last executing test programs:

50.745690753s ago: executing program 3 (id=60):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv6_newroute={0x30, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x20, 0x0, 0xfc}, [@RTA_GATEWAY={0x14, 0x5, @mcast2}]}, 0x30}, 0x1, 0x0, 0x0, 0x2400c0c1}, 0x8000)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
unshare(0x2040600)
r2 = memfd_create(&(0x7f0000000480)='\xd1\xbd\x01\x9b\xd4\n\xa6\xb7\xa9kE\x10Bx\xd0\x05\xe9\xd57\xc9\xc3\tC8\xa0F\x91\x9e\x98\x17\xa9\xb7\xc5<V+K\xd4A\x9e\xc6:\xd8z\x05\xe0O\xf4\x0e\x91\xc9\x82oT$9\xbb\xb5g2V\x89\xdbT5d\xa8\x86\x1b\x91\xde8v\xd4~\xd224\xec\x86\xfb8\xfb[\xbd5?\x10\x18bz\x1d(\xa0o\x00\x1aE\x96\x1d\x0f\xd7\x8b\xcd\xd9\xdfG\xab\xdf\xf8 \x1c\a\xd9\xc8\xa0@\xbal\x8c#!q>\xac\xafv\xff\x81/\x00\x98\x89\xeb\xb1Ot\xc5h\xc4f\xdf\x832\xc3\x9bW\x89<7\xf9\xfc\xf8\x89\x1e\xe5\xf6.\xa0\xfc\xc7\xf3\x01,\x17\xd4\xec3\x17\xe8x\xca?H\x813\xc0o57d\x82 \x89K\x14Dr\xe4\xc0K2\xd7\x12bu\x9ao\xf8H\xa6\xbf\xea\x11T\xcf*\x10\x9d', 0x4)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xb, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200002000000000000000000000008500000027000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x0, 0xf, 0x0, &(0x7f0000000280)="f525690f58114cb0293a65be639284", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r5, 0x8922, &(0x7f0000000140)={'team_slave_1\x00', 0x520})
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x5a0, 0x2a8, 0x390, 0x2a8, 0x1d8, 0x390, 0x4d0, 0x4d0, 0x4d0, 0x4d0, 0x4d0, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [0x0, 0x0, 0x0, 0xff000000], 'macvlan1\x00', 'erspan0\x00', {}, {}, 0x87}, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000000000000}, [@common=@mh={{0x28}, {"4ef5"}}]}, @HL={0x28}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff, 0x0, 0x3}, {0x0, 0x10}, 0x203, 0x6}}}, {{@uncond, 0x0, 0xa8, 0xd0, 0x48000000}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}}}, {{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@common=@dst={{0x48}, {0xc, 0x0, 0x1, [0xc, 0xd9, 0x5, 0xd0, 0x7, 0x9, 0x4, 0xfff8, 0x4, 0x10, 0x9, 0x5a43, 0x5, 0x7, 0x0, 0x4], 0x10}}, @common=@eui64={{0x28}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x600)
fstatfs(r2, 0x0)
ioctl$UI_GET_SYSNAME(r1, 0x8040552c, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x3c, 0x0, 0x20, 0x70b92d, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES={0x8, 0x7, 0x1}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0xfffffffffffffe65, 0x16, 0xe384}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x10001}, @ETHTOOL_A_COALESCE_PKT_RATE_LOW={0x8, 0xd, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40851}, 0x4014)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c0017800400ad0014"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)
r7 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
write$khugepaged_scan(r7, &(0x7f0000000100), 0x8)
ioctl$VT_SETMODE(r7, 0x5602, &(0x7f0000000600)={0x7, 0x6, 0x81, 0x29, 0x5})

50.664081968s ago: executing program 3 (id=62):
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x2, 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r0, &(0x7f0000000000)={0xfc, {"a2e3ad09ed0d09f91b23071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a46c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1029}}, 0x1006)

50.572944372s ago: executing program 3 (id=64):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), r2)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000600)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x24, r3, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008050}, 0x2004050) (async)
syz_usb_disconnect(0xffffffffffffffff) (async, rerun: 64)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) (rerun: 64)
write$char_usb(r5, &(0x7f00000008c0)='-0', 0x2)
syz_open_procfs$namespace(r0, &(0x7f0000000340)='ns/pid_for_children\x00')

49.185808879s ago: executing program 3 (id=82):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x801)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x200010, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x2000400, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x7ad00, 0x18d)
sendmsg$kcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000240)="88d1408012b4f364b3016ce7e5ad8455494f5d9dbf7edd9c8450788cb7d4cad3ba32e000ccec1c2871899fd133533763ada4e4c04b88b6f46cfa2209cae298cc215ec5539a221ceba0d61359b5c276f9", 0x50}, {&(0x7f0000000300)="82ee2acf9aafef4bf85b4a49b8482162b3e0ad01b885026fa7ca283b8b6350c2811cb3a6bbab7731", 0x28}, {&(0x7f0000000500)="ec9b32d262c86972c5c31c01aaad94f302f231f9810fe67e463e5e83118e90817df5496751a0ed3b57370ec6fac9bb429a82c2f3564826440f47a6f829f07384d8e45f31ec85d1cf58b42ac6774a39e5cbe47633f9590631e1d1f3d0ce97edb5d03ebb30e2f07a350134623ce7ff0f388f29d6c7efb7484c54657eb199860653ac7c21d111c0040cd4", 0x89}], 0x3}, 0x30040040)

49.183545768s ago: executing program 3 (id=83):
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000b00)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x2, [{{0xa, 0x0, 0x0, @remote}}, {{0xa, 0x0, 0x0, @remote}}]}, 0x190)
syz_emit_ethernet(0x66, &(0x7f0000000080)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "003a04", 0x4, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}}}}}, 0x0)

48.883049288s ago: executing program 3 (id=90):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r2 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r2, r2, &(0x7f0000000080), 0x7f03)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmsg$unix(r3, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4040801}, 0x20008840)
setsockopt$sock_int(r3, 0x1, 0x26, &(0x7f0000000280), 0x4)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r4)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000600)={r7, 0xb23, 0x0, 0x0, 0x3, [<r8=>0x0, 0x0, 0x0, <r9=>0x0], [0x800000], [0x0, 0x1001000, 0x3], [0x39b7, 0xfffffffffffffffd, 0xe8a6, 0x3]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r4, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r8, 0x0, 0x0, r9], [0x2b8]})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000700)={&(0x7f0000000580)=[0x0], 0x0, &(0x7f0000000680), 0x0, 0x1})
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000400)={{{@in=@multicast2, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@dev}, 0x0, @in=@loopback}}, &(0x7f0000000500)=0xe8)
quotactl$Q_GETQUOTA(0xffffffff80000702, &(0x7f00000002c0)=@filename='\xe9\x1fq\x89Y\x1e\x923aK\x00', r10, &(0x7f0000000780))
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x1d, &(0x7f0000000080)=0x7, 0x4)

48.80603197s ago: executing program 32 (id=90):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r2 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r2, r2, &(0x7f0000000080), 0x7f03)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmsg$unix(r3, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4040801}, 0x20008840)
setsockopt$sock_int(r3, 0x1, 0x26, &(0x7f0000000280), 0x4)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r4)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000600)={r7, 0xb23, 0x0, 0x0, 0x3, [<r8=>0x0, 0x0, 0x0, <r9=>0x0], [0x800000], [0x0, 0x1001000, 0x3], [0x39b7, 0xfffffffffffffffd, 0xe8a6, 0x3]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r4, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r8, 0x0, 0x0, r9], [0x2b8]})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000700)={&(0x7f0000000580)=[0x0], 0x0, &(0x7f0000000680), 0x0, 0x1})
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000400)={{{@in=@multicast2, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@dev}, 0x0, @in=@loopback}}, &(0x7f0000000500)=0xe8)
quotactl$Q_GETQUOTA(0xffffffff80000702, &(0x7f00000002c0)=@filename='\xe9\x1fq\x89Y\x1e\x923aK\x00', r10, &(0x7f0000000780))
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x1d, &(0x7f0000000080)=0x7, 0x4)

1.41582133s ago: executing program 4 (id=1053):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$vcsu(&(0x7f0000000000), 0x1000, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x9, 0x2000007, 0x7ffd, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r2}, 0x10)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_SNDMTU(r3, 0x112, 0xc, &(0x7f0000000340)=0x8, &(0x7f0000000380)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

1.214726613s ago: executing program 4 (id=1059):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
syz_io_uring_setup(0xa0, &(0x7f0000000640)={0x0, 0x100ed94, 0x3401, 0x0, 0x60b}, &(0x7f0000000000), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xf500)

1.115740951s ago: executing program 1 (id=1060):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000500)='./file1/file0\x00', 0x0, 0x201008, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000004c0))
chdir(&(0x7f0000001180)='./bus\x00')
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
statx(r0, &(0x7f0000000280)='./file0\x00', 0x100, 0x800, &(0x7f0000000640))

1.044668521s ago: executing program 1 (id=1061):
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x1, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x38}}) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e"], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) (async)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x10, 0x2007, @fd, 0x8, 0x0, 0x0, 0x2}) (async)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r4 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f00000002c0)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff)
keyctl$chown(0x4, r4, 0xee01, 0xee00) (async)
keyctl$chown(0x4, r4, 0x0, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000062010c000000190095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1.042091879s ago: executing program 1 (id=1062):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000000640)={0x0, 0xffffffe6, &(0x7f0000000000)={&(0x7f00000005c0)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {0x9eff}, {0x8, 0x2, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4080)

975.5972ms ago: executing program 4 (id=1063):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0, 0x3f}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0xfeff)

975.399313ms ago: executing program 1 (id=1064):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r1, &(0x7f0000000000)=ANY=[], 0xff52)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x30)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = dup(r2)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

855.603076ms ago: executing program 4 (id=1065):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) (rerun: 64)
close(r4)
recvfrom$inet6(r1, &(0x7f0000000300)=""/252, 0xfc, 0x40000000, &(0x7f0000000100)={0xa, 0x4e24, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0xe}, 0x1c)
socket(0x10, 0x803, 0x0) (async, rerun: 64)
ioctl$SIOCSIFHWADDR(r4, 0x8b0b, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00  \x00'}) (async, rerun: 64)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0)
r5 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r6) (async)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r5, &(0x7f0000000140)='smaps\x00') (async)
syz_usb_disconnect(0xffffffffffffffff) (async)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r7, 0xffffffffffffffff, 0x200000000000000) (async, rerun: 32)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {0xfff2}, {}, {0xd, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0) (rerun: 32)

400.041754ms ago: executing program 2 (id=1069):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xfffffe6a, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800e80010000d0428bd7000fcdbff2500008000", @ANYRES32=r4, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4084)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x14, 0x1e, 0xa01, 0x2, 0x0, {0xa}}, 0x14}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000004c0)={0x138, r2, 0x100, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x3ff, 0x22}}}}, [@NL80211_ATTR_HE_OBSS_PD={0x64, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP={0xc, 0x5, "f5bd0a4f96a53037"}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x8}, @NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET={0x5, 0x3, 0x5}, @NL80211_HE_OBSS_PD_ATTR_SR_CTRL={0x5, 0x6, 0xc}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x13}, @NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET={0x5, 0x3, 0x8}, @NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET={0x5, 0x3, 0x4}, @NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP={0xc, 0x4, "a782dc872cfb3daf"}]}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_HE_OBSS_PD={0x10, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP={0xc, 0x4, "5551eece01b160e0"}]}, @NL80211_ATTR_TX_RATES={0x54, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x50, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x5, 0x3, 0xfffd, 0x4, 0xc464, 0x1, 0x7fff]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x3}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xbc6, 0x2, 0x100, 0x202a, 0x1, 0xfb9b, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7a, 0x1, 0x7f, 0x7, 0x2c0, 0x9, 0xe7f3, 0x5]}}]}]}, @crypto_settings, @NL80211_ATTR_TX_RATES={0x44, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0x34, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x2, 0x8, 0x8, 0x1, 0x0, 0x7, 0x1513]}}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x6a319ddb1399230, 0x5, 0x1b, 0x1, 0x60, 0xb]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x4}, 0x4080)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x1, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="200025bd7000fedbdf256c00000008000300", @ANYRES32=0x0, @ANYBLOB="0100000012cc62"], 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x4000000)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = syz_open_dev$dri(0x0, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000007, 0x12, r8, 0x100000000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x0, 0x0, 0x0, 0x4ee}})
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000580)={0x0, 0x0, 0x10}, 0xc)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000005c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xf, '\x00', 0x0, 0xffffffffffffffff, 0x9, 0x5, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0, 0x3f}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

294.852003ms ago: executing program 0 (id=1071):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000084000000060a010400000000000000000100000008000b40000000005c000480340001800b000100657874686472000024000280080001400000000b080003400000000008000440000000300500020007000000240001800b0001007470726f78790000140002800800034000000016080001400000000a0900010073797a30"], 0xf8}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x18)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r6=>0x0})
sendto$packet(r2, &(0x7f0000000180)="10030600e0fc020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r6}, 0x14)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_STATS(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r7, 0x400, 0x70bd2d, 0x25dfdbff, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x2004000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000d80), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_GET(r8, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010027c27000fcdbdf252e0000002000018014000200776c616e300000000000000000000000080003"], 0x34}}, 0x4810)
r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)
sendmsg$TIPC_CMD_SET_NETID(r1, &(0x7f0000000640)={0x0, 0xffffffe6, &(0x7f0000000000)={&(0x7f00000005c0)={0x24, r7, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {}, {0x8, 0x2, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4080)

294.663069ms ago: executing program 0 (id=1072):
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x2, 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r0, &(0x7f0000000000)={0xfc, {"a2e3ad09ed0d09f91b5f071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a75c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1029}}, 0x1006)

215.708086ms ago: executing program 2 (id=1073):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
syz_io_uring_setup(0xa0, &(0x7f0000000640)={0x0, 0x100ed94, 0x3401, 0x0, 0x60b}, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 1)

115.41661ms ago: executing program 2 (id=1074):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f00000000c0))
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb4, 0xb4, 0x6, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x5, 0x4}, {0x6, 0x4}]}, @ptr={0x8, 0x0, 0x0, 0x2, 0x2}, @ptr={0x2, 0x0, 0x0, 0x2, 0x5}, @restrict={0xd, 0x0, 0x0, 0xb, 0x4}, @const={0x1000000e, 0x0, 0x0, 0xa, 0x1}, @const={0x3, 0x0, 0x0, 0xa, 0x4}, @const={0xb, 0x0, 0x0, 0xa, 0x4}, @typedef={0x3, 0x0, 0x0, 0x8, 0x2}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x2a, 0x0, 0x60}, @enum={0x4, 0x5, 0x0, 0x6, 0x4, [{0x1, 0x5}, {0xd, 0x3ff}, {0x4, 0x2}, {0xa}, {0xb, 0x47}]}]}, {0x0, [0x61, 0x61, 0x30, 0x5f]}}, &(0x7f0000000200), 0xd2, 0x0, 0x1, 0x471d7001, 0x0, @void, @value}, 0x28)
syz_emit_ethernet(0x5a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x24, 0x6, 0x0, @private0, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x10, 0xf989, "cc11bc4d140c64aae8d4491b"}]}}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000007910a800000000007d0a0000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xbc, &(0x7f0000000300)=""/188, 0x41000, 0x0, '\x00', 0x0, @fallback, r1, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

115.035775ms ago: executing program 4 (id=1075):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x6, &(0x7f0000000040)=0x24, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000150001000000000000000000050000007b900f3bf206000000ffe5f1ce0a9789ae1b6d78b92587e5231b125b94f295a34123e910b3b291bb4b9ead5dd7c428707426e91d79921db2824c040640e38d01393b40df9131456d743abe9df8646849b69f4c000000d83f54a84ce25489529bb4bf6e646c6fd04002abd344d85f730246cbe15f6f4fcf71c11d2c977f61fb346ade9228424be50cae7812d686f221ae9b6cea6bc42f25acce1317c718c5e8a013dfbdcc8695ef4bee61603b18198cb0f6a29f15c86d2edf9b11a39038de06ca0d313f796e9f78f20b3889047767708ca27e77ecf1b7b9b525faacd8d716cd82677da56b2b08afad0f1f2964437be0cb966e90ded555d9b1ffb4713b3224c2a6633fc7ca6a50c61f26e8baa322897f9c8ca1ee914b439d19377595cee50b888529f7bd03b8a044849a34ccde0c59fbe74867fba0c40a0721377e6c793fc798be"], 0x14}}, 0x0)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r2, &(0x7f0000000000)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x3, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x40)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000000)=0x800, 0x4)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)

114.827106ms ago: executing program 0 (id=1076):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000000)={0x80, 0x4, 0x4, 0xe05, 0xe3, 0x80})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000fc0)={@multicast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x1c, 0x3c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[@hopopts={0x33}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={0x48, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x2a, 0x33, @action={{{}, {}, @device_b, @device_a, @initial, {0x0, 0x400}}, @ext_ch_sw={0x4, 0x4, {{0x0, 0x0, 0x2}, @val={0x76, 0x6, {0x4, 0x5, 0x19, 0x3}}}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

53.250828ms ago: executing program 2 (id=1077):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
clock_gettime(0x5, &(0x7f00000002c0))
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000080)={'gretap0\x00', <r3=>0x0, 0x8, 0x8, 0x8, 0x7, {{0x14, 0x4, 0x2, 0x3d, 0x50, 0x66, 0x0, 0xca, 0x4, 0x0, @broadcast, @rand_addr=0x64010102, {[@lsrr={0x83, 0x23, 0x25, [@multicast1, @rand_addr=0x64010102, @empty, @multicast1, @remote, @empty, @local, @loopback]}, @generic={0x44, 0x7, "c8e1165f42"}, @rr={0x7, 0xf, 0x74, [@multicast1, @dev={0xac, 0x14, 0x14, 0x3e}, @multicast2]}]}}}}})
sendmsg$nl_xfrm(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=@delpolicy={0xa8, 0x14, 0x100, 0x70bd29, 0x25dfdbfd, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e23, 0x0, 0x4e20, 0x0, 0xa, 0x20, 0x80, 0xc, r3, r1}, 0x6e6bb6}, [@user_kmaddress={0x2c, 0x13, {@in=@multicast2, @in=@private=0xa010102, 0x0, 0xa}}, @user_kmaddress={0x2c, 0x13, {@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@dev={0xac, 0x14, 0x14, 0xf}, 0x0, 0xa}}]}, 0xa8}}, 0x4000084)
r4 = io_uring_setup(0x1691, &(0x7f0000000400)={0x0, 0x631d, 0x2, 0x2, 0x2d8})
setrlimit(0x40000000000008, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r4, 0xf, &(0x7f0000002700)={0x1, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0x108}], 0x0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="120000000700"], 0x48)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)

52.596135ms ago: executing program 4 (id=1078):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000440)=ANY=[@ANYBLOB="0180c2001d00aaaaaaaaaaaa810000000002fe800029a7"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x58ac2700)

52.482054ms ago: executing program 0 (id=1079):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000f80)=@newtaction={0x90, 0x30, 0x9e54f29ff072a93b, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_csum={0x4c, 0x44, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)

52.375777ms ago: executing program 1 (id=1080):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000062c0), 0xa201, 0x0)
ioctl$SNAPSHOT_GET_IMAGE_SIZE(r1, 0x8008330e, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
shutdown(r0, 0x1)
sendto$inet6(r0, &(0x7f00000002c0)="41d8", 0x2, 0x800, &(0x7f0000000000)={0xa, 0x4e24, 0x7fffffff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x6}, 0x1c)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000140)={&(0x7f0000001000)={[{0x0, 0x5, 0x3, 0x700}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r2, 0x0, 0x0, 0x0, 0x60, 0x1, {0x1}})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r6, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000940)=""/4096, 0x1000}], 0x1}, 0x80000000}], 0x2, 0x2020, 0x0)
io_uring_enter(r3, 0x3517, 0x173d, 0x42, 0x0, 0x0)

51.909791ms ago: executing program 2 (id=1081):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000640)=@newtaction={0x60, 0x30, 0x9, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x5, 0x7fff, 0x0, 0x62, 0x200}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x9, {0x1a9}}}}]}]}, 0xfdef}}, 0x14)

633.816µs ago: executing program 0 (id=1082):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x38, 0x8, 0x270bd24, 0x25dfdbfa, {0x1}}, 0x14}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r1)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)={0x30, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {0x36}, [@handle=@pci={{0x8}, {0x11}}]}, 0x30}}, 0x0)
r3 = syz_io_uring_complete(0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000080)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@RTM_GETMDB={0x18, 0x56, 0x314, 0x70bd2d, 0x25dfdbfb, {0x7, r5}, ["", "", "", "", "", ""]}, 0x18}}, 0x4000010)

419.064µs ago: executing program 2 (id=1083):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000004c0)={@val, @void, @eth={@broadcast, @remote, @val={@void, {0x8100, 0x0, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x4e21, 0x6558, 0x9c, 0x0, @wg=@initiation={0x1, 0x3, "aa2822ee72488d0b4ef1c7ac3efdfad1a5379a9ee1ca831873d11a27373ecb0e", "a0edccf38ad11a75f1ac1ea760ceebf02813e71dc491e32c391d02bee9178437ceb5ca7dd869de37084d526a9983dc90", "f24c430d7bc9b7c83efaeb797f46c893afac885d66aca756a7d45341", {"c53e3cd97fe0b867126ebb01ad2b4caa", "27a9109ba19256749594f58828f09eb0"}}}}}}}}, 0xc2)

200.543µs ago: executing program 0 (id=1084):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x1, 0x8c2b01)
ioctl$EVIOCGABS20(r2, 0x80184560, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = syz_init_net_socket$ax25(0x3, 0x3, 0xce)
shutdown(r3, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000100)={0x81, 0x0, 0x3})
syz_io_uring_setup(0xa0, &(0x7f0000000080)={0x0, 0x100ed94, 0x4000, 0x0, 0x60b}, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_UPDATE_FT_IES(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001200)={0x1c, r6, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x810)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

0s ago: executing program 1 (id=1085):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) (async)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
gettid()
chdir(&(0x7f0000000300)='./file0\x00')
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x3a1042, 0x6, 0x10}, 0x18)
mkdirat(r0, &(0x7f0000000180)='./file1\x00', 0x14)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0) (async)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendto$inet6(r2, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006020a0000000d0085a168d0bf46d32345653600648d270005000a00000849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160012000a0000000000e000e218d1dd3b6ed538f6523250", 0x78, 0x0, 0x0, 0xe0ffffff) (async)
sendto$inet6(r2, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006020a0000000d0085a168d0bf46d32345653600648d270005000a00000849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160012000a0000000000e000e218d1dd3b6ed538f6523250", 0x78, 0x0, 0x0, 0xe0ffffff)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x20881, 0x14e) (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x20881, 0x14e)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000040), 0x4) (async)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000040), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000004c0)={0x1, 0x1, 0x80, 0x3, @vifc_lcl_addr=@initdev={0xac, 0x1e, 0x1, 0x0}, @local}, 0x10)
ptrace(0x10, 0x0) (async)
ptrace(0x10, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
fsync(r1)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x802, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r6, 0x40045010, &(0x7f0000000000)) (async)
ioctl$SNDCTL_DSP_SETTRIGGER(r6, 0x40045010, &(0x7f0000000000))
setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f0000000000)=0x8, 0x4) (async)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f0000000000)=0x8, 0x4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000200), r3)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r9, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
sendmsg$SEG6_CMD_GET_TUNSRC(r7, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x5c, r8, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x364}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xff}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x5, 0x2, 0x3, 0x2, 0x5]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x6}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x20048081)

kernel console output (not intermixed with test programs):

3208][ T6743]  ? find_held_lock+0x2b/0x80
[   61.913221][ T6743]  ? __pfx_register_netdevice+0x10/0x10
[   61.913238][ T6743]  ? __asan_memcpy+0x3c/0x60
[   61.913250][ T6743]  ? vxlan_config_apply+0x653/0x7e0
[   61.913267][ T6743]  __vxlan_dev_create+0x15a/0x680
[   61.913285][ T6743]  ? __pfx___vxlan_dev_create+0x10/0x10
[   61.913306][ T6743]  vxlan_newlink+0x135/0x1e0
[   61.913323][ T6743]  ? __pfx_vxlan_newlink+0x10/0x10
[   61.913346][ T6743]  ? rtnl_create_link+0xa4a/0xf90
[   61.913362][ T6743]  ? __pfx_vxlan_newlink+0x10/0x10
[   61.913380][ T6743]  rtnl_newlink+0xc42/0x2000
[   61.913400][ T6743]  ? __pfx_rtnl_newlink+0x10/0x10
[   61.913415][ T6743]  ? find_held_lock+0x2b/0x80
[   61.913428][ T6743]  ? avc_has_perm_noaudit+0x117/0x3b0
[   61.913441][ T6743]  ? avc_has_perm_noaudit+0x149/0x3b0
[   61.913466][ T6743]  ? cred_has_capability.isra.0+0x193/0x2f0
[   61.913492][ T6743]  ? find_held_lock+0x2b/0x80
[   61.913504][ T6743]  ? __pfx_rtnl_newlink+0x10/0x10
[   61.913520][ T6743]  ? __pfx_rtnl_newlink+0x10/0x10
[   61.913535][ T6743]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   61.913552][ T6743]  ? __pfx_rtnl_newlink+0x10/0x10
[   61.913568][ T6743]  rtnetlink_rcv_msg+0x95e/0xe90
[   61.913586][ T6743]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   61.913607][ T6743]  ? ref_tracker_free+0x37c/0x830
[   61.913624][ T6743]  netlink_rcv_skb+0x158/0x420
[   61.913635][ T6743]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   61.913657][ T6743]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   61.913673][ T6743]  ? netlink_deliver_tap+0x1ae/0xd30
[   61.913687][ T6743]  netlink_unicast+0x53a/0x7f0
[   61.913699][ T6743]  ? __pfx_netlink_unicast+0x10/0x10
[   61.913715][ T6743]  netlink_sendmsg+0x8d1/0xdd0
[   61.913728][ T6743]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.913755][ T6743]  ____sys_sendmsg+0xa95/0xc70
[   61.913770][ T6743]  ? copy_msghdr_from_user+0x10a/0x160
[   61.913785][ T6743]  ? __pfx_____sys_sendmsg+0x10/0x10
[   61.913803][ T6743]  ___sys_sendmsg+0x134/0x1d0
[   61.913820][ T6743]  ? __pfx____sys_sendmsg+0x10/0x10
[   61.913834][ T6743]  ? __lock_acquire+0x622/0x1c90
[   61.913868][ T6743]  __sys_sendmsg+0x16d/0x220
[   61.913883][ T6743]  ? __pfx___sys_sendmsg+0x10/0x10
[   61.913908][ T6743]  do_syscall_64+0xcd/0x4c0
[   61.913926][ T6743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.913937][ T6743] RIP: 0033:0x7fc64038e929
[   61.913946][ T6743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.913956][ T6743] RSP: 002b:00007fc6412aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.913966][ T6743] RAX: ffffffffffffffda RBX: 00007fc6405b5fa0 RCX: 00007fc64038e929
[   61.913973][ T6743] RDX: 0000000020008844 RSI: 0000200000000000 RDI: 0000000000000003
[   61.913979][ T6743] RBP: 00007fc6412aa090 R08: 0000000000000000 R09: 0000000000000000
[   61.913985][ T6743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   61.913991][ T6743] R13: 0000000000000000 R14: 00007fc6405b5fa0 R15: 00007ffc6e8cd1f8
[   61.914004][ T6743]  </TASK>
[   62.033088][    C0] vkms_vblank_simulate: vblank timer overrun
[   62.043186][ T5947] Bluetooth: hci2: command tx timeout
[   62.051166][ T6747] netlink: 40 bytes leftover after parsing attributes in process `syz.1.241'.
[   62.095982][ T6753] syz.2.243: attempt to access beyond end of device
[   62.095982][ T6753] loop2: rw=0, sector=64, nr_sectors = 2 limit=0
[   62.099063][ T6758] ubi: mtd0 is already attached to ubi31
[   62.101190][ T6753] isofs_fill_super: bread failed, dev=loop2, iso_blknum=16, block=32
[   62.145547][ T6764] FAULT_INJECTION: forcing a failure.
[   62.145547][ T6764] name failslab, interval 1, probability 0, space 0, times 0
[   62.150779][ T6764] CPU: 2 UID: 0 PID: 6764 Comm: syz.1.249 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   62.150805][ T6764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   62.150812][ T6764] Call Trace:
[   62.150816][ T6764]  <TASK>
[   62.150821][ T6764]  dump_stack_lvl+0x16c/0x1f0
[   62.150840][ T6764]  should_fail_ex+0x512/0x640
[   62.150855][ T6764]  ? __kvmalloc_node_noprof+0x124/0x620
[   62.150871][ T6764]  should_failslab+0xc2/0x120
[   62.150887][ T6764]  __kvmalloc_node_noprof+0x137/0x620
[   62.150901][ T6764]  ? alloc_netdev_mqs+0xfbe/0x1570
[   62.150921][ T6764]  ? alloc_netdev_mqs+0xfbe/0x1570
[   62.150936][ T6764]  alloc_netdev_mqs+0xfbe/0x1570
[   62.150956][ T6764]  rtnl_create_link+0xc08/0xf90
[   62.150975][ T6764]  rtnl_newlink+0xb69/0x2000
[   62.151000][ T6764]  ? __pfx_rtnl_newlink+0x10/0x10
[   62.151015][ T6764]  ? find_held_lock+0x2b/0x80
[   62.151029][ T6764]  ? avc_has_perm_noaudit+0x117/0x3b0
[   62.151043][ T6764]  ? avc_has_perm_noaudit+0x149/0x3b0
[   62.151055][ T6764]  ? cred_has_capability.isra.0+0x193/0x2f0
[   62.151080][ T6764]  ? find_held_lock+0x2b/0x80
[   62.151092][ T6764]  ? __pfx_rtnl_newlink+0x10/0x10
[   62.151108][ T6764]  ? __pfx_rtnl_newlink+0x10/0x10
[   62.151123][ T6764]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   62.151140][ T6764]  ? __pfx_rtnl_newlink+0x10/0x10
[   62.151157][ T6764]  rtnetlink_rcv_msg+0x95e/0xe90
[   62.151174][ T6764]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   62.151195][ T6764]  ? ref_tracker_free+0x37c/0x830
[   62.151212][ T6764]  netlink_rcv_skb+0x158/0x420
[   62.151224][ T6764]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   62.151241][ T6764]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   62.151258][ T6764]  ? netlink_deliver_tap+0x1ae/0xd30
[   62.151272][ T6764]  netlink_unicast+0x53a/0x7f0
[   62.151285][ T6764]  ? __pfx_netlink_unicast+0x10/0x10
[   62.151300][ T6764]  netlink_sendmsg+0x8d1/0xdd0
[   62.151314][ T6764]  ? __pfx_netlink_sendmsg+0x10/0x10
[   62.151331][ T6764]  ____sys_sendmsg+0xa95/0xc70
[   62.151344][ T6764]  ? copy_msghdr_from_user+0x10a/0x160
[   62.151359][ T6764]  ? __pfx_____sys_sendmsg+0x10/0x10
[   62.151378][ T6764]  ___sys_sendmsg+0x134/0x1d0
[   62.151394][ T6764]  ? __pfx____sys_sendmsg+0x10/0x10
[   62.151408][ T6764]  ? __lock_acquire+0x622/0x1c90
[   62.151442][ T6764]  __sys_sendmsg+0x16d/0x220
[   62.151458][ T6764]  ? __pfx___sys_sendmsg+0x10/0x10
[   62.151483][ T6764]  do_syscall_64+0xcd/0x4c0
[   62.151501][ T6764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.151512][ T6764] RIP: 0033:0x7f198e58e929
[   62.151521][ T6764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.151540][ T6764] RSP: 002b:00007f198f484038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   62.151553][ T6764] RAX: ffffffffffffffda RBX: 00007f198e7b5fa0 RCX: 00007f198e58e929
[   62.151560][ T6764] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   62.151566][ T6764] RBP: 00007f198f484090 R08: 0000000000000000 R09: 0000000000000000
[   62.151572][ T6764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   62.151577][ T6764] R13: 0000000000000000 R14: 00007f198e7b5fa0 R15: 00007ffef60f6968
[   62.151592][ T6764]  </TASK>
[   62.188912][ T6766] syz.1.250: attempt to access beyond end of device
[   62.188912][ T6766] loop1: rw=0, sector=2, nr_sectors = 2 limit=0
[   62.188965][ T6766] MINIX-fs: unable to read superblock
[   62.375659][ T6778] trusted_key: syz.0.255 sent an empty control message without MSG_MORE.
[   62.411642][ T6769] bond0: entered promiscuous mode
[   62.413461][ T6769] bond_slave_0: entered promiscuous mode
[   62.415303][ T6769] bond_slave_1: entered promiscuous mode
[   62.417188][ T6769] team0: entered promiscuous mode
[   62.418758][ T6769] team_slave_0: entered promiscuous mode
[   62.420616][ T6769] team_slave_1: entered promiscuous mode
[   62.545565][ T6793] ubi: mtd0 is already attached to ubi31
[   62.603438][ T6798] netlink: 8 bytes leftover after parsing attributes in process `syz.0.259'.
[   62.714869][ T6811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.264'.
[   62.717850][ T6811] netlink: 12 bytes leftover after parsing attributes in process `syz.4.264'.
[   62.821714][ T6821] ubi31: detaching mtd0
[   62.839261][ T6821] ubi31: mtd0 is detached
[   62.887773][ T6826] FAULT_INJECTION: forcing a failure.
[   62.887773][ T6826] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   62.895182][ T6826] CPU: 3 UID: 0 PID: 6826 Comm: syz.0.272 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   62.895207][ T6826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   62.895218][ T6826] Call Trace:
[   62.895224][ T6826]  <TASK>
[   62.895231][ T6826]  dump_stack_lvl+0x16c/0x1f0
[   62.895281][ T6826]  should_fail_ex+0x512/0x640
[   62.895313][ T6826]  _copy_to_user+0x32/0xd0
[   62.895341][ T6826]  simple_read_from_buffer+0xcb/0x170
[   62.895365][ T6826]  proc_fail_nth_read+0x197/0x270
[   62.895389][ T6826]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   62.895412][ T6826]  ? rw_verify_area+0xcf/0x680
[   62.895431][ T6826]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   62.895453][ T6826]  vfs_read+0x1e1/0xc60
[   62.895478][ T6826]  ? __pfx___mutex_lock+0x10/0x10
[   62.895504][ T6826]  ? __pfx_vfs_read+0x10/0x10
[   62.895533][ T6826]  ? __fget_files+0x20e/0x3c0
[   62.895564][ T6826]  ksys_read+0x12a/0x250
[   62.895585][ T6826]  ? __pfx_ksys_read+0x10/0x10
[   62.895614][ T6826]  do_syscall_64+0xcd/0x4c0
[   62.895642][ T6826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.895661][ T6826] RIP: 0033:0x7f5403f8d33c
[   62.895675][ T6826] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   62.895691][ T6826] RSP: 002b:00007f5404e0e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   62.895708][ T6826] RAX: ffffffffffffffda RBX: 00007f54041b5fa0 RCX: 00007f5403f8d33c
[   62.895719][ T6826] RDX: 000000000000000f RSI: 00007f5404e0e0a0 RDI: 0000000000000008
[   62.895730][ T6826] RBP: 00007f5404e0e090 R08: 0000000000000000 R09: 0000000000000000
[   62.895740][ T6826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   62.895749][ T6826] R13: 0000000000000000 R14: 00007f54041b5fa0 R15: 00007ffe08b5fac8
[   62.895772][ T6826]  </TASK>
[   63.240747][ T6851] binder: 6850:6851 ioctl c0306201 2000000003c0 returned -14
[   63.252710][ T6851] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input11
[   63.423341][ T6869] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   63.478462][ T6874] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2320 sclass=netlink_route_socket pid=6874 comm=syz.0.290
[   63.844462][ T6910] ubi31: attaching mtd0
[   63.846631][ T6910] ubi31: scanning is finished
[   63.909681][ T6910] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[   63.912053][ T6910] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   63.914275][ T6910] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[   63.916421][ T6910] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[   63.918753][ T6910] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   63.920806][ T6910] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[   63.923278][ T6910] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1940774131
[   63.927719][ T6910] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   63.931101][ T6914] ubi31: background thread "ubi_bgt31d" started, PID 6914
[   64.252146][ T6929] mkiss: ax0: crc mode is auto.
[   64.508365][ T6957] ubi31: detaching mtd0
[   64.514173][ T6957] ubi31: mtd0 is detached
[   64.779135][ T6980] FAULT_INJECTION: forcing a failure.
[   64.779135][ T6980] name failslab, interval 1, probability 0, space 0, times 0
[   64.783225][ T6980] CPU: 2 UID: 0 PID: 6980 Comm: syz.0.329 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   64.783240][ T6980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   64.783246][ T6980] Call Trace:
[   64.783250][ T6980]  <TASK>
[   64.783255][ T6980]  dump_stack_lvl+0x16c/0x1f0
[   64.783288][ T6980]  should_fail_ex+0x512/0x640
[   64.783306][ T6980]  ? __kvmalloc_node_noprof+0x124/0x620
[   64.783334][ T6980]  should_failslab+0xc2/0x120
[   64.783352][ T6980]  __kvmalloc_node_noprof+0x137/0x620
[   64.783366][ T6980]  ? bucket_table_alloc.isra.0+0x83/0x460
[   64.783383][ T6980]  ? bucket_table_alloc.isra.0+0x83/0x460
[   64.783396][ T6980]  bucket_table_alloc.isra.0+0x83/0x460
[   64.783411][ T6980]  rhashtable_init_noprof+0x41a/0x7e0
[   64.783425][ T6980]  ? __pfx_br_dev_init+0x10/0x10
[   64.783439][ T6980]  br_dev_init+0x29/0x500
[   64.783451][ T6980]  ? kasan_save_track+0x14/0x30
[   64.783463][ T6980]  ? __pfx_br_dev_init+0x10/0x10
[   64.783476][ T6980]  register_netdevice+0x650/0x2270
[   64.783496][ T6980]  ? __pfx_validate_linkmsg+0x10/0x10
[   64.783512][ T6980]  ? __pfx_register_netdevice+0x10/0x10
[   64.783534][ T6980]  br_dev_newlink+0x6a/0x170
[   64.783546][ T6980]  ? __pfx_br_dev_newlink+0x10/0x10
[   64.783560][ T6980]  rtnl_newlink+0xc42/0x2000
[   64.783581][ T6980]  ? __pfx_rtnl_newlink+0x10/0x10
[   64.783596][ T6980]  ? find_held_lock+0x2b/0x80
[   64.783611][ T6980]  ? avc_has_perm_noaudit+0x117/0x3b0
[   64.783624][ T6980]  ? avc_has_perm_noaudit+0x149/0x3b0
[   64.783636][ T6980]  ? cred_has_capability.isra.0+0x193/0x2f0
[   64.783662][ T6980]  ? find_held_lock+0x2b/0x80
[   64.783674][ T6980]  ? __pfx_rtnl_newlink+0x10/0x10
[   64.783689][ T6980]  ? __pfx_rtnl_newlink+0x10/0x10
[   64.783705][ T6980]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   64.783725][ T6980]  ? __pfx_rtnl_newlink+0x10/0x10
[   64.783742][ T6980]  rtnetlink_rcv_msg+0x95e/0xe90
[   64.783760][ T6980]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   64.783781][ T6980]  ? ref_tracker_free+0x37c/0x830
[   64.783798][ T6980]  netlink_rcv_skb+0x158/0x420
[   64.783810][ T6980]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   64.783828][ T6980]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   64.783844][ T6980]  ? netlink_deliver_tap+0x1ae/0xd30
[   64.783857][ T6980]  netlink_unicast+0x53a/0x7f0
[   64.783870][ T6980]  ? __pfx_netlink_unicast+0x10/0x10
[   64.783886][ T6980]  netlink_sendmsg+0x8d1/0xdd0
[   64.783899][ T6980]  ? __pfx_netlink_sendmsg+0x10/0x10
[   64.783916][ T6980]  ____sys_sendmsg+0xa95/0xc70
[   64.783929][ T6980]  ? copy_msghdr_from_user+0x10a/0x160
[   64.783944][ T6980]  ? __pfx_____sys_sendmsg+0x10/0x10
[   64.783965][ T6980]  ___sys_sendmsg+0x134/0x1d0
[   64.783982][ T6980]  ? __pfx____sys_sendmsg+0x10/0x10
[   64.783996][ T6980]  ? __lock_acquire+0x622/0x1c90
[   64.784030][ T6980]  __sys_sendmsg+0x16d/0x220
[   64.784046][ T6980]  ? __pfx___sys_sendmsg+0x10/0x10
[   64.784071][ T6980]  do_syscall_64+0xcd/0x4c0
[   64.784088][ T6980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.784100][ T6980] RIP: 0033:0x7f5403f8e929
[   64.784109][ T6980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.784120][ T6980] RSP: 002b:00007f5404e0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   64.784130][ T6980] RAX: ffffffffffffffda RBX: 00007f54041b5fa0 RCX: 00007f5403f8e929
[   64.784137][ T6980] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   64.784143][ T6980] RBP: 00007f5404e0e090 R08: 0000000000000000 R09: 0000000000000000
[   64.784149][ T6980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   64.784155][ T6980] R13: 0000000000000000 R14: 00007f54041b5fa0 R15: 00007ffe08b5fac8
[   64.784168][ T6980]  </TASK>
[   64.975287][ T6984] warning: `syz.2.331' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   65.197857][ T7003] netlink: 'syz.4.340': attribute type 6 has an invalid length.
[   65.273859][ T7011] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   65.279058][ T7011] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   65.285118][ T7011] overlayfs: conflicting lowerdir path
[   65.309667][ T7013] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[   65.315114][ T7013] netlink: 'syz.1.344': attribute type 2 has an invalid length.
[   65.356556][ T7013] ubi31: attaching mtd0
[   65.360026][ T7013] ubi31: scanning is finished
[   65.425240][ T7013] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[   65.428601][ T7013] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   65.431626][ T7013] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[   65.434906][ T7013] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[   65.438171][ T7013] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   65.441139][ T7013] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[   65.445521][ T7013] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1940774131
[   65.448877][ T7013] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   65.451954][ T7025] ubi31: background thread "ubi_bgt31d" started, PID 7025
[   65.452025][ T7027] ubi: mtd0 is already attached to ubi31
[   65.476660][   T40] kauditd_printk_skb: 53 callbacks suppressed
[   65.476671][   T40] audit: type=1400 audit(1750423583.714:721): avc:  denied  { remove_name } for  pid=5934 comm="syz-executor" name="binderfs" dev="tmpfs" ino=407 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[   65.498191][   T40] audit: type=1400 audit(1750423583.714:722): avc:  denied  { rmdir } for  pid=5934 comm="syz-executor" name="73" dev="tmpfs" ino=403 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[   65.509160][ T7029] __nla_validate_parse: 20 callbacks suppressed
[   65.509171][ T7029] netlink: 8 bytes leftover after parsing attributes in process `syz.0.349'.
[   65.514677][ T7029] netlink: 12 bytes leftover after parsing attributes in process `syz.0.349'.
[   65.518583][ T7031] tmpfs: Bad value for 'mpol'
[   65.520636][ T7031] netlink: 'syz.1.351': attribute type 23 has an invalid length.
[   65.600736][ T7043] netlink: 8 bytes leftover after parsing attributes in process `syz.0.355'.
[   65.604989][ T7043] netlink: 12 bytes leftover after parsing attributes in process `syz.0.355'.
[   65.611536][ T7035] openvswitch: netlink: Missing key (keys=40, expected=2000)
[   65.635747][   T40] audit: type=1400 audit(1750423583.874:723): avc:  denied  { getopt } for  pid=7044 comm="syz.0.356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   65.778790][ T7064] netlink: 64 bytes leftover after parsing attributes in process `syz.4.365'.
[   65.893459][ T7074] netlink: 8 bytes leftover after parsing attributes in process `syz.4.369'.
[   65.963203][   T40] audit: type=1400 audit(1750423584.194:724): avc:  denied  { read } for  pid=7082 comm="syz.1.373" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   65.972833][   T40] audit: type=1400 audit(1750423584.194:725): avc:  denied  { open } for  pid=7082 comm="syz.1.373" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   66.007111][   T40] audit: type=1400 audit(1750423584.244:726): avc:  denied  { setopt } for  pid=7094 comm="syz.0.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   66.022593][ T7099] netlink: 14 bytes leftover after parsing attributes in process `syz.4.378'.
[   66.055999][   T40] audit: type=1400 audit(1750423584.294:727): avc:  denied  { setattr } for  pid=7102 comm="syz.0.380" name="" dev="pipefs" ino=15204 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   66.066005][   T40] audit: type=1400 audit(1750423584.294:728): avc:  denied  { accept } for  pid=7102 comm="syz.0.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   66.127410][ T7099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   66.134653][ T7099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   66.139571][ T7099] bond0 (unregistering): Released all slaves
[   66.248998][   T40] audit: type=1400 audit(1750423584.484:729): avc:  denied  { getopt } for  pid=7113 comm="syz.1.384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   66.263653][   T40] audit: type=1400 audit(1750423584.494:730): avc:  denied  { setopt } for  pid=7115 comm="syz.4.385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   66.339241][ T7120] netlink: 'syz.4.387': attribute type 1 has an invalid length.
[   66.421302][ T7135] FAULT_INJECTION: forcing a failure.
[   66.421302][ T7135] name failslab, interval 1, probability 0, space 0, times 0
[   66.425588][ T7135] CPU: 0 UID: 0 PID: 7135 Comm: syz.4.393 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   66.425603][ T7135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   66.425610][ T7135] Call Trace:
[   66.425614][ T7135]  <TASK>
[   66.425618][ T7135]  dump_stack_lvl+0x16c/0x1f0
[   66.425652][ T7135]  should_fail_ex+0x512/0x640
[   66.425671][ T7135]  ? __kvmalloc_node_noprof+0x124/0x620
[   66.425687][ T7135]  should_failslab+0xc2/0x120
[   66.425703][ T7135]  __kvmalloc_node_noprof+0x137/0x620
[   66.425721][ T7135]  ? bucket_table_alloc.isra.0+0x83/0x460
[   66.425738][ T7135]  ? bucket_table_alloc.isra.0+0x83/0x460
[   66.425750][ T7135]  bucket_table_alloc.isra.0+0x83/0x460
[   66.425765][ T7135]  rhashtable_init_noprof+0x41a/0x7e0
[   66.425780][ T7135]  br_vlan_init+0xa2/0x210
[   66.425797][ T7135]  br_dev_init+0x7f/0x500
[   66.425809][ T7135]  ? kasan_save_track+0x14/0x30
[   66.425822][ T7135]  ? __pfx_br_dev_init+0x10/0x10
[   66.425835][ T7135]  register_netdevice+0x650/0x2270
[   66.425854][ T7135]  ? __pfx_validate_linkmsg+0x10/0x10
[   66.425871][ T7135]  ? __pfx_register_netdevice+0x10/0x10
[   66.425892][ T7135]  br_dev_newlink+0x6a/0x170
[   66.425905][ T7135]  ? __pfx_br_dev_newlink+0x10/0x10
[   66.425919][ T7135]  rtnl_newlink+0xc42/0x2000
[   66.425940][ T7135]  ? __pfx_rtnl_newlink+0x10/0x10
[   66.425955][ T7135]  ? find_held_lock+0x2b/0x80
[   66.425971][ T7135]  ? avc_has_perm_noaudit+0x117/0x3b0
[   66.425984][ T7135]  ? avc_has_perm_noaudit+0x149/0x3b0
[   66.425996][ T7135]  ? cred_has_capability.isra.0+0x193/0x2f0
[   66.426021][ T7135]  ? find_held_lock+0x2b/0x80
[   66.426033][ T7135]  ? __pfx_rtnl_newlink+0x10/0x10
[   66.426049][ T7135]  ? __pfx_rtnl_newlink+0x10/0x10
[   66.426064][ T7135]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   66.426081][ T7135]  ? __pfx_rtnl_newlink+0x10/0x10
[   66.426097][ T7135]  rtnetlink_rcv_msg+0x95e/0xe90
[   66.426115][ T7135]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   66.426136][ T7135]  ? ref_tracker_free+0x37c/0x830
[   66.426153][ T7135]  netlink_rcv_skb+0x158/0x420
[   66.426164][ T7135]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   66.426182][ T7135]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   66.426198][ T7135]  ? netlink_deliver_tap+0x1ae/0xd30
[   66.426211][ T7135]  netlink_unicast+0x53a/0x7f0
[   66.426224][ T7135]  ? __pfx_netlink_unicast+0x10/0x10
[   66.426239][ T7135]  netlink_sendmsg+0x8d1/0xdd0
[   66.426253][ T7135]  ? __pfx_netlink_sendmsg+0x10/0x10
[   66.426270][ T7135]  ____sys_sendmsg+0xa95/0xc70
[   66.426282][ T7135]  ? copy_msghdr_from_user+0x10a/0x160
[   66.426297][ T7135]  ? __pfx_____sys_sendmsg+0x10/0x10
[   66.426315][ T7135]  ___sys_sendmsg+0x134/0x1d0
[   66.426332][ T7135]  ? __pfx____sys_sendmsg+0x10/0x10
[   66.426346][ T7135]  ? __lock_acquire+0x622/0x1c90
[   66.426380][ T7135]  __sys_sendmsg+0x16d/0x220
[   66.426396][ T7135]  ? __pfx___sys_sendmsg+0x10/0x10
[   66.426421][ T7135]  do_syscall_64+0xcd/0x4c0
[   66.426438][ T7135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.426449][ T7135] RIP: 0033:0x7fc64038e929
[   66.426458][ T7135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.426468][ T7135] RSP: 002b:00007fc6412aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   66.426478][ T7135] RAX: ffffffffffffffda RBX: 00007fc6405b5fa0 RCX: 00007fc64038e929
[   66.426485][ T7135] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   66.426491][ T7135] RBP: 00007fc6412aa090 R08: 0000000000000000 R09: 0000000000000000
[   66.426496][ T7135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   66.426502][ T7135] R13: 0000000000000000 R14: 00007fc6405b5fa0 R15: 00007ffc6e8cd1f8
[   66.426516][ T7135]  </TASK>
[   66.454514][ T7137] netlink: 'syz.2.395': attribute type 11 has an invalid length.
[   66.566758][ T7137] netlink: 44 bytes leftover after parsing attributes in process `syz.2.395'.
[   66.691894][ T7142] ubi: mtd0 is already attached to ubi31
[   66.723140][   T61] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   66.726060][ T7145] netlink: 14 bytes leftover after parsing attributes in process `syz.4.397'.
[   66.763317][ T6379] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[   66.858265][ T7147] netlink: 48 bytes leftover after parsing attributes in process `syz.4.398'.
[   66.873126][   T61] usb 6-1: Using ep0 maxpacket: 32
[   66.875929][   T61] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   66.879205][   T61] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   66.883141][   T61] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   66.886026][   T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.890696][   T61] usb 6-1: config 0 descriptor??
[   66.915284][ T6379] usb 7-1: not running at top speed; connect to a high speed hub
[   66.919059][ T6379] usb 7-1: config 4 has an invalid interface number: 8 but max is 1
[   66.921522][ T6379] usb 7-1: config 4 has an invalid interface number: 6 but max is 1
[   66.924370][ T6379] usb 7-1: config 4 contains an unexpected descriptor of type 0x1, skipping
[   66.927095][ T6379] usb 7-1: config 4 contains an unexpected descriptor of type 0x1, skipping
[   66.929967][ T6379] usb 7-1: config 4 contains an unexpected descriptor of type 0x1, skipping
[   66.932679][ T6379] usb 7-1: config 4 has no interface number 0
[   66.934889][ T6379] usb 7-1: config 4 has no interface number 1
[   66.936891][ T6379] usb 7-1: config 4 interface 8 altsetting 238 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[   66.940877][ T6379] usb 7-1: config 4 interface 6 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[   66.945181][ T6379] usb 7-1: config 4 interface 8 has no altsetting 0
[   66.947598][ T6379] usb 7-1: config 4 interface 6 has no altsetting 0
[   66.952290][ T6379] usb 7-1: New USB device found, idVendor=1199, idProduct=9091, bcdDevice=eb.21
[   66.955175][ T6379] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   66.957792][ T6379] usb 7-1: Product: syz
[   66.959119][ T6379] usb 7-1: Manufacturer: syz
[   66.959544][ T5947] Bluetooth: hci2: SCO packet for unknown connection handle 217
[   66.960605][ T6379] usb 7-1: SerialNumber: syz
[   66.997041][ T7154] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave
[   67.000383][ T7154] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[   67.127328][ T7161] binder: BC_ATTEMPT_ACQUIRE not supported
[   67.129173][ T7161] binder: 7160:7161 ioctl c0306201 200000000a80 returned -22
[   67.200178][ T6379] usb 7-1: USB disconnect, device number 3
[   67.308134][   T61] savu 0003:1E7D:2D5A.0002: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[   67.359599][ T7174] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1340
[   67.428887][ T7187] ubi: mtd0 is already attached to ubi31
[   67.565298][ T7139] netlink: 'syz.1.394': attribute type 3 has an invalid length.
[   67.567914][ T7139] netlink: 'syz.1.394': attribute type 2 has an invalid length.
[   67.577411][ T6379] usb 6-1: USB disconnect, device number 4
[   67.750000][ T7199] openvswitch: netlink: IPv4 tunnel dst address is zero
[   67.752362][ T7200] openvswitch: netlink: IPv4 tunnel dst address is zero
[   67.923619][ T7207] openvswitch: netlink: Key type 179 is out of range max 32
[   67.927728][ T7207] openvswitch: netlink: Key type 179 is out of range max 32
[   67.936043][ T7204] kvm: pic: non byte write
[   68.181915][ T7224] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   68.187798][ T7224] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   68.191298][ T7224] bond0 (unregistering): Released all slaves
[   68.279980][ T7235] syz.1.426: attempt to access beyond end of device
[   68.279980][ T7235] loop1: rw=6144, sector=128, nr_sectors = 8 limit=0
[   68.286177][ T7235] gfs2: error -5 reading superblock
[   68.432100][ T7253] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=7253 comm=syz.1.430
[   68.535126][ T7262] netlink: 'syz.4.433': attribute type 2 has an invalid length.
[   68.575698][ T7272] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   68.582073][ T7272] syz.4.435: attempt to access beyond end of device
[   68.582073][ T7272] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[   68.590016][ T7272] (syz.4.435,7272,0):ocfs2_get_sector:1714 ERROR: status = -5
[   68.593312][ T7272] (syz.4.435,7272,0):ocfs2_sb_probe:753 ERROR: status = -5
[   68.596293][ T7272] (syz.4.435,7272,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[   68.599668][ T7272] (syz.4.435,7272,0):ocfs2_fill_super:1177 ERROR: status = -5
[   68.978523][ T7313] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   68.981467][ T7313] bond_slave_0: left promiscuous mode
[   68.985413][ T7313] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   68.989125][ T7313] bond_slave_1: left promiscuous mode
[   68.992166][ T7313] bond0 (unregistering): (slave team0): Releasing backup interface
[   68.996898][ T7313] team0: left promiscuous mode
[   68.998846][ T7313] team_slave_0: left promiscuous mode
[   69.000740][ T7313] team_slave_1: left promiscuous mode
[   69.005438][ T7313] bond0 (unregistering): Released all slaves
[   69.127780][ T7333] netlink: 'syz.2.454': attribute type 1 has an invalid length.
[   69.162135][ T7327] kvm: pic: non byte write
[   69.163607][ T5941] Bluetooth: hci4: command 0x1003 tx timeout
[   69.164202][ T5947] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   69.272685][ T7348] ptm ptm1: ldisc open failed (-12), clearing slot 1
[   69.538707][   T59] IPVS: starting estimator thread 0...
[   69.553327][ T7367] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[   69.571158][ T7373] hfsplus: unable to find HFS+ superblock
[   69.577672][ T7373] ubi: mtd0 is already attached to ubi31
[   69.634198][ T7368] IPVS: using max 42 ests per chain, 100800 per kthread
[   69.812742][ T7397] netlink: 'syz.1.473': attribute type 2 has an invalid length.
[   69.995248][ T7416] process 'syz.4.482' launched './file1' with NULL argv: empty string added
[   69.995281][ T7417] binder: 7405:7417 ioctl 40186f40 200000000140 returned -22
[   70.036722][ T7409] block nbd0: server does not support multiple connections per device.
[   70.122396][ T7424] tmpfs: Bad value for 'mpol'
[   70.126899][ T7424] IPv6: NLM_F_CREATE should be specified when creating new route
[   70.129133][ T7408] block nbd0: shutting down sockets
[   70.565331][ T5947] Bluetooth: hci3: Malformed Event: 0x2f
[   70.604118][ T7453] block nbd2: server does not support multiple connections per device.
[   70.607401][ T7452] block nbd2: shutting down sockets
[   70.671235][ T7458] __nla_validate_parse: 18 callbacks suppressed
[   70.671247][ T7458] netlink: 24 bytes leftover after parsing attributes in process `syz.2.500'.
[   70.697019][   T40] kauditd_printk_skb: 14 callbacks suppressed
[   70.697031][   T40] audit: type=1400 audit(1750423588.934:745): avc:  denied  { load_policy } for  pid=7457 comm="syz.2.500" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   70.697896][ T7458] SELinux: failed to load policy
[   70.952135][ T7470] netlink: 24 bytes leftover after parsing attributes in process `syz.1.505'.
[   70.955750][ T7470] netlink: 24 bytes leftover after parsing attributes in process `syz.1.505'.
[   71.087113][ T1425] ieee802154 phy0 wpan0: encryption failed: -22
[   71.089994][ T1425] ieee802154 phy1 wpan1: encryption failed: -22
[   71.307335][   T40] audit: type=1400 audit(1750423589.544:746): avc:  denied  { create } for  pid=7490 comm="syz.1.513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   71.316516][   T40] audit: type=1400 audit(1750423589.544:747): avc:  denied  { ioctl } for  pid=7490 comm="syz.1.513" path="socket:[21616]" dev="sockfs" ino=21616 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   71.326061][   T40] audit: type=1400 audit(1750423589.544:748): avc:  denied  { read write } for  pid=7490 comm="syz.1.513" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   71.335369][   T40] audit: type=1400 audit(1750423589.544:749): avc:  denied  { open } for  pid=7490 comm="syz.1.513" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   71.421471][ T7493] netlink: 24 bytes leftover after parsing attributes in process `syz.1.514'.
[   71.428048][ T7493] netlink: 24 bytes leftover after parsing attributes in process `syz.1.514'.
[   71.474600][ T7496] netlink: 4 bytes leftover after parsing attributes in process `syz.1.515'.
[   71.664157][ T7499] validate_nla: 5 callbacks suppressed
[   71.664173][ T7499] netlink: 'syz.1.515': attribute type 21 has an invalid length.
[   71.669374][ T7499] netlink: 'syz.1.515': attribute type 6 has an invalid length.
[   71.671902][ T7499] netlink: 132 bytes leftover after parsing attributes in process `syz.1.515'.
[   71.881353][ T7515] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[   71.885342][ T7515] overlayfs: missing 'lowerdir'
[   71.960107][ T7524] netlink: 'syz.0.526': attribute type 2 has an invalid length.
[   71.994675][   T40] audit: type=1400 audit(1750423590.224:750): avc:  denied  { write } for  pid=7528 comm="syz.2.528" name="001" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   71.996851][ T7532] IPVS: Error connecting to the multicast addr
[   72.007453][ T7530] netlink: 8 bytes leftover after parsing attributes in process `syz.0.529'.
[   72.010420][ T7530] netlink: 12 bytes leftover after parsing attributes in process `syz.0.529'.
[   72.014686][   T40] audit: type=1400 audit(1750423590.244:751): avc:  denied  { map } for  pid=7528 comm="syz.2.528" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   72.016601][ T7532] netlink: 12 bytes leftover after parsing attributes in process `syz.0.529'.
[   72.178691][ T7549] ieee802154 phy0 wpan0: encryption failed: -22
[   72.183084][   T40] audit: type=1400 audit(1750423590.414:752): avc:  denied  { write } for  pid=7547 comm="syz.4.535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   72.308912][   T40] audit: type=1400 audit(1750423590.544:753): avc:  denied  { bind } for  pid=7559 comm="syz.2.539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   72.353074][   T40] audit: type=1400 audit(1750423590.584:754): avc:  denied  { create } for  pid=7559 comm="syz.2.539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[   72.371320][ T7563] netlink: 'syz.1.538': attribute type 2 has an invalid length.
[   72.759993][ T7575] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   72.764249][ T7575] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   72.768107][ T7575] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   72.771233][ T7575] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   72.774462][ T7575] geneve2: entered promiscuous mode
[   72.776178][ T7575] geneve2: entered allmulticast mode
[   73.045416][ T7586] kvm: pic: non byte write
[   73.147823][ T7589] xt_CT: You must specify a L4 protocol and not use inversions on it
[   73.363174][ T7609] Driver unsupported XDP return value 0 on prog  (id 28) dev N/A, expect packet loss!
[   73.403143][ T7611] netlink: 'syz.2.560': attribute type 2 has an invalid length.
[   73.437243][ T7607] kvm: pic: non byte write
[   73.512884][ T7616] kvm: pic: non byte write
[   73.548259][ T7623] FAULT_INJECTION: forcing a failure.
[   73.548259][ T7623] name failslab, interval 1, probability 0, space 0, times 0
[   73.548281][ T7623] CPU: 0 UID: 0 PID: 7623 Comm: syz.4.564 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   73.548302][ T7623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.548312][ T7623] Call Trace:
[   73.548324][ T7623]  <TASK>
[   73.548331][ T7623]  dump_stack_lvl+0x16c/0x1f0
[   73.548392][ T7623]  should_fail_ex+0x512/0x640
[   73.548418][ T7623]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   73.548439][ T7623]  should_failslab+0xc2/0x120
[   73.548456][ T7623]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   73.548470][ T7623]  ? __kernfs_new_node+0xd2/0x8e0
[   73.548488][ T7623]  __kernfs_new_node+0xd2/0x8e0
[   73.548505][ T7623]  ? __pfx___kernfs_new_node+0x10/0x10
[   73.548524][ T7623]  ? find_held_lock+0x2b/0x80
[   73.548538][ T7623]  ? kernfs_root+0xee/0x2a0
[   73.548557][ T7623]  kernfs_new_node+0x13c/0x1e0
[   73.548576][ T7623]  __kernfs_create_file+0x53/0x350
[   73.548591][ T7623]  sysfs_add_file_mode_ns+0x207/0x3c0
[   73.548609][ T7623]  internal_create_group+0x578/0xf30
[   73.548628][ T7623]  ? __pfx_internal_create_group+0x10/0x10
[   73.548651][ T7623]  ? kernfs_create_link+0x1bd/0x240
[   73.548666][ T7623]  internal_create_groups+0x9d/0x150
[   73.548683][ T7623]  device_add+0x6d1/0x1a70
[   73.548695][ T7623]  ? __pfx_device_add+0x10/0x10
[   73.548705][ T7623]  ? lockdep_init_map_type+0x5c/0x280
[   73.548723][ T7623]  ? __init_waitqueue_head+0xca/0x150
[   73.548739][ T7623]  netdev_register_kobject+0x182/0x3a0
[   73.548752][ T7623]  register_netdevice+0x13dc/0x2270
[   73.548772][ T7623]  ? __pfx_register_netdevice+0x10/0x10
[   73.548794][ T7623]  br_dev_newlink+0x6a/0x170
[   73.548807][ T7623]  ? __pfx_br_dev_newlink+0x10/0x10
[   73.548824][ T7623]  rtnl_newlink+0xc42/0x2000
[   73.548852][ T7623]  ? __pfx_rtnl_newlink+0x10/0x10
[   73.548867][ T7623]  ? find_held_lock+0x2b/0x80
[   73.548880][ T7623]  ? avc_has_perm_noaudit+0x117/0x3b0
[   73.548893][ T7623]  ? avc_has_perm_noaudit+0x149/0x3b0
[   73.548907][ T7623]  ? cred_has_capability.isra.0+0x193/0x2f0
[   73.548932][ T7623]  ? find_held_lock+0x2b/0x80
[   73.548945][ T7623]  ? __pfx_rtnl_newlink+0x10/0x10
[   73.548961][ T7623]  ? __pfx_rtnl_newlink+0x10/0x10
[   73.548976][ T7623]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   73.548993][ T7623]  ? __pfx_rtnl_newlink+0x10/0x10
[   73.549010][ T7623]  rtnetlink_rcv_msg+0x95e/0xe90
[   73.549038][ T7623]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   73.549062][ T7623]  ? ref_tracker_free+0x37c/0x830
[   73.549079][ T7623]  netlink_rcv_skb+0x158/0x420
[   73.549091][ T7623]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   73.549108][ T7623]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   73.549133][ T7623]  ? netlink_deliver_tap+0x1ae/0xd30
[   73.549151][ T7623]  netlink_unicast+0x53a/0x7f0
[   73.549164][ T7623]  ? __pfx_netlink_unicast+0x10/0x10
[   73.549180][ T7623]  netlink_sendmsg+0x8d1/0xdd0
[   73.549193][ T7623]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.549210][ T7623]  ____sys_sendmsg+0xa95/0xc70
[   73.549223][ T7623]  ? copy_msghdr_from_user+0x10a/0x160
[   73.549239][ T7623]  ? __pfx_____sys_sendmsg+0x10/0x10
[   73.549257][ T7623]  ___sys_sendmsg+0x134/0x1d0
[   73.549273][ T7623]  ? __pfx____sys_sendmsg+0x10/0x10
[   73.549288][ T7623]  ? __lock_acquire+0x622/0x1c90
[   73.549322][ T7623]  __sys_sendmsg+0x16d/0x220
[   73.549337][ T7623]  ? __pfx___sys_sendmsg+0x10/0x10
[   73.549363][ T7623]  do_syscall_64+0xcd/0x4c0
[   73.549381][ T7623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.549392][ T7623] RIP: 0033:0x7fc64038e929
[   73.549401][ T7623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.549429][ T7623] RSP: 002b:00007fc6412aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.549440][ T7623] RAX: ffffffffffffffda RBX: 00007fc6405b5fa0 RCX: 00007fc64038e929
[   73.549446][ T7623] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   73.549453][ T7623] RBP: 00007fc6412aa090 R08: 0000000000000000 R09: 0000000000000000
[   73.549459][ T7623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   73.549465][ T7623] R13: 0000000000000000 R14: 00007fc6405b5fa0 R15: 00007ffc6e8cd1f8
[   73.549479][ T7623]  </TASK>
[   74.692218][ T7701] FAULT_INJECTION: forcing a failure.
[   74.692218][ T7701] name failslab, interval 1, probability 0, space 0, times 0
[   74.692248][ T7701] CPU: 0 UID: 0 PID: 7701 Comm: syz.1.590 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   74.692270][ T7701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.692281][ T7701] Call Trace:
[   74.692288][ T7701]  <TASK>
[   74.692295][ T7701]  dump_stack_lvl+0x16c/0x1f0
[   74.692326][ T7701]  should_fail_ex+0x512/0x640
[   74.692374][ T7701]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   74.692402][ T7701]  should_failslab+0xc2/0x120
[   74.692427][ T7701]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   74.692450][ T7701]  ? __kernfs_new_node+0xd2/0x8e0
[   74.692479][ T7701]  __kernfs_new_node+0xd2/0x8e0
[   74.692506][ T7701]  ? __pfx___kernfs_new_node+0x10/0x10
[   74.692538][ T7701]  ? find_held_lock+0x2b/0x80
[   74.692561][ T7701]  ? kernfs_root+0xee/0x2a0
[   74.692597][ T7701]  kernfs_new_node+0x13c/0x1e0
[   74.692630][ T7701]  __kernfs_create_file+0x53/0x350
[   74.692654][ T7701]  sysfs_add_file_mode_ns+0x207/0x3c0
[   74.692688][ T7701]  internal_create_group+0x578/0xf30
[   74.692721][ T7701]  ? __pfx_internal_create_group+0x10/0x10
[   74.692758][ T7701]  ? kernfs_create_link+0x1bd/0x240
[   74.692783][ T7701]  internal_create_groups+0x9d/0x150
[   74.692811][ T7701]  device_add+0x6d1/0x1a70
[   74.692831][ T7701]  ? __pfx_device_add+0x10/0x10
[   74.692846][ T7701]  ? lockdep_init_map_type+0x5c/0x280
[   74.692874][ T7701]  ? __init_waitqueue_head+0xca/0x150
[   74.692900][ T7701]  netdev_register_kobject+0x182/0x3a0
[   74.692923][ T7701]  register_netdevice+0x13dc/0x2270
[   74.692956][ T7701]  ? __pfx_register_netdevice+0x10/0x10
[   74.692992][ T7701]  br_dev_newlink+0x6a/0x170
[   74.693032][ T7701]  ? __pfx_br_dev_newlink+0x10/0x10
[   74.693055][ T7701]  rtnl_newlink+0xc42/0x2000
[   74.693091][ T7701]  ? __pfx_rtnl_newlink+0x10/0x10
[   74.693115][ T7701]  ? find_held_lock+0x2b/0x80
[   74.693135][ T7701]  ? avc_has_perm_noaudit+0x117/0x3b0
[   74.693158][ T7701]  ? avc_has_perm_noaudit+0x149/0x3b0
[   74.693179][ T7701]  ? cred_has_capability.isra.0+0x193/0x2f0
[   74.693222][ T7701]  ? find_held_lock+0x2b/0x80
[   74.693242][ T7701]  ? __pfx_rtnl_newlink+0x10/0x10
[   74.693266][ T7701]  ? __pfx_rtnl_newlink+0x10/0x10
[   74.693290][ T7701]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   74.693318][ T7701]  ? __pfx_rtnl_newlink+0x10/0x10
[   74.693345][ T7701]  rtnetlink_rcv_msg+0x95e/0xe90
[   74.693374][ T7701]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.693409][ T7701]  ? ref_tracker_free+0x37c/0x830
[   74.693436][ T7701]  netlink_rcv_skb+0x158/0x420
[   74.693456][ T7701]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.693484][ T7701]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   74.693512][ T7701]  ? netlink_deliver_tap+0x1ae/0xd30
[   74.693535][ T7701]  netlink_unicast+0x53a/0x7f0
[   74.693558][ T7701]  ? __pfx_netlink_unicast+0x10/0x10
[   74.693584][ T7701]  netlink_sendmsg+0x8d1/0xdd0
[   74.693615][ T7701]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.693645][ T7701]  ____sys_sendmsg+0xa95/0xc70
[   74.693666][ T7701]  ? copy_msghdr_from_user+0x10a/0x160
[   74.693691][ T7701]  ? __pfx_____sys_sendmsg+0x10/0x10
[   74.693723][ T7701]  ___sys_sendmsg+0x134/0x1d0
[   74.693750][ T7701]  ? __pfx____sys_sendmsg+0x10/0x10
[   74.693773][ T7701]  ? __lock_acquire+0x622/0x1c90
[   74.693832][ T7701]  __sys_sendmsg+0x16d/0x220
[   74.693858][ T7701]  ? __pfx___sys_sendmsg+0x10/0x10
[   74.693901][ T7701]  do_syscall_64+0xcd/0x4c0
[   74.693932][ T7701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.693950][ T7701] RIP: 0033:0x7f198e58e929
[   74.693965][ T7701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.693981][ T7701] RSP: 002b:00007f198f484038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.693998][ T7701] RAX: ffffffffffffffda RBX: 00007f198e7b5fa0 RCX: 00007f198e58e929
[   74.694009][ T7701] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   74.694019][ T7701] RBP: 00007f198f484090 R08: 0000000000000000 R09: 0000000000000000
[   74.694027][ T7701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   74.694037][ T7701] R13: 0000000000000000 R14: 00007f198e7b5fa0 R15: 00007ffef60f6968
[   74.694062][ T7701]  </TASK>
[   75.171137][ T7735] program syz.2.599 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   75.236755][ T7670] block nbd0: shutting down sockets
[   75.239318][ T7735] kvm: pic: non byte write
[   76.264432][ T7763] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   76.267327][ T7763] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   76.273626][ T7763] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   76.278980][ T7763] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   76.281120][ T7763] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   76.287064][ T7763] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   76.291434][ T7763] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   76.294182][ T7763] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   76.297733][ T7763] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   76.345418][   T40] kauditd_printk_skb: 11 callbacks suppressed
[   76.345429][   T40] audit: type=1400 audit(1750423594.584:766): avc:  denied  { ioctl } for  pid=7784 comm="syz.4.613" path="socket:[22814]" dev="sockfs" ino=22814 ioctlcmd=0x894b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   76.435127][ T5947] block nbd1: Receive control failed (result -32)
[   76.435212][ T7778] block nbd1: shutting down sockets
[   76.633577][   T29] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   76.783533][   T29] usb 7-1: Using ep0 maxpacket: 8
[   76.788437][   T29] usb 7-1: config 1 has an invalid descriptor of length 165, skipping remainder of the config
[   76.792309][   T29] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[   76.796751][   T29] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 21118, setting to 1024
[   76.801144][   T29] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[   76.805652][   T29] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   76.809602][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.816057][ T7788] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   76.820620][   T29] hub 7-1:1.0: bad descriptor, ignoring hub
[   76.823526][   T29] hub 7-1:1.0: probe with driver hub failed with error -5
[   76.826774][   T29] cdc_wdm 7-1:1.0: skipping garbage
[   76.828941][   T29] cdc_wdm 7-1:1.0: skipping garbage
[   76.831576][   T29] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[   76.931660][ T7853] __nla_validate_parse: 4 callbacks suppressed
[   76.931675][ T7853] netlink: 14 bytes leftover after parsing attributes in process `syz.4.635'.
[   76.965718][   T40] audit: type=1400 audit(1750423595.204:767): avc:  denied  { write } for  pid=7855 comm="syz.0.636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   76.966215][ T7857] netlink: 8 bytes leftover after parsing attributes in process `syz.0.636'.
[   76.978695][   T40] audit: type=1400 audit(1750423595.214:768): avc:  denied  { map } for  pid=7855 comm="syz.0.636" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   76.981590][ T5941] Bluetooth: hci3: ACL packet for unknown connection handle 201
[   76.981972][ T7857] netlink: 8 bytes leftover after parsing attributes in process `syz.0.636'.
[   76.981989][ T7857] netlink: 12 bytes leftover after parsing attributes in process `syz.0.636'.
[   76.982011][ T7857] netlink: 'syz.0.636': attribute type 20 has an invalid length.
[   77.022254][ T7788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.027294][ T7788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.031213][   T40] audit: type=1400 audit(1750423595.274:769): avc:  denied  { write } for  pid=7786 comm="syz.2.615" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   77.050094][ T7856] kvm: pic: non byte write
[   77.154143][   T29] usb 7-1: USB disconnect, device number 4
[   77.456881][ T5947] block nbd1: Receive control failed (result -32)
[   77.457113][ T7822] block nbd1: shutting down sockets
[   77.563220][ T5947] Bluetooth: hci0: command 0x0c1a tx timeout
[   77.855864][   T40] audit: type=1400 audit(1750423596.094:770): avc:  denied  { bind } for  pid=7883 comm="syz.0.649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   78.034589][   T40] audit: type=1400 audit(1750423596.274:771): avc:  denied  { create } for  pid=7900 comm="syz.2.655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   78.042069][   T40] audit: type=1400 audit(1750423596.274:772): avc:  denied  { getopt } for  pid=7900 comm="syz.2.655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   78.180358][ T7911] netlink: 14 bytes leftover after parsing attributes in process `syz.2.660'.
[   78.283188][ T5947] Bluetooth: hci3: command 0x0c1a tx timeout
[   78.355110][ T7909] snd_dummy snd_dummy.0: control 0:0:0:syz0:7 is already present
[   78.363189][ T5947] Bluetooth: hci2: command 0x0c1a tx timeout
[   78.529745][   T40] audit: type=1400 audit(1750423596.764:773): avc:  denied  { append } for  pid=7926 comm="syz.2.666" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   78.586737][   T40] audit: type=1400 audit(1750423596.824:774): avc:  denied  { create } for  pid=7926 comm="syz.2.666" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[   78.673870][ T7934] netlink: 14 bytes leftover after parsing attributes in process `syz.1.670'.
[   78.737336][ T7944] netlink: 'syz.0.672': attribute type 2 has an invalid length.
[   78.976762][   T40] audit: type=1400 audit(1750423597.214:775): avc:  denied  { ioctl } for  pid=7962 comm="syz.4.680" path="socket:[23917]" dev="sockfs" ino=23917 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   79.240978][ T7973] netlink: 'syz.1.685': attribute type 2 has an invalid length.
[   79.628454][ T7996] netlink: 14 bytes leftover after parsing attributes in process `syz.2.693'.
[   79.643264][ T5947] Bluetooth: hci0: command 0x0c1a tx timeout
[   79.767935][ T8002] kvm: pic: non byte write
[   80.098059][ T8024] fuse: Unknown parameter 'group_i00000000000000000000'
[   80.146278][ T8026] netlink: 80 bytes leftover after parsing attributes in process `syz.4.706'.
[   80.363198][ T5947] Bluetooth: hci3: command 0x0c1a tx timeout
[   80.443348][ T5947] Bluetooth: hci2: command 0x0c1a tx timeout
[   80.512607][ T8046] kvm: pic: non byte write
[   81.194879][ T8090] kvm: pic: non byte write
[   81.330710][   T34] cfg80211: failed to load regulatory.db
[   81.338924][ T8107] syz.4.739: attempt to access beyond end of device
[   81.338924][ T8107] nbd4: rw=0, sector=0, nr_sectors = 2 limit=0
[   81.339020][ T8107] befs: (nbd4): unable to read superblock
[   81.603693][   T59] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   81.723215][ T5947] Bluetooth: hci0: command 0x0c1a tx timeout
[   81.744780][ T8119] syz.1.745: vmalloc error: size 4096, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   81.750514][ T8119] CPU: 3 UID: 0 PID: 8119 Comm: syz.1.745 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   81.750529][ T8119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.750537][ T8119] Call Trace:
[   81.750541][ T8119]  <TASK>
[   81.750545][ T8119]  dump_stack_lvl+0x16c/0x1f0
[   81.750580][ T8119]  warn_alloc+0x248/0x3a0
[   81.750595][ T8119]  ? __pfx_warn_alloc+0x10/0x10
[   81.750610][ T8119]  ? alloc_pages_mpol+0x25a/0x550
[   81.750627][ T8119]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   81.750644][ T8119]  ? trace_kmalloc+0x2b/0xd0
[   81.750678][ T8119]  __vmalloc_node_range_noprof+0x11d4/0x14b0
[   81.750696][ T8119]  ? vhost_task_create+0x1d2/0x2e0
[   81.750711][ T8119]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   81.750724][ T8119]  ? __memcg_slab_post_alloc_hook+0x4a0/0x960
[   81.750747][ T8119]  ? vhost_task_create+0x1d2/0x2e0
[   81.750761][ T8119]  __vmalloc_node_noprof+0xad/0xf0
[   81.750778][ T8119]  ? vhost_task_create+0x1d2/0x2e0
[   81.750799][ T8119]  copy_process+0x2c70/0x76a0
[   81.750832][ T8119]  ? __pfx_copy_process+0x10/0x10
[   81.750860][ T8119]  ? lockdep_init_map_type+0x5c/0x280
[   81.750886][ T8119]  ? lockdep_init_map_type+0x5c/0x280
[   81.750903][ T8119]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   81.750920][ T8119]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   81.750939][ T8119]  vhost_task_create+0x1d2/0x2e0
[   81.750949][ T8119]  ? __pfx_vhost_task_create+0x10/0x10
[   81.750964][ T8119]  ? __pfx_vhost_task_fn+0x10/0x10
[   81.750981][ T8119]  kvm_mmu_post_init_vm+0x1b7/0x370
[   81.750996][ T8119]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[   81.751009][ T8119]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[   81.751025][ T8119]  kvm_vcpu_ioctl+0x5eb/0x1690
[   81.751040][ T8119]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   81.751056][ T8119]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[   81.751080][ T8119]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   81.751100][ T8119]  ? hook_file_ioctl_common+0x145/0x410
[   81.751114][ T8119]  ? selinux_file_ioctl+0x180/0x270
[   81.751128][ T8119]  ? selinux_file_ioctl+0xb4/0x270
[   81.751143][ T8119]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   81.751157][ T8119]  __x64_sys_ioctl+0x18b/0x210
[   81.751170][ T8119]  do_syscall_64+0xcd/0x4c0
[   81.751188][ T8119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.751200][ T8119] RIP: 0033:0x7f198e58e929
[   81.751209][ T8119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.751220][ T8119] RSP: 002b:00007f198f484038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   81.751230][ T8119] RAX: ffffffffffffffda RBX: 00007f198e7b5fa0 RCX: 00007f198e58e929
[   81.751237][ T8119] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   81.751243][ T8119] RBP: 00007f198f484090 R08: 0000000000000000 R09: 0000000000000000
[   81.751249][ T8119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   81.751255][ T8119] R13: 0000000000000000 R14: 00007f198e7b5fa0 R15: 00007ffef60f6968
[   81.751269][ T8119]  </TASK>
[   81.751307][ T8119] Mem-Info:
[   81.766318][   T59] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   81.766449][ T8119] active_anon:10447 inactive_anon:0 isolated_anon:0
[   81.766449][ T8119]  active_file:13511 inactive_file:40592 isolated_file:0
[   81.766449][ T8119]  unevictable:1768 dirty:230 writeback:0
[   81.766449][ T8119]  slab_reclaimable:11861 slab_unreclaimable:72248
[   81.766449][ T8119]  mapped:25462 shmem:2412 pagetables:1392
[   81.766449][ T8119]  sec_pagetables:303 bounce:0
[   81.766449][ T8119]  kernel_misc_reclaimable:0
[   81.766449][ T8119]  free:453841 free_pcp:15449 free_cma:0
[   81.768560][   T59] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   81.768582][   T59] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   81.768624][   T59] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   81.770437][ T8119] Node 0 active_anon:41788kB inactive_anon:0kB active_file:54044kB inactive_file:162160kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:101848kB dirty:908kB writeback:0kB shmem:6112kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13168kB pagetables:5360kB sec_pagetables:1212kB all_unreclaimable? no Balloon:0kB
[   81.772820][   T59] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   81.774789][ T8119] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:12kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:144kB pagetables:208kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   81.783180][   T59] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   81.784559][ T8119] Node 0 
[   81.786034][   T59] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   81.787545][ T8119] DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   81.789173][   T59] usb 5-1: Product: syz
[   81.790912][ T8119] lowmem_reserve[]: 0 1235 1235 1235 1235
[   81.790940][ T8119] Node 0 DMA32 free:188008kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:41788kB inactive_anon:0kB active_file:54044kB inactive_file:162160kB unevictable:3536kB writepending:908kB present:2080628kB managed:1264732kB mlocked:0kB bounce:0kB free_pcp:49212kB local_pcp:15664kB free_cma:0kB
[   81.793416][   T59] usb 5-1: Manufacturer: syz
[   81.796377][ T8119] lowmem_reserve[]:
[   81.801522][   T59] cdc_wdm 5-1:1.0: skipping garbage
[   81.803183][ T8119]  0 0 0 0 0
[   81.803207][ T8119] Node 1 Normal free:1611996kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:3536kB writepending:12kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:12520kB local_pcp:2408kB free_cma:0kB
[   81.803239][ T8119] lowmem_reserve[]: 0 0 0 0 0
[   81.803259][ T8119] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   81.803336][ T8119] Node 0 DMA32: 1189*4kB (UME) 798*8kB (UM) 334*16kB (UM) 
[   81.805294][   T59] cdc_wdm 5-1:1.0: skipping garbage
[   81.806968][ T8119] 201*32kB 
[   81.818962][   T59] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   81.819198][ T8119] (UME) 
[   81.820765][   T59] cdc_wdm 5-1:1.0: Unknown control protocol
[   81.966696][ T8119] 205*64kB (UM) 12*128kB (ME) 21*256kB (UME) 9*512kB (UME) 7*1024kB (UME) 7*2048kB (UM) 29*4096kB (UM) = 187844kB
[   81.970523][ T8119] Node 1 Normal: 3*4kB (UE) 21*8kB (UME) 27*16kB (UME) 40*32kB (UME) 22*64kB (UME) 8*128kB (UME) 0*256kB 4*512kB (ME) 0*1024kB 2*2048kB (ME) 391*4096kB (M) = 1612004kB
[   81.976066][ T8119] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   81.979323][ T8119] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   81.982706][ T8119] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   81.985850][ T8119] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   81.989017][ T8119] 56511 total pagecache pages
[   81.990793][ T8119] 0 pages in swap cache
[   81.992365][ T8119] Free swap  = 124996kB
[   81.994054][ T8119] Total swap = 124996kB
[   81.995579][ T8119] 1048443 pages RAM
[   81.997043][ T8119] 0 pages HighMem/MovableOnly
[   81.998785][ T8119] 282931 pages reserved
[   82.000396][ T8119] 0 pages cma reserved
[   82.003164][   T40] kauditd_printk_skb: 13 callbacks suppressed
[   82.003175][   T40] audit: type=1400 audit(1750423600.234:789): avc:  denied  { read write } for  pid=8112 comm="syz.0.742" name="cdc-wdm0" dev="devtmpfs" ino=3002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[   82.012849][   T40] audit: type=1400 audit(1750423600.234:790): avc:  denied  { open } for  pid=8112 comm="syz.0.742" path="/dev/cdc-wdm0" dev="devtmpfs" ino=3002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[   82.081107][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   82.081400][    T9] usb 5-1: USB disconnect, device number 3
[   82.083352][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   82.083368][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   82.287278][ T8113] netlink: 'syz.0.742': attribute type 10 has an invalid length.
[   82.325042][ T8137] FAULT_INJECTION: forcing a failure.
[   82.325042][ T8137] name failslab, interval 1, probability 0, space 0, times 0
[   82.329051][ T8137] CPU: 1 UID: 0 PID: 8137 Comm: syz.4.753 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   82.329067][ T8137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   82.329074][ T8137] Call Trace:
[   82.329079][ T8137]  <TASK>
[   82.329084][ T8137]  dump_stack_lvl+0x16c/0x1f0
[   82.329104][ T8137]  should_fail_ex+0x512/0x640
[   82.329119][ T8137]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   82.329136][ T8137]  should_failslab+0xc2/0x120
[   82.329152][ T8137]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   82.329166][ T8137]  ? __kernfs_new_node+0xd2/0x8e0
[   82.329185][ T8137]  __kernfs_new_node+0xd2/0x8e0
[   82.329202][ T8137]  ? __pfx___kernfs_new_node+0x10/0x10
[   82.329221][ T8137]  ? find_held_lock+0x2b/0x80
[   82.329235][ T8137]  ? kernfs_root+0xee/0x2a0
[   82.329252][ T8137]  kernfs_new_node+0x13c/0x1e0
[   82.329273][ T8137]  __kernfs_create_file+0x53/0x350
[   82.329287][ T8137]  sysfs_add_file_mode_ns+0x207/0x3c0
[   82.329305][ T8137]  internal_create_group+0x578/0xf30
[   82.329325][ T8137]  ? __pfx_internal_create_group+0x10/0x10
[   82.329360][ T8137]  ? kernfs_create_link+0x1bd/0x240
[   82.329375][ T8137]  internal_create_groups+0x9d/0x150
[   82.329393][ T8137]  device_add+0x6d1/0x1a70
[   82.329405][ T8137]  ? __pfx_device_add+0x10/0x10
[   82.329415][ T8137]  ? lockdep_init_map_type+0x5c/0x280
[   82.329432][ T8137]  ? __init_waitqueue_head+0xca/0x150
[   82.329447][ T8137]  netdev_register_kobject+0x182/0x3a0
[   82.329461][ T8137]  register_netdevice+0x13dc/0x2270
[   82.329482][ T8137]  ? __pfx_register_netdevice+0x10/0x10
[   82.329508][ T8137]  br_dev_newlink+0x6a/0x170
[   82.329521][ T8137]  ? __pfx_br_dev_newlink+0x10/0x10
[   82.329535][ T8137]  rtnl_newlink+0xc42/0x2000
[   82.329557][ T8137]  ? __pfx_rtnl_newlink+0x10/0x10
[   82.329572][ T8137]  ? find_held_lock+0x2b/0x80
[   82.329585][ T8137]  ? avc_has_perm_noaudit+0x117/0x3b0
[   82.329599][ T8137]  ? avc_has_perm_noaudit+0x149/0x3b0
[   82.329611][ T8137]  ? cred_has_capability.isra.0+0x193/0x2f0
[   82.329636][ T8137]  ? find_held_lock+0x2b/0x80
[   82.329648][ T8137]  ? __pfx_rtnl_newlink+0x10/0x10
[   82.329664][ T8137]  ? __pfx_rtnl_newlink+0x10/0x10
[   82.329679][ T8137]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   82.329696][ T8137]  ? __pfx_rtnl_newlink+0x10/0x10
[   82.329713][ T8137]  rtnetlink_rcv_msg+0x95e/0xe90
[   82.329731][ T8137]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   82.329752][ T8137]  ? ref_tracker_free+0x37c/0x830
[   82.329769][ T8137]  netlink_rcv_skb+0x158/0x420
[   82.329781][ T8137]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   82.329799][ T8137]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   82.329815][ T8137]  ? netlink_deliver_tap+0x1ae/0xd30
[   82.329829][ T8137]  netlink_unicast+0x53a/0x7f0
[   82.329842][ T8137]  ? __pfx_netlink_unicast+0x10/0x10
[   82.329857][ T8137]  netlink_sendmsg+0x8d1/0xdd0
[   82.329870][ T8137]  ? __pfx_netlink_sendmsg+0x10/0x10
[   82.329887][ T8137]  ____sys_sendmsg+0xa95/0xc70
[   82.329900][ T8137]  ? copy_msghdr_from_user+0x10a/0x160
[   82.329916][ T8137]  ? __pfx_____sys_sendmsg+0x10/0x10
[   82.329934][ T8137]  ___sys_sendmsg+0x134/0x1d0
[   82.329951][ T8137]  ? __pfx____sys_sendmsg+0x10/0x10
[   82.329965][ T8137]  ? __lock_acquire+0x622/0x1c90
[   82.329998][ T8137]  __sys_sendmsg+0x16d/0x220
[   82.330014][ T8137]  ? __pfx___sys_sendmsg+0x10/0x10
[   82.330039][ T8137]  do_syscall_64+0xcd/0x4c0
[   82.330057][ T8137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.330069][ T8137] RIP: 0033:0x7fc64038e929
[   82.330078][ T8137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.330089][ T8137] RSP: 002b:00007fc6412aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.330100][ T8137] RAX: ffffffffffffffda RBX: 00007fc6405b5fa0 RCX: 00007fc64038e929
[   82.330107][ T8137] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   82.330114][ T8137] RBP: 00007fc6412aa090 R08: 0000000000000000 R09: 0000000000000000
[   82.330120][ T8137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   82.330126][ T8137] R13: 0000000000000000 R14: 00007fc6405b5fa0 R15: 00007ffc6e8cd1f8
[   82.330140][ T8137]  </TASK>
[   82.463638][ T5947] Bluetooth: hci3: command 0x0c1a tx timeout
[   82.535400][ T5947] Bluetooth: hci2: command 0x0c1a tx timeout
[   82.676694][ T8152] fuse: Bad value for 'user_id'
[   82.681709][ T8152] fuse: Bad value for 'user_id'
[   82.749681][ T8150] kvm: pic: non byte write
[   82.784211][   T40] audit: type=1400 audit(1750423601.024:791): avc:  denied  { map } for  pid=8158 comm="syz.1.764" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   82.833930][ T8163] netlink: 14 bytes leftover after parsing attributes in process `syz.1.765'.
[   83.004697][   T40] audit: type=1804 audit(1750423601.244:792): pid=8180 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.773" name="file0" dev="ramfs" ino=25040 res=1 errno=0
[   83.027073][ T8180] netlink: 'syz.0.773': attribute type 1 has an invalid length.
[   83.030291][ T8180] netlink: 228 bytes leftover after parsing attributes in process `syz.0.773'.
[   83.055327][ T8177] FAULT_INJECTION: forcing a failure.
[   83.055327][ T8177] name failslab, interval 1, probability 0, space 0, times 0
[   83.060495][ T8177] CPU: 0 UID: 0 PID: 8177 Comm: syz.4.772 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   83.060512][ T8177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   83.060519][ T8177] Call Trace:
[   83.060524][ T8177]  <TASK>
[   83.060529][ T8177]  dump_stack_lvl+0x16c/0x1f0
[   83.060561][ T8177]  should_fail_ex+0x512/0x640
[   83.060581][ T8177]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   83.060597][ T8177]  should_failslab+0xc2/0x120
[   83.060613][ T8177]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   83.060627][ T8177]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[   83.060642][ T8177]  ? __lock_acquire+0xb8a/0x1c90
[   83.060660][ T8177]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[   83.060677][ T8177]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[   83.060696][ T8177]  mmu_topup_memory_caches+0x25/0x170
[   83.060711][ T8177]  kvm_mmu_load+0xd9/0x22a0
[   83.060723][ T8177]  ? kvm_apic_has_interrupt+0x106/0x1f0
[   83.060741][ T8177]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   83.060758][ T8177]  ? _raw_read_unlock+0x28/0x50
[   83.060772][ T8177]  ? vmx_set_apic_access_page_addr+0x1a0/0x900
[   83.060784][ T8177]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[   83.060797][ T8177]  ? __pfx_kvm_mmu_load+0x10/0x10
[   83.060809][ T8177]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   83.060824][ T8177]  ? kvm_check_and_inject_events+0x71c/0x1310
[   83.060841][ T8177]  vcpu_run+0x34eb/0x5500
[   83.060851][ T8177]  ? kvm_mmu_post_init_vm+0x269/0x370
[   83.060866][ T8177]  ? __lock_acquire+0xb8a/0x1c90
[   83.060886][ T8177]  ? __pfx_vcpu_run+0x10/0x10
[   83.060900][ T8177]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[   83.060913][ T8177]  ? __local_bh_enable_ip+0xa4/0x120
[   83.060929][ T8177]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[   83.060941][ T8177]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[   83.060958][ T8177]  kvm_vcpu_ioctl+0x5eb/0x1690
[   83.060972][ T8177]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   83.060989][ T8177]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[   83.061006][ T8177]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   83.061026][ T8177]  ? hook_file_ioctl_common+0x145/0x410
[   83.061041][ T8177]  ? selinux_file_ioctl+0x180/0x270
[   83.061055][ T8177]  ? selinux_file_ioctl+0xb4/0x270
[   83.061070][ T8177]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   83.061083][ T8177]  __x64_sys_ioctl+0x18b/0x210
[   83.061097][ T8177]  do_syscall_64+0xcd/0x4c0
[   83.061114][ T8177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.061126][ T8177] RIP: 0033:0x7fc64038e929
[   83.061136][ T8177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.061146][ T8177] RSP: 002b:00007fc6412aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   83.061157][ T8177] RAX: ffffffffffffffda RBX: 00007fc6405b5fa0 RCX: 00007fc64038e929
[   83.061163][ T8177] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   83.061170][ T8177] RBP: 00007fc6412aa090 R08: 0000000000000000 R09: 0000000000000000
[   83.061176][ T8177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   83.061182][ T8177] R13: 0000000000000000 R14: 00007fc6405b5fa0 R15: 00007ffc6e8cd1f8
[   83.061195][ T8177]  </TASK>
[   83.287230][ T8193] netlink: 'syz.1.778': attribute type 1 has an invalid length.
[   83.290161][ T8193] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   83.292938][ T8193] IPv6: NLM_F_CREATE should be set when creating new route
[   83.295243][ T8193] IPv6: NLM_F_CREATE should be set when creating new route
[   83.307191][ T8195] netlink: 'syz.0.777': attribute type 2 has an invalid length.
[   83.325240][ T8197] netlink: 14 bytes leftover after parsing attributes in process `syz.4.779'.
[   83.369900][ T8199] fuse: Bad value for 'fd'
[   83.390020][ T8193] netlink: 'syz.1.778': attribute type 1 has an invalid length.
[   83.393697][ T8193] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   83.514409][    T9] kernel read not supported for file /video7 (pid: 9 comm: kworker/0:0)
[   83.660654][ T8206] kvm: pic: non byte write
[   83.843099][    T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   83.993125][    T9] usb 6-1: Using ep0 maxpacket: 32
[   83.998146][    T9] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   84.001360][    T9] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[   84.004447][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.009478][    T9] usb 6-1: config 0 descriptor??
[   84.084900][ T8221] ieee802154 phy0 wpan0: encryption failed: -22
[   84.122381][ T8223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.790'.
[   84.126536][ T8223] netlink: 12 bytes leftover after parsing attributes in process `syz.0.790'.
[   84.130361][ T8223] netlink: 'syz.0.790': attribute type 19 has an invalid length.
[   84.173576][ T8226] netlink: 14 bytes leftover after parsing attributes in process `syz.2.791'.
[   84.216225][   T40] audit: type=1400 audit(1750423602.454:793): avc:  denied  { read } for  pid=8222 comm="syz.0.790" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   84.254566][    T9] usb 6-1: string descriptor 0 read error: -71
[   84.261963][    T9] usb 6-1: USB disconnect, device number 5
[   84.374364][   T40] audit: type=1400 audit(1750423602.614:794): avc:  denied  { append } for  pid=8235 comm="syz.2.795" name="001" dev="devtmpfs" ino=743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   84.536420][   T40] audit: type=1400 audit(1750423602.774:795): avc:  denied  { read } for  pid=8246 comm="syz.2.799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   84.589297][ T8253] netlink: 'syz.1.797': attribute type 2 has an invalid length.
[   86.283166][ T8223] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   86.293111][ T5947] Bluetooth: hci0: command 0x0c1a tx timeout
[   87.124174][ T8223] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   87.127345][ T8223] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   87.225858][ T8274] netlink: 14 bytes leftover after parsing attributes in process `syz.4.805'.
[   87.299081][ T8278] evm: overlay not supported
[   87.428177][ T8285] kvm: pic: non byte write
[   87.564462][ T8293] FAULT_INJECTION: forcing a failure.
[   87.564462][ T8293] name failslab, interval 1, probability 0, space 0, times 0
[   87.569450][ T8293] CPU: 1 UID: 0 PID: 8293 Comm: syz.4.813 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   87.569473][ T8293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.569484][ T8293] Call Trace:
[   87.569490][ T8293]  <TASK>
[   87.569497][ T8293]  dump_stack_lvl+0x16c/0x1f0
[   87.569544][ T8293]  should_fail_ex+0x512/0x640
[   87.569572][ T8293]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   87.569597][ T8293]  should_failslab+0xc2/0x120
[   87.569623][ T8293]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   87.569645][ T8293]  ? __alloc_skb+0x2b2/0x380
[   87.569673][ T8293]  __alloc_skb+0x2b2/0x380
[   87.569697][ T8293]  ? __pfx___alloc_skb+0x10/0x10
[   87.569723][ T8293]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   87.569747][ T8293]  netlink_alloc_large_skb+0x69/0x130
[   87.569767][ T8293]  netlink_sendmsg+0x6a1/0xdd0
[   87.569790][ T8293]  ? __pfx_netlink_sendmsg+0x10/0x10
[   87.569819][ T8293]  ____sys_sendmsg+0xa95/0xc70
[   87.569839][ T8293]  ? copy_msghdr_from_user+0x10a/0x160
[   87.569863][ T8293]  ? __pfx_____sys_sendmsg+0x10/0x10
[   87.569894][ T8293]  ___sys_sendmsg+0x134/0x1d0
[   87.569920][ T8293]  ? __pfx____sys_sendmsg+0x10/0x10
[   87.569943][ T8293]  ? __lock_acquire+0x622/0x1c90
[   87.570002][ T8293]  __sys_sendmsg+0x16d/0x220
[   87.570027][ T8293]  ? __pfx___sys_sendmsg+0x10/0x10
[   87.570069][ T8293]  do_syscall_64+0xcd/0x4c0
[   87.570098][ T8293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.570115][ T8293] RIP: 0033:0x7fc64038e929
[   87.570129][ T8293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.570146][ T8293] RSP: 002b:00007fc6412aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.570163][ T8293] RAX: ffffffffffffffda RBX: 00007fc6405b5fa0 RCX: 00007fc64038e929
[   87.570175][ T8293] RDX: 0000000000004080 RSI: 0000200000000640 RDI: 0000000000000003
[   87.570186][ T8293] RBP: 00007fc6412aa090 R08: 0000000000000000 R09: 0000000000000000
[   87.570197][ T8293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.570207][ T8293] R13: 0000000000000000 R14: 00007fc6405b5fa0 R15: 00007ffc6e8cd1f8
[   87.570232][ T8293]  </TASK>
[   87.941312][   T40] audit: type=1400 audit(1750423606.174:796): avc:  denied  { write } for  pid=8312 comm="syz.1.823" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   87.941649][ T8320] binder: BINDER_SET_CONTEXT_MGR already set
[   87.952658][ T8320] binder: 8312:8320 ioctl 4018620d 200000000040 returned -16
[   87.959466][   T40] audit: type=1400 audit(1750423606.174:797): avc:  denied  { map } for  pid=8312 comm="syz.1.823" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   88.015431][ T8326] FAULT_INJECTION: forcing a failure.
[   88.015431][ T8326] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   88.019790][ T8326] CPU: 1 UID: 0 PID: 8326 Comm: syz.4.827 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   88.019807][ T8326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.019814][ T8326] Call Trace:
[   88.019819][ T8326]  <TASK>
[   88.019823][ T8326]  dump_stack_lvl+0x16c/0x1f0
[   88.019843][ T8326]  should_fail_ex+0x512/0x640
[   88.019860][ T8326]  should_fail_alloc_page+0xe7/0x130
[   88.019878][ T8326]  prepare_alloc_pages+0x3c2/0x610
[   88.019889][ T8326]  ? lock_acquire+0x179/0x350
[   88.019907][ T8326]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[   88.019925][ T8326]  ? __lock_acquire+0x622/0x1c90
[   88.019941][ T8326]  ? css_rstat_updated+0x9d/0xd30
[   88.019958][ T8326]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   88.019974][ T8326]  ? find_held_lock+0x2b/0x80
[   88.019991][ T8326]  ? find_held_lock+0x2b/0x80
[   88.020004][ T8326]  ? rcu_read_unlock+0x17/0x60
[   88.020019][ T8326]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   88.020033][ T8326]  ? policy_nodemask+0xea/0x4e0
[   88.020050][ T8326]  alloc_pages_mpol+0x1fb/0x550
[   88.020066][ T8326]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   88.020081][ T8326]  ? rcu_is_watching+0x12/0xc0
[   88.020094][ T8326]  ? trace_kmem_cache_alloc+0x28/0xc0
[   88.020111][ T8326]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[   88.020127][ T8326]  alloc_pages_noprof+0x131/0x390
[   88.020142][ T8326]  kvm_vm_ioctl+0xbb6/0x3da0
[   88.020165][ T8326]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   88.020188][ T8326]  ? kasan_quarantine_put+0x10a/0x240
[   88.020202][ T8326]  ? lockdep_hardirqs_on+0x7c/0x110
[   88.020219][ T8326]  ? find_held_lock+0x2b/0x80
[   88.020249][ T8326]  ? tomoyo_path_number_perm+0x295/0x580
[   88.020266][ T8326]  ? tomoyo_path_number_perm+0x18d/0x580
[   88.020280][ T8326]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   88.020293][ T8326]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   88.020306][ T8326]  ? do_vfs_ioctl+0x523/0x1a60
[   88.020318][ T8326]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   88.020334][ T8326]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[   88.020351][ T8326]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   88.020370][ T8326]  ? hook_file_ioctl_common+0x145/0x410
[   88.020385][ T8326]  ? selinux_file_ioctl+0x180/0x270
[   88.020399][ T8326]  ? selinux_file_ioctl+0xb4/0x270
[   88.020414][ T8326]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   88.020437][ T8326]  __x64_sys_ioctl+0x18b/0x210
[   88.020450][ T8326]  do_syscall_64+0xcd/0x4c0
[   88.020468][ T8326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.020480][ T8326] RIP: 0033:0x7fc64038e929
[   88.020489][ T8326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.020500][ T8326] RSP: 002b:00007fc6412aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   88.020510][ T8326] RAX: ffffffffffffffda RBX: 00007fc6405b5fa0 RCX: 00007fc64038e929
[   88.020517][ T8326] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000005
[   88.020523][ T8326] RBP: 00007fc6412aa090 R08: 0000000000000000 R09: 0000000000000000
[   88.020529][ T8326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.020535][ T8326] R13: 0000000000000000 R14: 00007fc6405b5fa0 R15: 00007ffc6e8cd1f8
[   88.020549][ T8326]  </TASK>
[   88.194855][ T8328] kvm: pic: non byte write
[   88.256865][   T40] audit: type=1400 audit(1750423606.494:798): avc:  denied  { map } for  pid=8338 comm="syz.1.831" path="socket:[25289]" dev="sockfs" ino=25289 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   88.309319][   T40] audit: type=1400 audit(1750423606.544:799): avc:  denied  { read } for  pid=8341 comm="syz.4.832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   88.332153][ T8342] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.832'.
[   88.356324][   T40] audit: type=1400 audit(1750423606.594:800): avc:  denied  { read } for  pid=8343 comm="syz.1.833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   88.373485][ T5947] Bluetooth: hci3: command 0x0c1a tx timeout
[   88.512854][ T8354] netlink: 52 bytes leftover after parsing attributes in process `syz.0.837'.
[   88.554492][ T8370] mmap: syz.0.842 (8370) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   88.565024][ T8369] netlink: 'syz.0.842': attribute type 1 has an invalid length.
[   88.697023][ T8375] kvm: pic: non byte write
[   88.773160][   T34] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   88.924144][   T34] usb 9-1: Using ep0 maxpacket: 8
[   88.930958][   T34] usb 9-1: config 1 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.934526][   T34] usb 9-1: config 1 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.937764][   T34] usb 9-1: config 1 interface 0 altsetting 9 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   88.941790][   T34] usb 9-1: config 1 interface 0 has no altsetting 0
[   88.948273][   T34] usb 9-1: New USB device found, idVendor=0b05, idProduct=1866, bcdDevice= 0.40
[   88.951200][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.954529][   T34] usb 9-1: Product: Є
[   88.955931][   T34] usb 9-1: Manufacturer: ⊔撦ᘦꠟ昦堋䃍춀寪쓺쵦皚걡⻇縉홧鍸ⓜﮗכֿ氻뽕❼꫋憡뱝偯凑赑ૌ᝝㼫䄔胁쒍繾㉍ꬱ냲큉ὄ꒸ꌨ᠈ᆚ闕ﳕ叄ጋ桙玢䆙藃둱牙䠍朵㲓뚡霌ꎡ⣎閍᝹婱풪⎴픧9譥跍꿝濨曺ሪ職ᙢ
[   88.965186][   T34] usb 9-1: SerialNumber: syz
[   89.097782][   T40] audit: type=1400 audit(1750423607.334:801): avc:  denied  { append } for  pid=8425 comm="syz.1.854" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   89.098534][ T8426] netlink: 44 bytes leftover after parsing attributes in process `syz.1.854'.
[   89.173178][ T5947] Bluetooth: hci2: command 0x0c1a tx timeout
[   89.179924][   T34] usbhid 9-1:1.0: can't add hid device: -71
[   89.181869][   T34] usbhid 9-1:1.0: probe with driver usbhid failed with error -71
[   89.185723][   T34] usb 9-1: USB disconnect, device number 2
[   89.369246][   T40] audit: type=1400 audit(1750423607.604:802): avc:  denied  { write } for  pid=8429 comm="syz.1.856" path="socket:[25423]" dev="sockfs" ino=25423 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   89.407039][ T8436] FAULT_INJECTION: forcing a failure.
[   89.407039][ T8436] name failslab, interval 1, probability 0, space 0, times 0
[   89.411252][ T8436] CPU: 3 UID: 0 PID: 8436 Comm: syz.1.857 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   89.411267][ T8436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.411274][ T8436] Call Trace:
[   89.411278][ T8436]  <TASK>
[   89.411283][ T8436]  dump_stack_lvl+0x16c/0x1f0
[   89.411323][ T8436]  should_fail_ex+0x512/0x640
[   89.411342][ T8436]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   89.411362][ T8436]  should_failslab+0xc2/0x120
[   89.411378][ T8436]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   89.411395][ T8436]  ? __kernfs_new_node+0xd2/0x8e0
[   89.411415][ T8436]  __kernfs_new_node+0xd2/0x8e0
[   89.411433][ T8436]  ? __pfx___kernfs_new_node+0x10/0x10
[   89.411451][ T8436]  ? find_held_lock+0x2b/0x80
[   89.411465][ T8436]  ? kernfs_root+0xee/0x2a0
[   89.411486][ T8436]  kernfs_new_node+0x13c/0x1e0
[   89.411510][ T8436]  __kernfs_create_file+0x53/0x350
[   89.411527][ T8436]  sysfs_add_file_mode_ns+0x207/0x3c0
[   89.411546][ T8436]  internal_create_group+0x578/0xf30
[   89.411568][ T8436]  ? __pfx_internal_create_group+0x10/0x10
[   89.411592][ T8436]  ? kernfs_create_link+0x1bd/0x240
[   89.411612][ T8436]  internal_create_groups+0x9d/0x150
[   89.411642][ T8436]  device_add+0x6d1/0x1a70
[   89.411664][ T8436]  ? __pfx_device_add+0x10/0x10
[   89.411678][ T8436]  ? lockdep_init_map_type+0x5c/0x280
[   89.411707][ T8436]  ? __init_waitqueue_head+0xca/0x150
[   89.411731][ T8436]  netdev_register_kobject+0x182/0x3a0
[   89.411745][ T8436]  register_netdevice+0x13dc/0x2270
[   89.411767][ T8436]  ? __pfx_register_netdevice+0x10/0x10
[   89.411789][ T8436]  br_dev_newlink+0x6a/0x170
[   89.411803][ T8436]  ? __pfx_br_dev_newlink+0x10/0x10
[   89.411821][ T8436]  rtnl_newlink+0xc42/0x2000
[   89.411842][ T8436]  ? __pfx_rtnl_newlink+0x10/0x10
[   89.411860][ T8436]  ? find_held_lock+0x2b/0x80
[   89.411873][ T8436]  ? avc_has_perm_noaudit+0x117/0x3b0
[   89.411887][ T8436]  ? avc_has_perm_noaudit+0x149/0x3b0
[   89.411899][ T8436]  ? cred_has_capability.isra.0+0x193/0x2f0
[   89.411924][ T8436]  ? find_held_lock+0x2b/0x80
[   89.411936][ T8436]  ? __pfx_rtnl_newlink+0x10/0x10
[   89.411952][ T8436]  ? __pfx_rtnl_newlink+0x10/0x10
[   89.411967][ T8436]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   89.411984][ T8436]  ? __pfx_rtnl_newlink+0x10/0x10
[   89.412000][ T8436]  rtnetlink_rcv_msg+0x95e/0xe90
[   89.412018][ T8436]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   89.412039][ T8436]  ? ref_tracker_free+0x37c/0x830
[   89.412056][ T8436]  netlink_rcv_skb+0x158/0x420
[   89.412068][ T8436]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   89.412085][ T8436]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   89.412102][ T8436]  ? netlink_deliver_tap+0x1ae/0xd30
[   89.412115][ T8436]  netlink_unicast+0x53a/0x7f0
[   89.412128][ T8436]  ? __pfx_netlink_unicast+0x10/0x10
[   89.412143][ T8436]  netlink_sendmsg+0x8d1/0xdd0
[   89.412157][ T8436]  ? __pfx_netlink_sendmsg+0x10/0x10
[   89.412174][ T8436]  ____sys_sendmsg+0xa95/0xc70
[   89.412186][ T8436]  ? copy_msghdr_from_user+0x10a/0x160
[   89.412202][ T8436]  ? __pfx_____sys_sendmsg+0x10/0x10
[   89.412247][ T8436]  ___sys_sendmsg+0x134/0x1d0
[   89.412266][ T8436]  ? __pfx____sys_sendmsg+0x10/0x10
[   89.412281][ T8436]  ? __lock_acquire+0x622/0x1c90
[   89.412314][ T8436]  __sys_sendmsg+0x16d/0x220
[   89.412330][ T8436]  ? __pfx___sys_sendmsg+0x10/0x10
[   89.412354][ T8436]  do_syscall_64+0xcd/0x4c0
[   89.412372][ T8436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.412384][ T8436] RIP: 0033:0x7f198e58e929
[   89.412393][ T8436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.412404][ T8436] RSP: 002b:00007f198f484038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   89.412414][ T8436] RAX: ffffffffffffffda RBX: 00007f198e7b5fa0 RCX: 00007f198e58e929
[   89.412421][ T8436] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   89.412427][ T8436] RBP: 00007f198f484090 R08: 0000000000000000 R09: 0000000000000000
[   89.412433][ T8436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   89.412440][ T8436] R13: 0000000000000000 R14: 00007f198e7b5fa0 R15: 00007ffef60f6968
[   89.412453][ T8436]  </TASK>
[   89.552072][    C3] vkms_vblank_simulate: vblank timer overrun
[   89.756943][   T40] audit: type=1400 audit(1750423607.994:803): avc:  denied  { read } for  pid=8451 comm="syz.4.865" name="btrfs-control" dev="devtmpfs" ino=1336 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   89.757070][   T40] audit: type=1400 audit(1750423607.994:804): avc:  denied  { open } for  pid=8451 comm="syz.4.865" path="/dev/btrfs-control" dev="devtmpfs" ino=1336 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   89.804006][ T8459] fuse: Unknown parameter 'user_i00000000000000000000'
[   89.837878][   T40] audit: type=1400 audit(1750423608.074:805): avc:  denied  { getopt } for  pid=8455 comm="syz.1.866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   89.929821][ T8470] netlink: 14 bytes leftover after parsing attributes in process `syz.0.871'.
[   89.931862][ T8467] kvm: pic: non byte write
[   90.280472][ T8487] FAULT_INJECTION: forcing a failure.
[   90.280472][ T8487] name failslab, interval 1, probability 0, space 0, times 0
[   90.285579][ T8487] CPU: 2 UID: 0 PID: 8487 Comm: syz.0.878 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   90.285595][ T8487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.285602][ T8487] Call Trace:
[   90.285607][ T8487]  <TASK>
[   90.285611][ T8487]  dump_stack_lvl+0x16c/0x1f0
[   90.285632][ T8487]  should_fail_ex+0x512/0x640
[   90.285647][ T8487]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   90.285664][ T8487]  should_failslab+0xc2/0x120
[   90.285680][ T8487]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   90.285699][ T8487]  ? __kernfs_new_node+0xd2/0x8e0
[   90.285718][ T8487]  __kernfs_new_node+0xd2/0x8e0
[   90.285735][ T8487]  ? __pfx___kernfs_new_node+0x10/0x10
[   90.285754][ T8487]  ? find_held_lock+0x2b/0x80
[   90.285768][ T8487]  ? kernfs_root+0xee/0x2a0
[   90.285794][ T8487]  kernfs_new_node+0x13c/0x1e0
[   90.285825][ T8487]  __kernfs_create_file+0x53/0x350
[   90.285849][ T8487]  sysfs_add_file_mode_ns+0x207/0x3c0
[   90.285880][ T8487]  internal_create_group+0x578/0xf30
[   90.285906][ T8487]  ? __pfx_internal_create_group+0x10/0x10
[   90.285925][ T8487]  ? kernfs_create_link+0x1bd/0x240
[   90.285940][ T8487]  internal_create_groups+0x9d/0x150
[   90.285957][ T8487]  device_add+0x6d1/0x1a70
[   90.285969][ T8487]  ? __pfx_device_add+0x10/0x10
[   90.285979][ T8487]  ? lockdep_init_map_type+0x5c/0x280
[   90.285997][ T8487]  ? __init_waitqueue_head+0xca/0x150
[   90.286013][ T8487]  netdev_register_kobject+0x182/0x3a0
[   90.286027][ T8487]  register_netdevice+0x13dc/0x2270
[   90.286047][ T8487]  ? __pfx_register_netdevice+0x10/0x10
[   90.286069][ T8487]  br_dev_newlink+0x6a/0x170
[   90.286082][ T8487]  ? __pfx_br_dev_newlink+0x10/0x10
[   90.286097][ T8487]  rtnl_newlink+0xc42/0x2000
[   90.286118][ T8487]  ? __pfx_rtnl_newlink+0x10/0x10
[   90.286134][ T8487]  ? find_held_lock+0x2b/0x80
[   90.286146][ T8487]  ? avc_has_perm_noaudit+0x117/0x3b0
[   90.286160][ T8487]  ? avc_has_perm_noaudit+0x149/0x3b0
[   90.286172][ T8487]  ? cred_has_capability.isra.0+0x193/0x2f0
[   90.286197][ T8487]  ? find_held_lock+0x2b/0x80
[   90.286209][ T8487]  ? __pfx_rtnl_newlink+0x10/0x10
[   90.286225][ T8487]  ? __pfx_rtnl_newlink+0x10/0x10
[   90.286240][ T8487]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   90.286257][ T8487]  ? __pfx_rtnl_newlink+0x10/0x10
[   90.286274][ T8487]  rtnetlink_rcv_msg+0x95e/0xe90
[   90.286291][ T8487]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   90.286312][ T8487]  ? ref_tracker_free+0x37c/0x830
[   90.286329][ T8487]  netlink_rcv_skb+0x158/0x420
[   90.286341][ T8487]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   90.286359][ T8487]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   90.286375][ T8487]  ? netlink_deliver_tap+0x1ae/0xd30
[   90.286389][ T8487]  netlink_unicast+0x53a/0x7f0
[   90.286402][ T8487]  ? __pfx_netlink_unicast+0x10/0x10
[   90.286417][ T8487]  netlink_sendmsg+0x8d1/0xdd0
[   90.286431][ T8487]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.286450][ T8487]  ____sys_sendmsg+0xa95/0xc70
[   90.286462][ T8487]  ? copy_msghdr_from_user+0x10a/0x160
[   90.286478][ T8487]  ? __pfx_____sys_sendmsg+0x10/0x10
[   90.286496][ T8487]  ___sys_sendmsg+0x134/0x1d0
[   90.286513][ T8487]  ? __pfx____sys_sendmsg+0x10/0x10
[   90.286527][ T8487]  ? __lock_acquire+0x622/0x1c90
[   90.286560][ T8487]  __sys_sendmsg+0x16d/0x220
[   90.286576][ T8487]  ? __pfx___sys_sendmsg+0x10/0x10
[   90.286600][ T8487]  do_syscall_64+0xcd/0x4c0
[   90.286617][ T8487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.286629][ T8487] RIP: 0033:0x7f5403f8e929
[   90.286638][ T8487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.286649][ T8487] RSP: 002b:00007f5404e0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.286660][ T8487] RAX: ffffffffffffffda RBX: 00007f54041b5fa0 RCX: 00007f5403f8e929
[   90.286666][ T8487] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   90.286673][ T8487] RBP: 00007f5404e0e090 R08: 0000000000000000 R09: 0000000000000000
[   90.286679][ T8487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   90.286685][ T8487] R13: 0000000000000000 R14: 00007f54041b5fa0 R15: 00007ffe08b5fac8
[   90.286703][ T8487]  </TASK>
[   90.488780][ T8489] fuse: Unknown parameter 'user_i00000000000000000000'
[   90.524913][ T8491] FAULT_INJECTION: forcing a failure.
[   90.524913][ T8491] name failslab, interval 1, probability 0, space 0, times 0
[   90.528610][ T8491] CPU: 0 UID: 0 PID: 8491 Comm: syz.0.880 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   90.528626][ T8491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.528633][ T8491] Call Trace:
[   90.528637][ T8491]  <TASK>
[   90.528641][ T8491]  dump_stack_lvl+0x16c/0x1f0
[   90.528662][ T8491]  should_fail_ex+0x512/0x640
[   90.528676][ T8491]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   90.528693][ T8491]  should_failslab+0xc2/0x120
[   90.528709][ T8491]  __kmalloc_cache_noprof+0x6a/0x3e0
[   90.528722][ T8491]  ? kvm_arch_vcpu_create+0x3d3/0xb20
[   90.528738][ T8491]  kvm_arch_vcpu_create+0x3d3/0xb20
[   90.528753][ T8491]  kvm_vm_ioctl+0xf57/0x3da0
[   90.528775][ T8491]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   90.528799][ T8491]  ? kasan_quarantine_put+0x10a/0x240
[   90.528812][ T8491]  ? lockdep_hardirqs_on+0x7c/0x110
[   90.528829][ T8491]  ? find_held_lock+0x2b/0x80
[   90.528843][ T8491]  ? tomoyo_path_number_perm+0x295/0x580
[   90.528859][ T8491]  ? tomoyo_path_number_perm+0x18d/0x580
[   90.528873][ T8491]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   90.528886][ T8491]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   90.528899][ T8491]  ? do_vfs_ioctl+0x523/0x1a60
[   90.528912][ T8491]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   90.528927][ T8491]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[   90.528944][ T8491]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   90.528963][ T8491]  ? hook_file_ioctl_common+0x145/0x410
[   90.528977][ T8491]  ? selinux_file_ioctl+0x180/0x270
[   90.528991][ T8491]  ? selinux_file_ioctl+0xb4/0x270
[   90.529006][ T8491]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   90.529023][ T8491]  __x64_sys_ioctl+0x18b/0x210
[   90.529036][ T8491]  do_syscall_64+0xcd/0x4c0
[   90.529053][ T8491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.529065][ T8491] RIP: 0033:0x7f5403f8e929
[   90.529073][ T8491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.529084][ T8491] RSP: 002b:00007f5404e0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   90.529094][ T8491] RAX: ffffffffffffffda RBX: 00007f54041b5fa0 RCX: 00007f5403f8e929
[   90.529101][ T8491] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000005
[   90.529107][ T8491] RBP: 00007f5404e0e090 R08: 0000000000000000 R09: 0000000000000000
[   90.529113][ T8491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.529119][ T8491] R13: 0000000000000000 R14: 00007f54041b5fa0 R15: 00007ffe08b5fac8
[   90.529133][ T8491]  </TASK>
[   90.730969][ T8503] netlink: 192 bytes leftover after parsing attributes in process `syz.0.886'.
[   90.754754][ T8506] FAULT_INJECTION: forcing a failure.
[   90.754754][ T8506] name failslab, interval 1, probability 0, space 0, times 0
[   90.758739][ T8506] CPU: 1 UID: 0 PID: 8506 Comm: syz.2.888 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   90.758754][ T8506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.758761][ T8506] Call Trace:
[   90.758765][ T8506]  <TASK>
[   90.758770][ T8506]  dump_stack_lvl+0x16c/0x1f0
[   90.758792][ T8506]  should_fail_ex+0x512/0x640
[   90.758807][ T8506]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   90.758824][ T8506]  should_failslab+0xc2/0x120
[   90.758839][ T8506]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   90.758854][ T8506]  ? __alloc_skb+0x2b2/0x380
[   90.758871][ T8506]  __alloc_skb+0x2b2/0x380
[   90.758885][ T8506]  ? __pfx___alloc_skb+0x10/0x10
[   90.758901][ T8506]  ? avc_has_perm_noaudit+0x149/0x3b0
[   90.758915][ T8506]  __tipc_nl_compat_doit+0xa1/0x3d0
[   90.758928][ T8506]  ? __dev_queue_xmit+0x7eb/0x43e0
[   90.758942][ T8506]  ? __pfx___tipc_nl_compat_doit+0x10/0x10
[   90.758953][ T8506]  ? ___sys_sendmsg+0x134/0x1d0
[   90.758974][ T8506]  ? bpf_lsm_capable+0x9/0x10
[   90.758985][ T8506]  ? security_capable+0x7e/0x260
[   90.758999][ T8506]  tipc_nl_compat_doit+0x11e/0x290
[   90.759012][ T8506]  tipc_nl_compat_recv+0x741/0xc50
[   90.759025][ T8506]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[   90.759037][ T8506]  ? __pfx___tipc_nl_net_set+0x10/0x10
[   90.759046][ T8506]  ? __pfx_tipc_nl_compat_net_set+0x10/0x10
[   90.759059][ T8506]  ? __mutex_trylock_common+0xe9/0x250
[   90.759081][ T8506]  ? rcu_is_watching+0x12/0xc0
[   90.759094][ T8506]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[   90.759112][ T8506]  genl_family_rcv_msg_doit+0x209/0x2f0
[   90.759126][ T8506]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   90.759140][ T8506]  ? genl_get_cmd+0x194/0x580
[   90.759156][ T8506]  ? __radix_tree_lookup+0x21f/0x2c0
[   90.759173][ T8506]  genl_rcv_msg+0x55c/0x800
[   90.759188][ T8506]  ? __pfx_genl_rcv_msg+0x10/0x10
[   90.759201][ T8506]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[   90.759219][ T8506]  netlink_rcv_skb+0x158/0x420
[   90.759230][ T8506]  ? __pfx_genl_rcv_msg+0x10/0x10
[   90.759244][ T8506]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   90.759260][ T8506]  ? netlink_deliver_tap+0x1ae/0xd30
[   90.759273][ T8506]  genl_rcv+0x28/0x40
[   90.759284][ T8506]  netlink_unicast+0x53a/0x7f0
[   90.759297][ T8506]  ? __pfx_netlink_unicast+0x10/0x10
[   90.759312][ T8506]  netlink_sendmsg+0x8d1/0xdd0
[   90.759326][ T8506]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.759343][ T8506]  ____sys_sendmsg+0xa95/0xc70
[   90.759354][ T8506]  ? copy_msghdr_from_user+0x10a/0x160
[   90.759370][ T8506]  ? __pfx_____sys_sendmsg+0x10/0x10
[   90.759388][ T8506]  ___sys_sendmsg+0x134/0x1d0
[   90.759405][ T8506]  ? __pfx____sys_sendmsg+0x10/0x10
[   90.759419][ T8506]  ? __lock_acquire+0x622/0x1c90
[   90.759457][ T8506]  __sys_sendmsg+0x16d/0x220
[   90.759473][ T8506]  ? __pfx___sys_sendmsg+0x10/0x10
[   90.759497][ T8506]  do_syscall_64+0xcd/0x4c0
[   90.759515][ T8506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.759526][ T8506] RIP: 0033:0x7f067098e929
[   90.759536][ T8506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.759546][ T8506] RSP: 002b:00007f066e7f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.759556][ T8506] RAX: ffffffffffffffda RBX: 00007f0670bb5fa0 RCX: 00007f067098e929
[   90.759563][ T8506] RDX: 0000000000004080 RSI: 0000200000000640 RDI: 0000000000000003
[   90.759569][ T8506] RBP: 00007f066e7f6090 R08: 0000000000000000 R09: 0000000000000000
[   90.759575][ T8506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.759581][ T8506] R13: 0000000000000000 R14: 00007f0670bb5fa0 R15: 00007ffcfe1eb028
[   90.759595][ T8506]  </TASK>
[   90.917895][ T8514] macvlan2: entered promiscuous mode
[   90.919761][ T8523] netlink: 8 bytes leftover after parsing attributes in process `syz.4.890'.
[   90.920023][ T8514] macvlan2: entered allmulticast mode
[   91.029333][ T8539] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[   91.031493][ T8539] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   91.034816][ T8539] vhci_hcd vhci_hcd.0: Device attached
[   91.038347][ T8540] vhci_hcd: cannot find the pending unlink 1023
[   91.040392][ T8540] vhci_hcd: connection closed
[   91.041632][ T8397] vhci_hcd: stop threads
[   91.045975][ T8397] vhci_hcd: release socket
[   91.049343][ T8397] vhci_hcd: disconnect device
[   91.130961][ T8547] netlink: 60 bytes leftover after parsing attributes in process `syz.2.896'.
[   91.231121][ T8552] fuse: Unknown parameter 'user_id00000000000000000000'
[   91.397217][ T8558] FAULT_INJECTION: forcing a failure.
[   91.397217][ T8558] name failslab, interval 1, probability 0, space 0, times 0
[   91.401144][ T8558] CPU: 3 UID: 0 PID: 8558 Comm: syz.1.901 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   91.401160][ T8558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.401167][ T8558] Call Trace:
[   91.401171][ T8558]  <TASK>
[   91.401176][ T8558]  dump_stack_lvl+0x16c/0x1f0
[   91.401196][ T8558]  should_fail_ex+0x512/0x640
[   91.401211][ T8558]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   91.401228][ T8558]  should_failslab+0xc2/0x120
[   91.401244][ T8558]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   91.401258][ T8558]  ? kvm_arch_vcpu_create+0x4a1/0xb20
[   91.401274][ T8558]  kvm_arch_vcpu_create+0x4a1/0xb20
[   91.401290][ T8558]  kvm_vm_ioctl+0xf57/0x3da0
[   91.401312][ T8558]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   91.401336][ T8558]  ? kasan_quarantine_put+0x10a/0x240
[   91.401348][ T8558]  ? lockdep_hardirqs_on+0x7c/0x110
[   91.401366][ T8558]  ? find_held_lock+0x2b/0x80
[   91.401379][ T8558]  ? tomoyo_path_number_perm+0x295/0x580
[   91.401396][ T8558]  ? tomoyo_path_number_perm+0x18d/0x580
[   91.401410][ T8558]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   91.401423][ T8558]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   91.401437][ T8558]  ? do_vfs_ioctl+0x523/0x1a60
[   91.401449][ T8558]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   91.401464][ T8558]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[   91.401481][ T8558]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   91.401501][ T8558]  ? hook_file_ioctl_common+0x145/0x410
[   91.401515][ T8558]  ? selinux_file_ioctl+0x180/0x270
[   91.401529][ T8558]  ? selinux_file_ioctl+0xb4/0x270
[   91.401544][ T8558]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   91.401561][ T8558]  __x64_sys_ioctl+0x18b/0x210
[   91.401574][ T8558]  do_syscall_64+0xcd/0x4c0
[   91.401605][ T8558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.401617][ T8558] RIP: 0033:0x7f198e58e929
[   91.401626][ T8558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.401637][ T8558] RSP: 002b:00007f198f484038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   91.401647][ T8558] RAX: ffffffffffffffda RBX: 00007f198e7b5fa0 RCX: 00007f198e58e929
[   91.401654][ T8558] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000005
[   91.401664][ T8558] RBP: 00007f198f484090 R08: 0000000000000000 R09: 0000000000000000
[   91.401670][ T8558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.401677][ T8558] R13: 0000000000000000 R14: 00007f198e7b5fa0 R15: 00007ffef60f6968
[   91.401690][ T8558]  </TASK>
[   91.401869][ T8558] kvm: failed to allocate vcpu's emulator
[   91.708688][ T8569] overlayfs: failed to resolve './file1/file0': -2
[   91.817871][ T8576] netlink: 4 bytes leftover after parsing attributes in process `syz.0.910'.
[   91.837995][ T8577] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   92.076844][ T8583] FAULT_INJECTION: forcing a failure.
[   92.076844][ T8583] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.081101][ T8583] CPU: 3 UID: 0 PID: 8583 Comm: syz.1.912 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   92.081116][ T8583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.081123][ T8583] Call Trace:
[   92.081128][ T8583]  <TASK>
[   92.081132][ T8583]  dump_stack_lvl+0x16c/0x1f0
[   92.081152][ T8583]  should_fail_ex+0x512/0x640
[   92.081173][ T8583]  _copy_from_user+0x2e/0xd0
[   92.081196][ T8583]  raw_alloc_io_data+0x32/0x1c0
[   92.081209][ T8583]  raw_ioctl+0xae4/0x2c30
[   92.081223][ T8583]  ? __pfx_raw_ioctl+0x10/0x10
[   92.081234][ T8583]  ? selinux_file_ioctl+0xb4/0x270
[   92.081250][ T8583]  ? __pfx_raw_ioctl+0x10/0x10
[   92.081261][ T8583]  __x64_sys_ioctl+0x18b/0x210
[   92.081275][ T8583]  do_syscall_64+0xcd/0x4c0
[   92.081293][ T8583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.081305][ T8583] RIP: 0033:0x7f198e58e929
[   92.081314][ T8583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.081325][ T8583] RSP: 002b:00007f198f484038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   92.081336][ T8583] RAX: ffffffffffffffda RBX: 00007f198e7b5fa0 RCX: 00007f198e58e929
[   92.081342][ T8583] RDX: 0000000000000000 RSI: 0000000040085503 RDI: 0000000000000004
[   92.081349][ T8583] RBP: 00007f198f484090 R08: 0000000000000000 R09: 0000000000000000
[   92.081355][ T8583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.081361][ T8583] R13: 0000000000000000 R14: 00007f198e7b5fa0 R15: 00007ffef60f6968
[   92.081374][ T8583]  </TASK>
[   92.132477][    C3] vkms_vblank_simulate: vblank timer overrun
[   92.146866][ T8598] binder: 8584:8598 ioctl 8040450a 200000000080 returned -22
[   92.659081][ T8625] overlayfs: failed to resolve './file1/file0': -2
[   92.746476][ T8637] netlink: 56 bytes leftover after parsing attributes in process `syz.0.933'.
[   92.751073][ T8637] ieee802154 phy0 wpan0: encryption failed: -22
[   92.796666][ T8631] kvm: pic: non byte write
[   92.817370][ T8645] netlink: 14 bytes leftover after parsing attributes in process `syz.0.935'.
[   92.852475][ T8649] trusted_key: encrypted_key: insufficient parameters specified
[   92.990271][ T8657] overlayfs: failed to resolve './file1/file0': -2
[   93.101785][ T8663] fuse: Bad value for 'fd'
[   93.287807][ T8673] overlayfs: missing 'lowerdir'
[   93.351731][ T8675] overlayfs: failed to resolve './file1/file0': -2
[   93.382284][ T8677] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=120 sclass=netlink_xfrm_socket pid=8677 comm=syz.0.949
[   93.419230][ T8682] netlink: 8 bytes leftover after parsing attributes in process `syz.0.950'.
[   93.422664][ T8682] netlink: 12 bytes leftover after parsing attributes in process `syz.0.950'.
[   93.500314][ T8684] netlink: 'syz.2.947': attribute type 2 has an invalid length.
[   93.613320][ T8688] fuse: Bad value for 'fd'
[   93.653417][ T8690] netlink: 'syz.0.953': attribute type 10 has an invalid length.
[   93.943375][   T40] kauditd_printk_skb: 10 callbacks suppressed
[   93.943388][   T40] audit: type=1400 audit(1750423612.174:816): avc:  denied  { mount } for  pid=8703 comm="syz.1.959" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   93.960669][   T40] audit: type=1400 audit(1750423612.194:817): avc:  denied  { unmount } for  pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   93.982586][   T40] audit: type=1400 audit(1750423612.214:818): avc:  denied  { lock } for  pid=8708 comm="syz.0.961" path="/dev/uinput" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   93.984164][ T8709] input: syz1 as /devices/virtual/input/input12
[   94.328621][ T8727] netlink: 14 bytes leftover after parsing attributes in process `syz.0.968'.
[   94.378825][ T8725] kvm: pic: non byte write
[   94.400769][ T8737] fuse: Unknown parameter '0x0000000000000003'
[   94.436422][ T8739] overlayfs: overlapping lowerdir path
[   94.459831][ T8742] netlink: 4 bytes leftover after parsing attributes in process `syz.0.973'.
[   94.493332][ T8747] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8747 comm=syz.0.975
[   94.501555][ T8747] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8747 comm=syz.0.975
[   94.541054][   T40] audit: type=1400 audit(1750423612.774:819): avc:  denied  { read write } for  pid=8750 comm="syz.1.976" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   94.548350][   T40] audit: type=1400 audit(1750423612.774:820): avc:  denied  { open } for  pid=8750 comm="syz.1.976" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   94.557814][ T8752] netlink: 64 bytes leftover after parsing attributes in process `syz.0.975'.
[   94.646523][ T8759] netlink: 'syz.0.978': attribute type 1 has an invalid length.
[   94.649344][ T8759] netlink: 'syz.0.978': attribute type 2 has an invalid length.
[   94.652707][ T8759] netlink: 'syz.0.978': attribute type 1 has an invalid length.
[   94.656257][ T8759] netlink: 'syz.0.978': attribute type 2 has an invalid length.
[   94.659983][ T8759] netlink: 'syz.0.978': attribute type 1 has an invalid length.
[   94.663580][ T8759] netlink: 'syz.0.978': attribute type 2 has an invalid length.
[   94.667198][ T8759] netlink: 'syz.0.978': attribute type 1 has an invalid length.
[   94.670485][ T8759] netlink: 'syz.0.978': attribute type 2 has an invalid length.
[   94.674588][ T8759] netlink: 'syz.0.978': attribute type 1 has an invalid length.
[   94.686327][   T40] audit: type=1400 audit(1750423612.924:821): avc:  denied  { ioctl } for  pid=8757 comm="syz.0.978" path="socket:[29715]" dev="sockfs" ino=29715 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   94.912427][ T8770] overlayfs: overlapping lowerdir path
[   95.554779][ T8788] netlink: 24 bytes leftover after parsing attributes in process `syz.4.988'.
[   95.873073][   T40] audit: type=1400 audit(1750423614.104:822): avc:  denied  { write } for  pid=8799 comm="syz.4.992" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   95.880219][   T40] audit: type=1400 audit(1750423614.114:823): avc:  denied  { ioctl } for  pid=8799 comm="syz.4.992" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   95.916730][ T8804] overlayfs: overlapping lowerdir path
[   95.959167][ T8806] program syz.4.995 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   95.959175][ T8807] program syz.4.995 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   95.964045][   T40] audit: type=1400 audit(1750423614.194:824): avc:  denied  { append } for  pid=8805 comm="syz.4.995" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   95.965745][ T8809] block nbd1: server does not support multiple connections per device.
[   95.972372][   T40] audit: type=1400 audit(1750423614.194:825): avc:  denied  { append } for  pid=8805 comm="syz.4.995" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   95.982055][ T8801] block nbd1: shutting down sockets
[   96.160177][ T8826] FAULT_INJECTION: forcing a failure.
[   96.160177][ T8826] name failslab, interval 1, probability 0, space 0, times 0
[   96.164288][ T8826] CPU: 1 UID: 0 PID: 8826 Comm: syz.0.1001 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   96.164303][ T8826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.164310][ T8826] Call Trace:
[   96.164314][ T8826]  <TASK>
[   96.164319][ T8826]  dump_stack_lvl+0x16c/0x1f0
[   96.164352][ T8826]  should_fail_ex+0x512/0x640
[   96.164371][ T8826]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   96.164387][ T8826]  should_failslab+0xc2/0x120
[   96.164403][ T8826]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   96.164417][ T8826]  ? __kernfs_new_node+0xd2/0x8e0
[   96.164435][ T8826]  __kernfs_new_node+0xd2/0x8e0
[   96.164457][ T8826]  ? __pfx___kernfs_new_node+0x10/0x10
[   96.164477][ T8826]  ? find_held_lock+0x2b/0x80
[   96.164490][ T8826]  ? kernfs_root+0xee/0x2a0
[   96.164508][ T8826]  kernfs_new_node+0x13c/0x1e0
[   96.164528][ T8826]  __kernfs_create_file+0x53/0x350
[   96.164543][ T8826]  sysfs_add_file_mode_ns+0x207/0x3c0
[   96.164560][ T8826]  internal_create_group+0x578/0xf30
[   96.164580][ T8826]  ? __pfx_internal_create_group+0x10/0x10
[   96.164599][ T8826]  ? kernfs_create_link+0x1bd/0x240
[   96.164613][ T8826]  internal_create_groups+0x9d/0x150
[   96.164631][ T8826]  device_add+0x77f/0x1a70
[   96.164643][ T8826]  ? __pfx_device_add+0x10/0x10
[   96.164652][ T8826]  ? lockdep_init_map_type+0x5c/0x280
[   96.164670][ T8826]  ? __init_waitqueue_head+0xca/0x150
[   96.164685][ T8826]  netdev_register_kobject+0x182/0x3a0
[   96.164699][ T8826]  register_netdevice+0x13dc/0x2270
[   96.164719][ T8826]  ? __pfx_register_netdevice+0x10/0x10
[   96.164741][ T8826]  br_dev_newlink+0x6a/0x170
[   96.164754][ T8826]  ? __pfx_br_dev_newlink+0x10/0x10
[   96.164768][ T8826]  rtnl_newlink+0xc42/0x2000
[   96.164789][ T8826]  ? __pfx_rtnl_newlink+0x10/0x10
[   96.164805][ T8826]  ? find_held_lock+0x2b/0x80
[   96.164817][ T8826]  ? avc_has_perm_noaudit+0x117/0x3b0
[   96.164831][ T8826]  ? avc_has_perm_noaudit+0x149/0x3b0
[   96.164843][ T8826]  ? cred_has_capability.isra.0+0x193/0x2f0
[   96.164868][ T8826]  ? find_held_lock+0x2b/0x80
[   96.164880][ T8826]  ? __pfx_rtnl_newlink+0x10/0x10
[   96.164896][ T8826]  ? __pfx_rtnl_newlink+0x10/0x10
[   96.164911][ T8826]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   96.164928][ T8826]  ? __pfx_rtnl_newlink+0x10/0x10
[   96.164945][ T8826]  rtnetlink_rcv_msg+0x95e/0xe90
[   96.164963][ T8826]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   96.164983][ T8826]  ? ref_tracker_free+0x37c/0x830
[   96.165000][ T8826]  netlink_rcv_skb+0x158/0x420
[   96.165012][ T8826]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   96.165030][ T8826]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   96.165046][ T8826]  ? netlink_deliver_tap+0x1ae/0xd30
[   96.165059][ T8826]  netlink_unicast+0x53a/0x7f0
[   96.165072][ T8826]  ? __pfx_netlink_unicast+0x10/0x10
[   96.165088][ T8826]  netlink_sendmsg+0x8d1/0xdd0
[   96.165101][ T8826]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.165118][ T8826]  ____sys_sendmsg+0xa95/0xc70
[   96.165130][ T8826]  ? copy_msghdr_from_user+0x10a/0x160
[   96.165146][ T8826]  ? __pfx_____sys_sendmsg+0x10/0x10
[   96.165164][ T8826]  ___sys_sendmsg+0x134/0x1d0
[   96.165181][ T8826]  ? __pfx____sys_sendmsg+0x10/0x10
[   96.165195][ T8826]  ? __lock_acquire+0x622/0x1c90
[   96.165229][ T8826]  __sys_sendmsg+0x16d/0x220
[   96.165245][ T8826]  ? __pfx___sys_sendmsg+0x10/0x10
[   96.165269][ T8826]  do_syscall_64+0xcd/0x4c0
[   96.165287][ T8826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.165298][ T8826] RIP: 0033:0x7f5403f8e929
[   96.165307][ T8826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.165318][ T8826] RSP: 002b:00007f5404e0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.165328][ T8826] RAX: ffffffffffffffda RBX: 00007f54041b5fa0 RCX: 00007f5403f8e929
[   96.165335][ T8826] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   96.165341][ T8826] RBP: 00007f5404e0e090 R08: 0000000000000000 R09: 0000000000000000
[   96.165348][ T8826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   96.165354][ T8826] R13: 0000000000000000 R14: 00007f54041b5fa0 R15: 00007ffe08b5fac8
[   96.165367][ T8826]  </TASK>
[   96.378330][ T8833] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1004'.
[   96.407941][ T8835] fuse: Unknown parameter 'fd0x0000000000000003'
[   96.729170][ T8850] xt_hashlimit: size too large, truncated to 1048576
[   96.844922][ T8858] 9pnet_virtio: no channels available for device syz
[   96.850555][ T8858] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1012'.
[   96.907547][ T8858] syz.2.1012 (8858) used greatest stack depth: 19800 bytes left
[   97.030051][ T8862] fuse: Unknown parameter 'fd0x0000000000000003'
[   97.350421][ T8880] FAULT_INJECTION: forcing a failure.
[   97.350421][ T8880] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.354684][ T8880] CPU: 3 UID: 0 PID: 8880 Comm: syz.1.1022 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[   97.354699][ T8880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.354706][ T8880] Call Trace:
[   97.354710][ T8880]  <TASK>
[   97.354714][ T8880]  dump_stack_lvl+0x16c/0x1f0
[   97.354746][ T8880]  should_fail_ex+0x512/0x640
[   97.354767][ T8880]  _copy_to_user+0x32/0xd0
[   97.354784][ T8880]  simple_read_from_buffer+0xcb/0x170
[   97.354800][ T8880]  proc_fail_nth_read+0x197/0x270
[   97.354814][ T8880]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.354829][ T8880]  ? rw_verify_area+0xcf/0x680
[   97.354840][ T8880]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.354853][ T8880]  vfs_read+0x1e1/0xc60
[   97.354868][ T8880]  ? __pfx___mutex_lock+0x10/0x10
[   97.354886][ T8880]  ? __pfx_vfs_read+0x10/0x10
[   97.354902][ T8880]  ? __fget_files+0x20e/0x3c0
[   97.354922][ T8880]  ksys_read+0x12a/0x250
[   97.354935][ T8880]  ? __pfx_ksys_read+0x10/0x10
[   97.354952][ T8880]  do_syscall_64+0xcd/0x4c0
[   97.354969][ T8880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.354981][ T8880] RIP: 0033:0x7f198e58d33c
[   97.354990][ T8880] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   97.355001][ T8880] RSP: 002b:00007f198f484030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   97.355011][ T8880] RAX: ffffffffffffffda RBX: 00007f198e7b5fa0 RCX: 00007f198e58d33c
[   97.355018][ T8880] RDX: 000000000000000f RSI: 00007f198f4840a0 RDI: 0000000000000004
[   97.355024][ T8880] RBP: 00007f198f484090 R08: 0000000000000000 R09: 0000000000000000
[   97.355030][ T8880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.355036][ T8880] R13: 0000000000000000 R14: 00007f198e7b5fa0 R15: 00007ffef60f6968
[   97.355050][ T8880]  </TASK>
[   97.420165][    C3] vkms_vblank_simulate: vblank timer overrun
[   97.448853][ T8886] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1024'.
[   97.543682][ T8891] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1020'.
[  100.548797][ T8896] block nbd0: shutting down sockets
[  100.617562][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  100.617573][   T40] audit: type=1400 audit(1750423618.844:831): avc:  denied  { setopt } for  pid=8906 comm="syz.4.1031" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  100.705227][ T8915] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=8915 comm=syz.0.1033
[  100.761673][ T8937] __nla_validate_parse: 1 callbacks suppressed
[  100.761684][ T8937] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1033'.
[  100.829958][   T40] audit: type=1400 audit(1750423619.064:832): avc:  denied  { mount } for  pid=8951 comm="syz.2.1047" name="/" dev="configfs" ino=2071 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  100.837580][   T40] audit: type=1400 audit(1750423619.064:833): avc:  denied  { mounton } for  pid=8951 comm="syz.2.1047" path="/241/file0" dev="configfs" ino=2071 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.845199][   T40] audit: type=1400 audit(1750423619.064:834): avc:  denied  { read } for  pid=8951 comm="syz.2.1047" name="/" dev="configfs" ino=2071 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.851922][   T40] audit: type=1400 audit(1750423619.064:835): avc:  denied  { open } for  pid=8951 comm="syz.2.1047" path="/241/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.860244][   T40] audit: type=1400 audit(1750423619.064:836): avc:  denied  { read } for  pid=8951 comm="syz.2.1047" name="/" dev="configfs" ino=2071 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.867099][   T40] audit: type=1400 audit(1750423619.064:837): avc:  denied  { read } for  pid=8951 comm="syz.2.1047" name="/" dev="configfs" ino=2071 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.873256][ T8954] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1048'.
[  100.875042][   T40] audit: type=1400 audit(1750423619.104:838): avc:  denied  { unmount } for  pid=5935 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  100.916933][   T40] audit: type=1400 audit(1750423619.154:839): avc:  denied  { write } for  pid=8955 comm="syz.1.1050" name="/" dev="9p" ino=35913881 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  101.130154][ T8975] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1058'.
[  101.254720][ T8979] overlayfs: missing 'lowerdir'
[  101.333602][   T29] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  101.476816][ T8995] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1065'.
[  101.483709][ T8995] erspan0: entered promiscuous mode
[  101.485841][ T8995] macvtap1: entered promiscuous mode
[  101.487614][ T8995] macvtap1: entered allmulticast mode
[  101.489328][ T8995] erspan0: entered allmulticast mode
[  101.504512][   T29] usb 5-1: Using ep0 maxpacket: 32
[  101.508028][   T29] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  101.510839][   T29] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  101.513862][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.518319][   T29] usb 5-1: config 0 descriptor??
[  101.839534][   T29] usb 5-1: string descriptor 0 read error: -71
[  101.842406][   T29] usb 5-1: USB disconnect, device number 4
[  101.907715][ T9002] SET target dimension over the limit!
[  101.981087][ T9006] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  101.985065][ T9006] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  102.001276][ T9004] kvm: pic: non byte write
[  102.006746][ T9004] kvm: vcpu 0: requested 512 ns lapic timer period limited to 200000 ns
[  102.038566][ T9009] IPv4: Oversized IP packet from 127.202.26.0
[  102.119764][ T9013] FAULT_INJECTION: forcing a failure.
[  102.119764][ T9013] name failslab, interval 1, probability 0, space 0, times 0
[  102.119792][ T9013] CPU: 2 UID: 0 PID: 9013 Comm: syz.2.1073 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  102.119806][ T9013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  102.119813][ T9013] Call Trace:
[  102.119817][ T9013]  <TASK>
[  102.119821][ T9013]  dump_stack_lvl+0x16c/0x1f0
[  102.119853][ T9013]  should_fail_ex+0x512/0x640
[  102.119872][ T9013]  ? fs_reclaim_acquire+0xae/0x150
[  102.119884][ T9013]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  102.119900][ T9013]  should_failslab+0xc2/0x120
[  102.119916][ T9013]  __kmalloc_noprof+0xd2/0x510
[  102.119934][ T9013]  tomoyo_realpath_from_path+0xc2/0x6e0
[  102.119951][ T9013]  ? tomoyo_profile+0x47/0x60
[  102.119969][ T9013]  tomoyo_path_number_perm+0x245/0x580
[  102.119982][ T9013]  ? tomoyo_path_number_perm+0x237/0x580
[  102.119996][ T9013]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  102.120010][ T9013]  ? find_held_lock+0x2b/0x80
[  102.120036][ T9013]  ? find_held_lock+0x2b/0x80
[  102.120048][ T9013]  ? hook_file_ioctl_common+0x145/0x410
[  102.120062][ T9013]  ? __fget_files+0x20e/0x3c0
[  102.120079][ T9013]  security_file_ioctl+0x9b/0x240
[  102.120095][ T9013]  __x64_sys_ioctl+0xb7/0x210
[  102.120132][ T9013]  do_syscall_64+0xcd/0x4c0
[  102.120150][ T9013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.120162][ T9013] RIP: 0033:0x7f067098e929
[  102.120174][ T9013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.120189][ T9013] RSP: 002b:00007f066e7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.120203][ T9013] RAX: ffffffffffffffda RBX: 00007f0670bb5fa0 RCX: 00007f067098e929
[  102.120212][ T9013] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  102.120221][ T9013] RBP: 00007f066e7f6090 R08: 0000000000000000 R09: 0000000000000000
[  102.120231][ T9013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.120240][ T9013] R13: 0000000000000000 R14: 00007f0670bb5fa0 R15: 00007ffcfe1eb028
[  102.120256][ T9013]  </TASK>
[  102.120260][ T9013] ERROR: Out of memory at tomoyo_realpath_from_path.
[  102.237371][   T40] audit: type=1400 audit(1750423620.474:840): avc:  denied  { create } for  pid=9017 comm="syz.4.1075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  102.297788][ T9031] random: crng reseeded on system resumption
[  102.387880][ T9038] ------------[ cut here ]------------
[  102.389866][ T9038] WARNING: CPU: 2 PID: 9038 at arch/x86/kvm/vmx/vmx.c:5262 handle_exception_nmi+0x14cf/0x1750
[  102.393541][ T9038] Modules linked in:
[  102.395108][ T9038] CPU: 2 UID: 0 PID: 9038 Comm: syz.0.1084 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  102.396970][ T9044] 9pnet_virtio: no channels available for device syz
[  102.400696][ T9038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  102.407209][ T9038] RIP: 0010:handle_exception_nmi+0x14cf/0x1750
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  102.409544][ T9038] Code: 31 fe ff 31 ff 89 c5 89 c6 e8 ed 36 69 00 85 ed 0f 85 bd fd ff ff e8 a0 3b 69 00 90 0f 0b 90 e9 af fd ff ff e8 92 3b 69 00 90 <0f> 0b 90 e9 d0 f2 ff ff e8 84 3b 69 00 31 f6 48 89 df e8 1a d9 ed
[  102.416506][ T9038] RSP: 0018:ffffc90004b279f0 EFLAGS: 00010287
[  102.418605][ T9038] RAX: 00000000000065a6 RBX: ffff88805530d280 RCX: ffffc900055aa000
[  102.421307][ T9038] RDX: 0000000000080000 RSI: ffffffff8152e09e RDI: 0000000000000001
[  102.424258][ T9038] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  102.427014][ T9038] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000040000100
[  102.429889][ T9038] R13: 0000000000000007 R14: 0000000080000300 R15: ffff88805530d358
[  102.432604][ T9038] FS:  00007f5404e0e6c0(0000) GS:ffff8880d6953000(0000) knlGS:0000000000000000
[  102.435837][ T9038] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  102.438124][ T9038] CR2: 0000000000000000 CR3: 000000004e110000 CR4: 0000000000352ef0
[  102.438747][ T9044] dvmrp1: entered allmulticast mode
[  102.440838][ T9038] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  102.445385][ T9038] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  102.448169][ T9038] Call Trace:
[  102.449343][ T9038]  <TASK>
[  102.450377][ T9038]  ? __pfx_handle_exception_nmi+0x10/0x10
[  102.452341][ T9038]  vmx_handle_exit+0x124c/0x1bd0
[  102.454173][ T9038]  vcpu_run+0x315e/0x5500
[  102.455701][ T9038]  ? __pfx_vcpu_run+0x10/0x10
[  102.457360][ T9038]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  102.459224][ T9038]  ? __local_bh_enable_ip+0xa4/0x120
[  102.461176][ T9038]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  102.463242][ T9038]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  102.465051][ T9038]  kvm_vcpu_ioctl+0x5eb/0x1690
[  102.466650][ T9038]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.468436][ T9038]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  102.470587][ T9038]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  102.472915][ T9038]  ? hook_file_ioctl_common+0x145/0x410
[  102.474869][ T9038]  ? selinux_file_ioctl+0x180/0x270
[  102.476799][ T9038]  ? selinux_file_ioctl+0xb4/0x270
[  102.478570][ T9038]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.480376][ T9038]  __x64_sys_ioctl+0x18b/0x210
[  102.482035][ T9038]  do_syscall_64+0xcd/0x4c0
[  102.483712][ T9038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.485766][ T9038] RIP: 0033:0x7f5403f8e929
[  102.487316][ T9038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.493982][ T9038] RSP: 002b:00007f5404e0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.496902][ T9038] RAX: ffffffffffffffda RBX: 00007f54041b5fa0 RCX: 00007f5403f8e929
[  102.499616][ T9038] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  102.502271][ T9038] RBP: 00007f5404010b39 R08: 0000000000000000 R09: 0000000000000000
[  102.505072][ T9038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.508272][ T9038] R13: 0000000000000000 R14: 00007f54041b5fa0 R15: 00007ffe08b5fac8
[  102.511792][ T9038]  </TASK>
[  102.513350][ T9038] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  102.516457][ T9038] CPU: 2 UID: 0 PID: 9038 Comm: syz.0.1084 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[  102.520575][ T9038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  102.524152][ T9038] Call Trace:
[  102.525325][ T9038]  <TASK>
[  102.526386][ T9038]  dump_stack_lvl+0x3d/0x1f0
[  102.528016][ T9038]  panic+0x71c/0x800
[  102.529419][ T9038]  ? __pfx_panic+0x10/0x10
[  102.530986][ T9038]  ? show_trace_log_lvl+0x29b/0x3e0
[  102.532795][ T9038]  ? handle_exception_nmi+0x14cf/0x1750
[  102.534713][ T9038]  check_panic_on_warn+0xab/0xb0
[  102.536436][ T9038]  __warn+0xf6/0x3c0
[  102.537805][ T9038]  ? handle_exception_nmi+0x14cf/0x1750
[  102.539714][ T9038]  report_bug+0x3c3/0x580
[  102.541231][ T9038]  ? handle_exception_nmi+0x14cf/0x1750
[  102.543140][ T9038]  handle_bug+0x184/0x210
[  102.544662][ T9038]  exc_invalid_op+0x17/0x50
[  102.546204][ T9038]  asm_exc_invalid_op+0x1a/0x20
[  102.547862][ T9038] RIP: 0010:handle_exception_nmi+0x14cf/0x1750
[  102.550041][ T9038] Code: 31 fe ff 31 ff 89 c5 89 c6 e8 ed 36 69 00 85 ed 0f 85 bd fd ff ff e8 a0 3b 69 00 90 0f 0b 90 e9 af fd ff ff e8 92 3b 69 00 90 <0f> 0b 90 e9 d0 f2 ff ff e8 84 3b 69 00 31 f6 48 89 df e8 1a d9 ed
[  102.556560][ T9038] RSP: 0018:ffffc90004b279f0 EFLAGS: 00010287
[  102.558630][ T9038] RAX: 00000000000065a6 RBX: ffff88805530d280 RCX: ffffc900055aa000
[  102.561333][ T9038] RDX: 0000000000080000 RSI: ffffffff8152e09e RDI: 0000000000000001
[  102.564059][ T9038] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  102.566784][ T9038] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000040000100
[  102.569479][ T9038] R13: 0000000000000007 R14: 0000000080000300 R15: ffff88805530d358
[  102.572124][ T9038]  ? handle_exception_nmi+0x14ce/0x1750
[  102.573958][ T9038]  ? __pfx_handle_exception_nmi+0x10/0x10
[  102.575788][ T9038]  vmx_handle_exit+0x124c/0x1bd0
[  102.577455][ T9038]  vcpu_run+0x315e/0x5500
[  102.578852][ T9038]  ? __pfx_vcpu_run+0x10/0x10
[  102.580471][ T9038]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  102.582292][ T9038]  ? __local_bh_enable_ip+0xa4/0x120
[  102.584156][ T9038]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  102.586108][ T9038]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  102.588029][ T9038]  kvm_vcpu_ioctl+0x5eb/0x1690
[  102.589709][ T9038]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.591509][ T9038]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  102.593741][ T9038]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  102.596166][ T9038]  ? hook_file_ioctl_common+0x145/0x410
[  102.598109][ T9038]  ? selinux_file_ioctl+0x180/0x270
[  102.599899][ T9038]  ? selinux_file_ioctl+0xb4/0x270
[  102.601615][ T9038]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.603380][ T9038]  __x64_sys_ioctl+0x18b/0x210
[  102.605043][ T9038]  do_syscall_64+0xcd/0x4c0
[  102.606618][ T9038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.608574][ T9038] RIP: 0033:0x7f5403f8e929
[  102.610060][ T9038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.616290][ T9038] RSP: 002b:00007f5404e0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.619068][ T9038] RAX: ffffffffffffffda RBX: 00007f54041b5fa0 RCX: 00007f5403f8e929
[  102.621761][ T9038] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  102.624456][ T9038] RBP: 00007f5404010b39 R08: 0000000000000000 R09: 0000000000000000
[  102.627339][ T9038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.630044][ T9038] R13: 0000000000000000 R14: 00007f54041b5fa0 R15: 00007ffe08b5fac8
[  102.632728][ T9038]  </TASK>
[  102.634428][ T9038] Kernel Offset: disabled
[  102.635912][ T9038] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:47:00  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc900061b7ce0 RCX=ffffffff823924e5 RDX=ffff88802c8dc880
RSI=ffffffff823924ff RDI=0000000000000005 RBP=ffffc900061b7c38 RSP=ffffc900061b7b90
R8 =0000000000000005 R9 =0000000000000200 R10=0000000000000100 R11=0000000000000000
R12=0000000000000100 R13=ffffc900061b7ce0 R14=ffffc900061b7eb8 R15=ffff88802c8dc880
RIP=ffffffff823924ff RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555a54e500 ffffffff 00c00000
GS =0000 ffff8880d6753000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffc6e8ccc00 CR3=000000005bc8a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000010000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc6e8cd580 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc640411b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc640411b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc640411b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc640411b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc640411bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc640411c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffff88801b87eb80 RCX=ffffffff816ca711 RDX=0000000000000000
RSI=0000000000000004 RDI=ffff88801b87f408 RBP=ffff88801b87f408 RSP=ffffc900039bfa40
R8 =0000000000000000 R9 =fffffbfff215030a R10=ffffffff90a81857 R11=0000000000000001
R12=ffff888032894080 R13=000000000000001b R14=0000000000000000 R15=0000000000010000
RIP=ffffffff816cb251 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 000055556bb56500 ffffffff 00c00000
GS =0000 ffff8880d6853000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b3321fffc CR3=0000000033e8b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000010000100 Opmask01=0000000000000000 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe08b5fe50 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5404011b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5404011b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5404011b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5404011b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5404011bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5404011c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000055 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855b8b95 RDI=ffffffff9b087320 RBP=ffffffff9b0872e0 RSP=ffffc90004b27360
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000055 R14=ffffffff9b0872e0 R15=ffffffff855b8b30
RIP=ffffffff855b8bbf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
FS =0000 00007f5404e0e6c0 ffffffff 00c09300 DPL=0 DS   [-WA]
GS =0000 ffff8880d6953000 ffffffff 00c09300 DPL=0 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000ffff
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000004e110000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a6c5e84cbc2013b5 d10c9be642001507
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6dd17de8fc05266a cd3202b7f50dd7b2
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 947040653bcbff76 5a85c17ae357e711
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 144226ed501c1d0b 506a486f48e774a6
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000068
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000028
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b7a6e9bd268746ff 0000000100000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b2792d400000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cf3f6999d19cf2dc 1d29c33e3a3b4823
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000c69c252f
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 494826ea69804953 2190c257e5894b2b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7bf1046872ebf0b2 8a00a4ae36a9434e
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000000c2000 RBX=0000000000000001 RCX=0000000000000000 RDX=0000000000022000
RSI=0000000000000001 RDI=0000000000000000 RBP=ffff888029afa440 RSP=ffffc900006f8ad8
R8 =0000000000080000 R9 =0000000000000001 R10=0000000000000028 R11=0000000000000001
R12=ffff888029afaf30 R13=ffff888029afaf58 R14=0000000000000000 R15=ffffffff9af9bd08
RIP=ffffffff8198594c RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007fc7f3d3f300 ffffffff 00c00000
GS =0000 ffff8880d6a53000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f198f463d58 CR3=000000002b982000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0004000000100008 0000000000000004 000c001a00100000 0014010000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000c000000080004 001c000e00000000 0000000000000000 0436000000200000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ef00000000069d b9c0000000140000 001c0000000e0014
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000030000000000 0008ffffffce0000 0000030000000000 0008ffffffbe0000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000030000000000 0008ffffffae0000 0000030000000000 00160000000c0000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000a00040008000f 0010000a00000000 03e6000000080004 0000000a00080000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0020000000380000 004c000000600000 0074000000880000 00a8000000070000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300000000000008 ffffffae00000000 0300000000000016 0000000c0000000a
ZMM25=b9fa03f0b9fa03f0 b9fa03f0b9fa03f0 b9fa03f0b9fa03f0 b9fa03f0b9fa03f0 b9fa03f0b9fa03f0 b9fa03f0b9fa03f0 b9fa03f0b9fa03f0 b9fa03f0b9fa03f0
ZMM26=04e4998c04e4998c 04e4998c04e4998c 04e4998c04e4998c 04e4998c04e4998c 04e4998c04e4998c 04e4998c04e4998c 04e4998c04e4998c 04e4998c04e4998c
ZMM27=f782a6d9f782a6d9 f782a6d9f782a6d9 f782a6d9f782a6d9 f782a6d9f782a6d9 f782a6d9f782a6d9 f782a6d9f782a6d9 f782a6d9f782a6d9 f782a6d9f782a6d9
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=7908000079080000 7908000079080000 7908000079080000 7908000079080000 7908000079080000 7908000079080000 7908000079080000 7908000079080000