957][   T12]  ? __pfx_process_one_work+0x10/0x10
[  407.835455][   T12]  ? assign_work+0x1a0/0x250
[  407.836728][   T12]  worker_thread+0x6c8/0xf10
[  407.838019][   T12]  ? __pfx_worker_thread+0x10/0x10
[  407.839432][   T12]  kthread+0x3c2/0x780
[  407.840568][   T12]  ? __pfx_kthread+0x10/0x10
[  407.841844][   T12]  ? __pfx_kthread+0x10/0x10
[  407.843081][   T12]  ? __pfx_kthread+0x10/0x10
[  407.844354][   T12]  ? __pfx_kthread+0x10/0x10
[  407.845620][   T12]  ? rcu_is_watching+0x12/0xc0
[  407.846943][   T12]  ? __pfx_kthread+0x10/0x10
[  407.848213][   T12]  ret_from_fork+0x45/0x80
[  407.849438][   T12]  ? __pfx_kthread+0x10/0x10
[  407.850701][   T12]  ret_from_fork_asm+0x1a/0x30
[  407.852066][   T12]  </TASK>
[  407.853484][   T12] Kernel Offset: disabled
[  407.854685][   T12] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:38:00  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000025 RCX=ffffffff819b1fe2 RDX=ffff8880281b0000
RSI=ffffffff819b1fd0 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc9000c14ecf0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=1ffff92001829da0 R13=0000000000000200 R14=ffff88801cae4880 R15=ffffc9000c14edb8
RIP=ffffffff819b1fd2 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f00e05756c0 ffffffff 00c00000
GS =0000 ffff8880d69bb000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005555881b1808 CR3=000000004bdfc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd3e1d1b60 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f681400f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f681400f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f681400f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f681400f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f681400f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f681400f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000001c0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=000000000000000d RCX=ffffffff819b1fe2 RDX=ffff88801cae4880
RSI=ffffffff819b1fd0 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900000f76f8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=1ffff9200001eee1 R13=0000000000000200 R14=ffff8880281b0000 R15=ffffc900000f77c0
RIP=ffffffff819b1fd2 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6abb000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc85f3a2d58 CR3=000000002a03a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 59017155cc2a5835 1464aa8579c022cb
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 38f2b1c8564dd113 877c191950c1196f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0382938c5c624f18 deb5d9cf375b90c5
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e63131e7bd39be0e a1b3e516e6771b1c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 000000000000003c
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000003c
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a3181d823e258888 1474b98aac2bd65d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 93ec17551fb83405 0000000068c48e04
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5a72c3c7edf398ee 5ea5789332152739
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 80222c0e77dd2511 81a569f861bfffe2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856b08e647
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=467d7ad2f950c2f8 24f0870c3ceade94 467d7ad2f950c2f8 24f0870c3ceade94 467d7ad2f950c2f8 24f0870c3ceade94 467d7ad2f950c2f8 24f0870c3ceade94
ZMM18=03d79688b0479df8 0cbd776e780bd6cd 03d79688b0479df8 0cbd776e780bd6cd 03d79688b0479df8 0cbd776e780bd6cd 03d79688b0479df8 0cbd776e780bd6cd
ZMM19=ad25000000000000 0000000000000007 ad25000000000000 0000000000000006 ad25000000000000 0000000000000005 ad25000000000000 0000000000000004
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=068ede6f068ede6f 068ede6f068ede6f 068ede6f068ede6f 068ede6f068ede6f 068ede6f068ede6f 068ede6f068ede6f 068ede6f068ede6f 068ede6f068ede6f
ZMM22=47864c4a47864c4a 47864c4a47864c4a 47864c4a47864c4a 47864c4a47864c4a 47864c4a47864c4a 47864c4a47864c4a 47864c4a47864c4a 47864c4a47864c4a
ZMM23=f3b8eb8cf3b8eb8c f3b8eb8cf3b8eb8c f3b8eb8cf3b8eb8c f3b8eb8cf3b8eb8c f3b8eb8cf3b8eb8c f3b8eb8cf3b8eb8c f3b8eb8cf3b8eb8c f3b8eb8cf3b8eb8c
ZMM24=3a3c3c373a3c3c37 3a3c3c373a3c3c37 3a3c3c373a3c3c37 3a3c3c373a3c3c37 3a3c3c373a3c3c37 3a3c3c373a3c3c37 3a3c3c373a3c3c37 3a3c3c373a3c3c37
ZMM25=5bc1c19d5bc1c19d 5bc1c19d5bc1c19d 5bc1c19d5bc1c19d 5bc1c19d5bc1c19d 5bc1c19d5bc1c19d 5bc1c19d5bc1c19d 5bc1c19d5bc1c19d 5bc1c19d5bc1c19d
ZMM26=bdb4f7a5bdb4f7a5 bdb4f7a5bdb4f7a5 bdb4f7a5bdb4f7a5 bdb4f7a5bdb4f7a5 bdb4f7a5bdb4f7a5 bdb4f7a5bdb4f7a5 bdb4f7a5bdb4f7a5 bdb4f7a5bdb4f7a5
ZMM27=10cc503710cc5037 10cc503710cc5037 10cc503710cc5037 10cc503710cc5037 10cc503710cc5037 10cc503710cc5037 10cc503710cc5037 10cc503710cc5037
ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=6c1600006c160000 6c1600006c160000 6c1600006c160000 6c1600006c160000 6c1600006c160000 6c1600006c160000 6c1600006c160000 6c1600006c160000
info registers vcpu 2

CPU#2
RAX=00000000006e5927 RBX=0000000000000002 RCX=ffffffff8b7163e9 RDX=0000000000000000
RSI=ffffffff8dbeb35f RDI=ffffffff8bf458a0 RBP=ffffed1003a5f910 RSP=ffffc90000187e00
R8 =0000000000000001 R9 =ffffed100d4c65bd R10=ffff88806a632deb R11=0000000000000000
R12=0000000000000002 R13=ffff88801d2fc880 R14=ffffffff90862610 R15=0000000000000000
RIP=ffffffff8b7177ef RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6bbb000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffe9dd7dc88 CR3=000000004bdfc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f00df80f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f00df80f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f00df80f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f00df80f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f00df80f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f00df80f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f00df97c488 00007f00df97c480 00007f00df97c478 00007f00df97c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f00e04dd100 00007f00df97c440 00007f00df97c458 0000000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f00df97c498 00007f00df97c490 00007f00df97c488 00007f00df97c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=ffffffff91b842b8 RBX=ffffffff910055f4 RCX=dffffc0000000000 RDX=fffffffff93671b1
RSI=0000000000000000 RDI=ffffffff910055f4 RBP=ffffffff910055f4 RSP=ffffc90000f06ca8
R8 =ffffffff91b842be R9 =0000000000000000 R10=0000000000000006 R11=00000000000936ca
R12=ffffffff910055f4 R13=ffffffff8a36ca53 R14=ffffffff910055f4 R15=ffffffff910055f4
RIP=ffffffff8169cec6 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6cbb000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c25802f CR3=00000000443e6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=000000000000000b DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004000040 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b520030b3c3c243b fb24d5b4175a254c
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a179ea783a291d7 9ce55ac020c1874c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 113bb4431fdd1610 1e032450ef0bac9b
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 37537960f38afc91 e6f63f341fef5521
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5d12d01361e475ca 2aa3eb1bd57f8e5d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 de1f06ee2d1d8b3e 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9edd56afb340df6f 56dc576ace186298
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 77faf72300000000 f124ee48c5a3de0f
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7e1e393c755d05f4 ebc46bbc24da781c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f06ad8168abe9ac8 8176133a55efb652
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000