last executing test programs:

1m2.025440524s ago: executing program 3 (id=175):
r0 = syz_usbip_server_init(0x3)
write$usbip_server(r0, &(0x7f0000001bc0)=@ret_submit={{0x3, 0xffffffba, 0x0, 0x1, 0x5}, 0x8, 0x0, 0xd4aa, 0x0, 0x9}, 0x30)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x130, r2, 0x10, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x74, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x14, 0x2, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffeb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_BEARER_DOMAIN={0x8}]}, @TIPC_NLA_NET={0x40, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xbd}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x800000000000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x74}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xfc8}]}, @TIPC_NLA_MEDIA={0x5c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbf98}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x82}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x16e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}]}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x4004010}, 0x4000001)

1m1.477241514s ago: executing program 3 (id=197):
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000040))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000080))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000000c0))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000100))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000140))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000180))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000001c0))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000200))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000240))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000280))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000002c0))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000300))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000340))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000380))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000003c0))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000400))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000440))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000480))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000004c0))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000500))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000540))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000580))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000005c0))
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0xa0c005024aeacb19, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000600), 0x4)
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000640))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000680))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000006c0))
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000700))

1m1.468426622s ago: executing program 3 (id=198):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e21, 0xa, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r1, 0x0, r4, 0x0, 0xaf4, 0x0)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x304}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "0000000400"}, 0x38)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x10200, 0x0)
read$FUSE(r0, &(0x7f000000c400)={0x2020}, 0x2020)

1m1.468370962s ago: executing program 3 (id=199):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_GET_SYSNAME(r0, 0x8040552c, 0x0) (fail_nth: 2)

1m1.324984046s ago: executing program 3 (id=200):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x3f6, 0x100, 0x70bd2d, 0x25dfdbfe, "", ["", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000080)=@udp}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[], 0x24}}, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

1m1.323421252s ago: executing program 3 (id=201):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) (async)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200), 0x10000000000001fc, 0x0, 0x4f}, 0x22008840)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000480)=[{0x1, 0x2, {0x0, 0xf0}, {0x2, 0x2, 0x3}, 0x0, 0x2}], 0x20)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xffff, 0x15}, {0x1, 0x5}, {0xfff2, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x90) (async)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r4, &(0x7f0000000000)="180c4552", 0x4)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09) (async, rerun: 64)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000400)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) (async, rerun: 64)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r7=>0x0})
r8 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x80)
setsockopt$inet_tcp_int(r8, 0x6, 0x6, &(0x7f00000000c0)=0xffffffff, 0x4) (async)
sendmsg$NL80211_CMD_NEW_KEY(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000e80)={0x50, r5, 0x801, 0x400, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee33908f8eef16f162471f4"}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac02}]}]}, 0x50}}, 0x0)

45.523680211s ago: executing program 32 (id=201):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) (async)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200), 0x10000000000001fc, 0x0, 0x4f}, 0x22008840)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000480)=[{0x1, 0x2, {0x0, 0xf0}, {0x2, 0x2, 0x3}, 0x0, 0x2}], 0x20)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xffff, 0x15}, {0x1, 0x5}, {0xfff2, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x90) (async)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r4, &(0x7f0000000000)="180c4552", 0x4)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09) (async, rerun: 64)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000400)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) (async, rerun: 64)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r7=>0x0})
r8 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x80)
setsockopt$inet_tcp_int(r8, 0x6, 0x6, &(0x7f00000000c0)=0xffffffff, 0x4) (async)
sendmsg$NL80211_CMD_NEW_KEY(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000e80)={0x50, r5, 0x801, 0x400, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee33908f8eef16f162471f4"}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac02}]}]}, 0x50}}, 0x0)

42.789112893s ago: executing program 4 (id=366):
getpid()
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
getpeername$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000001c0)=@ipv6_newroute={0x1c, 0x18, 0x111, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, 0x1c}}, 0x0)

42.77640958s ago: executing program 4 (id=367):
r0 = socket$caif_stream(0x25, 0x1, 0x4)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000600)='/sys/kernel/kexec_crash_size', 0x183e42, 0x3)
write$cgroup_int(r1, &(0x7f00000003c0)=0x4, 0x12)
connect(r0, &(0x7f0000000400)=@l2tp6={0xa, 0x0, 0x1, @private2, 0x5308d95c, 0x4}, 0x80)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BSS(r2, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="991aade7d3bd4e30783c0036259b2557195319fd0edf61643d6cd050e114921fe8fe7cc1d058e6080035", @ANYRES16=r3, @ANYBLOB="000225bd7000ffdbdf25190000000c009900f8ffffff2500000005001e00b400000005001c00050000000500a20007000000050060007000000005001e00090000000500a20002000000"], 0x50}, 0x1, 0x0, 0x0, 0x4000010}, 0xa56b012d88931630)
r4 = socket$kcm(0x29, 0x5, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000007440), 0xffffffffffffffff)
r7 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r7, &(0x7f0000000040), 0x10)
listen(r7, 0x0)
r8 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r8, &(0x7f0000000080), 0x10)
accept4(r7, &(0x7f0000000280)=@phonet, &(0x7f00000000c0)=0x80, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(r5, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f0000007480)={0x44, r6, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xe9}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge_slave_0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}]}]}, 0x44}}, 0x48040)
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, r6, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1}, @IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@remote}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x80}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x2401c051)
ioctl$sock_kcm_SIOCKCMUNATTACH(r4, 0x89e1, &(0x7f0000000000)={r2})
timer_create(0x1, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)={0x1c, r3, 0xf21, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000bc0)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@empty, @in6=@remote, 0x0, 0xfff7, 0x2000, 0x1, 0xa, 0x0, 0x0, 0x3b, 0x0, 0xffffffffffffffff}, {@in=@rand_addr=0x64010102, 0xfffffffd, 0x6c}, @in=@broadcast, {0x0, 0x0, 0x0, 0x0, 0x3, 0x2000000}, {0x0, 0x4, 0x40000000, 0xfffffffffffffffc}, {0x40}, 0x0, 0x0, 0xa, 0x2, 0x1, 0xe0}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x801}, 0x4810)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r2)

42.616211759s ago: executing program 4 (id=371):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x3f6, 0x100, 0x70bd2d, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[], 0x24}}, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

42.615911713s ago: executing program 4 (id=373):
r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0)
ioctl$BLKPG(r0, 0x1269, &(0x7f0000000040)={0x1, 0x0, 0x98, &(0x7f00000000c0)={0x800, 0xfff, 0x400c}})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000)=0xa0, 0x4)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40086602, &(0x7f0000000000))
symlinkat(&(0x7f0000000200)='./file0/file0\x00', r1, &(0x7f0000000240)='./file0\x00')
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000)=0x74000000)
write$dsp(r2, &(0x7f0000002000)='`', 0x88020)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DEL(r3, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, 0xa, 0x6, 0x307, 0x0, 0x0, {0x2, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20048050}, 0x4800)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newsa={0x154, 0x10, 0x1, 0x0, 0x0, {{@in6=@private1, @in=@remote}, {@in, 0x0, 0x32}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, {}, {0x0, 0x0, 0x8000000}, {0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xcd}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x4e, 0x0, 0x0, 0x0, 0x70bd28}}]}, 0x154}}, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
r6 = syz_open_dev$vcsu(&(0x7f0000000080), 0xeefe, 0xe00)
sendto$inet(r6, &(0x7f0000000040)="ace107cbf3ffc19ed4b72f37f424fedd8babfd5762", 0xff89, 0xc000, &(0x7f0000000100)={0x2, 0x5e20, @local}, 0x3f)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="e8000000190001002dbd7000fbdbdf2502202000ff02ff020018000008000100ac1414aac100098026"], 0xe8}, 0x1, 0x0, 0x0, 0x44050}, 0x1000)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x4000, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
recvmmsg(r5, &(0x7f0000001240)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x10001, 0x0)

39.615382889s ago: executing program 4 (id=379):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x65, &(0x7f0000000080)=0xa43, 0x4)
ioctl$FITHAW(r0, 0xc0045878)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a84000000060a0b0400000000000000000200000a58000480540001800a0001006c696d69740000004400028008000340000000000c00024000000000000007ac0c00024000000000000001330c0001400000000000000007080003400000000f0c00024000000000000000090900010073797a30000000000900020073797a32"], 0xac}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004500002b000000000900000000000000e00000011100907800000000"], 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='omfs\x00', 0x200000, 0x0)

39.366039336s ago: executing program 4 (id=392):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800490400000000000014000a100000000000000100000008001e0001"], 0x24}}, 0x0) (fail_nth: 2)

39.283064976s ago: executing program 33 (id=392):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800490400000000000014000a100000000000000100000008001e0001"], 0x24}}, 0x0) (fail_nth: 2)

946.443623ms ago: executing program 1 (id=1052):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0f6886dd0000120000000000000060ec97000f982c00fb8000000000000000000000000000aaff02000000000000000000000000000189"], 0xfce)

846.375248ms ago: executing program 5 (id=1054):
setresgid(0x0, 0x0, 0xee00)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b30, &(0x7f00000000c0)={'wlan0\x00'})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10000000003c)
r3 = socket$kcm(0x29, 0x7, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r4, 0x65, 0x8, &(0x7f0000004400), &(0x7f0000002140)=0x4)
preadv(r3, &(0x7f0000002780)=[{&(0x7f0000002300)=""/132, 0x84}, {&(0x7f00000023c0)=""/108, 0x6c}, {&(0x7f0000000000)=""/8, 0x8}, {&(0x7f0000002100)=""/20, 0x14}, {&(0x7f0000002440)=""/56, 0x38}, {&(0x7f0000002480)=""/234, 0xea}, {&(0x7f0000002580)=""/217, 0xd9}, {&(0x7f0000002680)}, {&(0x7f00000026c0)=""/186, 0xba}], 0x9, 0xfffffffd, 0x4)
unshare(0x20020000)
syz_io_uring_setup(0x6d9d, &(0x7f0000000200)={0x0, 0x942e, 0x2}, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
sendmsg$kcm(r3, &(0x7f0000000340)={&(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, r5, 0x2, 0x1, 0x4, 0x0, {0xa, 0x5909, 0x8, @mcast1, 0x5}}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000200)="6610d771efaf5b6a56cb6fc59b449385521ced66ed8795892bcaeb68b83016a893f79216eb9c863a6c0eb9b3927a20b0b6f5e74634cbf82971ffa95ac83888bbac9e84b2e0a9828739e272a6183d23ff735620bc36625735f5270b30030e64feeefaefc9ca0f4286b1739d5c20f517bdd23b772c2028761c4f", 0x79}, {&(0x7f0000000280)="3936f95ee0dcb69b54360654bd82c9f80c9cc10460be3e28187d37c396ba00ee6d15452401ab08a5c82bd459cfb389a3d8d5a0c53bc8f180727f82a055b15b88ef59b1d5cf098f786e335a", 0x4b}], 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="58000000000000000701000003000000ed761607e6dcc755fa9f066980013503f2041fc21b3bc6c06d0d6eb54d1f9a6a0062e99f7ce467c166535b893d4b3f9dace11f432a14a6b45b9ca4518aaec7cef01fbb6fa97e570058000000000000000d01000001000000e022b525b38c12768e6cf7afe3fd754fd28db18339f7a50be4d65ac8380078657de08a365bf9fa68b8e902856efe72b49ec79720d4fbc0837ab1132b7f2da6cf1c6568cf3100000068000000000000000d0100000800000065dc2765386c26cb0ff9daf82b4ce599e0206ca6533d6605d2bf610188ab4e3fa0727daf7e02da3db32e4eb9bca5b6a0b4766329317bfd52989d62452ff91079e02763af9c39b8c8b5c328d7a75c727180d549f4c5e90000680000000000000013010000558400003a69269c39376c4c305da49610847419b9168d988e532cee5ff1b85ba671265472a44cfe4000fcffffffffffff31b49aee991db25fe1ec19bfce2fa953deba1bb56c14e8abc1805718d93833324f125ce0ed716661c6e31e"], 0x180}, 0x40000)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000002180)={'#! ', './file0', [{0x20, '\xb0\xba\x1b\x8b\x8e\xb1+m,\xeaXB=\x841\tht{\x89\xae\x14R\xcc\xe2\xca\xa85\xceu\'\xb7\xb0\x88\xe6\x81J\x05\xa6\xd2\x98\xc5\xabH\xf8\xb8i\xb3\x06\x9dE\xd6\xfbo\b\xfa\xf2\xee\x16IU\xc2\'`\xf3\xc1\xb5\x89\xaeA\x15a\x88\xb4\xf7r\xc1\x0e;2vqy\x85\xd0\f\x9d\x98\x10\x19\xa7\'\xaa\xe2w\xa8\xeb*h/\xc0\xc3\xfd\xe7\xfd\xb8\xb3k&\xc7\xe6*\xaf\'\x97\xf4M\xa4\x16=\xc9;\x82\xa8\xbb\x8fR\x80\xa6\xff\x03P$\x032&at\xad\x9f\x95Ovp\xcb\xbbQ\xfeEz\xfdj\xff\xfb\xbb\xfb'}, {0x20, '#! '}, {0x20, 'blkio.bfq.sectors_recursive\x00'}], 0xa, "13f120b949dea6fd982f3e5b7a0e9f0d5e2e170000002000000000000000009b518ef41fd3b904fbadd30b10b6bc234f479edcaec8e7fe66f9eef5287d41f1b965eb56a298e8b8e16f17d20d5b095469cae71c1ccca53b1235c158a9ab5101bbeb0afb8e2c0cc2d2d0b37fdf583a3d0ac12e861db0d6d6260b7375dd85bcfdda2ad00dde7fb29cba06add5b4a6e5f74c422bfb501acb44bfcc10a474b423f8c1144a4b809c"}, 0x16e)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r8 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r8, &(0x7f00000000c0)={0x2020}, 0x2020)
write$FUSE_DIRENT(r8, &(0x7f0000002140)=ANY=[@ANYBLOB="100000000000000005ee80886d46369f"], 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

846.245773ms ago: executing program 5 (id=1055):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000000c0), 0x6d00}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb3f2152ebdbc21520ca01f64bb821576deef4ed6696cdddc1768b5b4fbd68a687cb6ba52ecf5cc6f8f05062f26de19d6aaaeb6cbca00e46685f77d2b3e8dd9d0d099e799cd5a76c67ab283f790366f7f744508edc", 0xc2}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0)

846.1561ms ago: executing program 1 (id=1056):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r0 = open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x89001)
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000040)={&(0x7f000093e000/0x2000)=nil, 0x1, 0x3, 0x98})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)

846.090399ms ago: executing program 5 (id=1057):
r0 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x430, @local, 0x9}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r3 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000005700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f00000059c0)={0x0, 0x0, &(0x7f0000005980)={&(0x7f0000005740)={0x28, r2, 0x105, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20008804)
sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0)

818.32542ms ago: executing program 5 (id=1058):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x300, &(0x7f0000000280)={&(0x7f00000000c0)={0x1c, r1, 0x331, 0x0, 0x200000, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

756.676907ms ago: executing program 5 (id=1059):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x3f6, 0x100, 0x70bd2d, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000080)=@udp}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[], 0x24}}, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46", 0xb5}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

756.491328ms ago: executing program 5 (id=1060):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e07090908"], 0xa)
sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="2400000001060103000000000000000007050000009f7cf544e439296cfe7fd690be13ef030c0407f756a9900436a20a"], 0x24}, 0x1, 0x0, 0x0, 0x4003}, 0x40880)
r1 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042)
write$binfmt_aout(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad00000a"], 0x125)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="170000006a000105fefd"], 0x20}, 0x1, 0x0, 0x0, 0x20000090}, 0x20008000)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000040)={0x3}, 0x4)
timer_create(0xefe5b9899fda1222, 0x0, &(0x7f0000001d40))
r3 = socket$phonet(0x23, 0x2, 0x1)
syz_open_dev$vim2m(&(0x7f0000001580), 0x57, 0x2)
pipe(&(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write(r5, &(0x7f0000000140)="6d527cd53870164a3a0d4b64fb0d7bebad2dce076e7768215970e33adf15173c9e665cff10727f6273ef2aace367c13b8e834788d7da2d60077ebc24a796b221a2f39fd294dc01861206b499138d02ebf3cfc3b11f0e18858568476bac483df9c4d0a61da2d2f9b7c4cb601c0141f209fc9e06d9457920a9a749a23ccd52eb91db50189627774719cf91bd6e63a2b8a3b657c0e438ffc3e275b03ef0f384a0c1f20143b7b87f2e34729b000000805e0ad338423d4200f349c545516c46bb9f104a3816b12950faa20fab5827bc62a8d4cc12c4c8954308a933d63aa66cdb3646a37626de7361b5338c197dd3e6844dafcb4338dce0b79ee41da150eca12fbd36b4873ce8e4747b63e8830ee6c32f254d37792053e2b77cc86279ea843600"/297, 0x3accf8d5)
vmsplice(r5, &(0x7f0000000440)=[{&(0x7f00000000c0)='7', 0x1}], 0x1, 0x100000000000000)
close(r4)
r6 = bpf$ITER_CREATE(0x21, &(0x7f0000000180), 0x8)
ioctl$VT_RELDISP(r6, 0x5605)
recvfrom$phonet(r3, &(0x7f0000000080)=""/92, 0x5c, 0x40002000, &(0x7f0000000100)={0x23, 0x9, 0x9, 0x8}, 0x10)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000140)={0x0, 'team0\x00', {0x4}, 0x2})
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r7, 0x400448e1, &(0x7f0000000000)={0x0, 0x0, "957008"})

583.794586ms ago: executing program 2 (id=1068):
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0xb}}, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r2=>0x0})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f0000002140)={0x2020, 0x0, <r4=>0x0}, 0x2020)
syz_fuse_handle_req(r3, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, {0x40, 0x3, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x120, 0x6000, 0x0, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r3, &(0x7f0000000440)={0x50, 0x0, r4, {0x7, 0x29, 0x0, 0x14c0348, 0x0, 0x2, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1)
ioctl$TIOCGPTPEER(r5, 0x40140921, 0x8)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r2, 0x1, {0x2, 0x0, 0x2}, 0xfe}, 0x18)
syz_emit_vhci(&(0x7f0000001480)=ANY=[@ANYBLOB="040e04076d0c"], 0x2)

581.300296ms ago: executing program 1 (id=1070):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=@can_delroute={0x30, 0x19, 0x11, 0x70bd27, 0x0, {}, [@CGW_DST_IF={0x8}, @CGW_SRC_IF={0x8}, @CGW_FILTER={0xc, 0xb, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x0, 0x1}}}]}, 0x30}}, 0x0)
ioctl$KVM_GET_PIT2(r4, 0x8070ae9f, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x33822}, [@IFLA_MASTER={0x8, 0xa, r1}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_FAIL_OVER_MAC={0x5, 0xd, 0x2}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)

435.975407ms ago: executing program 1 (id=1074):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80600, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f00000001c0)={0xbc, 0x0, 0x1})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000000140)=""/152, &(0x7f0000000100)=0x98)

435.804536ms ago: executing program 0 (id=1075):
ioctl$TUNSETOWNER(0xffffffffffffffff, 0x400454cc, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0xfffffffffffffdec)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'lo\x00', @random="0000230c1100"})

435.49308ms ago: executing program 2 (id=1076):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010600000000004000ea080000001c000480130001"], 0x30}, 0x1, 0x0, 0x0, 0x4004090}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x4e24, 0x3000001, @mcast2, 0x9}, 0x1c)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc4c85512, &(0x7f0000000540)={{0x3, 0x3, 0x0, 0x462b, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x800000000000000, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6, 0x0, 0x0, 0x2, 0x0, 0x0, 0xa8, 0xfffffffffffffff7, 0x0, 0x91f5, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x10001, 0xfffffffffffffffc, 0x10006, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x0, 0x3, 0x9, 0x0, 0x0, 0xa9d5, 0x0, 0x0, 0x5, 0x20000000000000, 0x0, 0xf, 0x0, 0xfffffffffffffffd, 0xfeb7, 0x0, 0x0, 0x4000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x2, 0x1000, 0xe0a5, 0x0, 0x7, 0x7, 0x1002, 0x400000, 0x800000, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x80000000, 0x73fb, 0x0, 0x0, 0x0, 0x2, 0xb7a8, 0xff, 0x0, 0xfffffffffffffffc]})
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000004cc0), r4)
sendmsg$NLBL_UNLABEL_C_STATICADD(r4, &(0x7f0000004e40)={0x0, 0x0, &(0x7f0000004e00)={&(0x7f0000004d00)={0x68, r6, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_SECCTX={0x29, 0x7, 'system_u:object_r:memory_device_t:s0\x00'}]}, 0x68}, 0x1, 0x0, 0x0, 0x8004}, 0x40000)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r3, &(0x7f00000000c0)="842a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_buf(r7, 0x29, 0x1d, 0x0, &(0x7f00000001c0))
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000040)={0xffb}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a030000000000000000000a0000000900010073797a3000000000e8000000090a010400000000000000000700000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000d5f001280140001800c000100636f756e7465720004000280180001800e000100636f6e6e6c696d697400000004000280480001800e000100627974656f726465720000003400028008000340000000000800024000000001080004400000009a080001400000000c0800014000000014080004"], 0x130}}, 0x20050800)
write(r8, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=<r10=>0x0)
sendmmsg$nfc_llcp(r8, &(0x7f0000000580)=[{&(0x7f00000000c0)={0x27, r10, 0xffffffffffffffff, 0x2, 0x4, 0x5, "148e91ea63d66870e9e0421e2fc5873ba26b524071f53c33edce31b9a41c10ddec5e424f95ad11de1e67eea8dcfd64c7df8d73a88ea374f079c257c5ada42d", 0x13}, 0x60, &(0x7f00000004c0)=[{&(0x7f0000000200)="96a7a420ce83a410d4248a8350b7fa27b2419d6da14926522738c9c8abe9c1893547ef8784e2f209f82e1cd2435217c9bea1fc1a8786d7dc2cd465891ade1ab3eeb7d587bde9330c550ed60816afec6ef88dc6e065220b81d4557693b3c496524820b671ce702907162b034e2b6d16cfc364d1f7b129db6432b6b243d2f07d459c1baf219fcd1d92818dca351ce1962cd547aae6677ef12a3923", 0x9a}, {&(0x7f00000002c0)="3b90ec8161d656f181410156eda320de5f6e51b60d52de959a9c4ff81e89f25b7f9ecc40e9af2d8ec68ca5da4f4dd36d561846ad9c21ad50196f6fa7fdf758cde970c5f48260a37731280ac7a44d675a63bb3aa520ca373219be6fea40894c6ff725783cc72d685d8ccc3901ed743b0bd744d61ca847e6c23f41518d748c269ab7f54a83cb4044177da7ea5f97306b2d69783ce8a67376e9ec18f43e", 0x9c}, {&(0x7f0000000140)="b18c7b1c", 0x4}, {&(0x7f0000000380)="f67b67a8fe2029e9f3cf488dd2f899c85a9a0f7b8c4e05d83a055df883fa32f27541ec605193fc5f1551d5c4eda699973ad57a682d5281abbb44fc4f1f20f62bdd4d3cc89201a9183817a7c4b7229b19ea7677017360406d490f3a68b6e88ae8d3b6e1cacb54373aeec4", 0x6a}, {&(0x7f0000000180)="6e8522e96cec652cdfd559dda9f3045a468e216decd2e6fb9d5229fe3b1d5e97961cfd37100655bb0c05da36d60eb2540d15e6b5ccddb70812092267f4", 0x3d}, {&(0x7f0000000400)="e7fe7425cf355fc160defe08a30d7830190c5d510cb0271ce3336e924b099f4643c3c141f6ef763010695d5d1b4ef5749ca4e3ea52157fb346c9a87af5cc70996694a82da359cc3c9871754fd31c1154394c6e52045c94a797b3173fc6095129c071e7a664185963454314", 0x6b}, {&(0x7f0000000480)="e223799db996dd3e1f4fb0d98929f10085aac498a093", 0x16}], 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="300000000000000016010000faff0ec11c11b2632419f46767854bc0323317325bb3d297c7"], 0x30, 0xc880}], 0x1, 0x24000000)
ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000040)={0x32, 0x1, 0x2, "1c13ebdaf2f20d55806b26b1d750185fd75a206da058e85b2197edb1439b1cc2", 0x32314d48})

386.523051ms ago: executing program 0 (id=1077):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
socket$unix(0x1, 0x2, 0x0)
sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f00000059c0)={0x0, 0x0, &(0x7f0000005980)={&(0x7f0000005740)={0x28, r1, 0x105, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20008804)

386.299749ms ago: executing program 2 (id=1078):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x4, 0xe0ffff, 0x16, 0x1, 0x100, &(0x7f0000000040)="387ed7626d850509a2d6c1aa38f15cd0c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88731b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d638909f6234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a9013923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x14, 0x14, 0x1, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
close(0xffffffffffffffff)

385.750727ms ago: executing program 0 (id=1079):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x3f6, 0x100, 0x70bd2d, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000080)=@udp}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[], 0x24}}, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46", 0xb5}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

385.569858ms ago: executing program 1 (id=1080):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
rt_sigaction(0x1a, &(0x7f00000001c0)={&(0x7f0000000080)="c461f91714e242d9ebaf660f6238440ffdd2c4a200f31745e600da1ec401a812d9c4017d1073b0", 0x80000002, &(0x7f0000000140)="26f2dbe9660fc43946440f682c8fc4a27959e1c4a1f9f7c18fa878c0117c8f497812cb660f1bd7f3450f2b2798", {[0x617]}}, &(0x7f00000002c0)={&(0x7f0000000200)="640fae5f16c461b96871818f08109eac1c655666662ac402418e26c443095da9f9d5b808094405e11c682f3a9e440000000f372e66430ff46ec30f381dfe", 0x0, &(0x7f0000000240)="c461a5fb1e66450ffc3ac482290150f7c482c9963fc4c151dd740734420fbc1c6ec4e371026078022643acc4612f5e94640010000067640f28ab26000000"}, 0x8, &(0x7f0000000300))
r1 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r1, 0x0, 0x400000000000000, 0x7)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = syz_open_dev$I2C(&(0x7f0000001000), 0x33, 0x12200)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f00000010c0)={0x1, 0xf7, 0x2, &(0x7f0000001040)={0x0, "fa6f394d6eec98aaf370535ac95977c05edbebb84734f1da4145d7dbc01de97db4"}})
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$inet(r4, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x1, 0xf00)
r5 = syz_io_uring_setup(0x237, &(0x7f0000000240)={0x0, 0xebcb, 0x1, 0x2, 0x3b6}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000380)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x80, 0x3, 0x0, 0x9276, 0x0, 0x0, {0x1}})
io_uring_enter(r5, 0x3b3d, 0x75d1, 0x40, 0x0, 0x0)
io_uring_enter(r5, 0x47bc, 0x3bf6, 0x7, 0x0, 0x0)
r8 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8b04, &(0x7f0000000000)={'wlan1\x00'})

335.238255ms ago: executing program 0 (id=1081):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00')
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@ipv4_newroute={0x1c, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2200}}, 0x1c}, 0x1, 0x0, 0x0, 0x10001}, 0x4000000)
read$FUSE(r0, &(0x7f000000ae80)={0x2020}, 0x2020)

335.017598ms ago: executing program 2 (id=1082):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=@can_delroute={0x30, 0x19, 0x11, 0x70bd27, 0x0, {}, [@CGW_DST_IF={0x8}, @CGW_SRC_IF={0x8}, @CGW_FILTER={0xc, 0xb, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x0, 0x1}}}]}, 0x30}}, 0x0)
ioctl$KVM_GET_PIT2(r4, 0x8070ae9f, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x33822}, [@IFLA_MASTER={0x8, 0xa, r1}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_FAIL_OVER_MAC={0x5, 0xd, 0x2}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)

334.889418ms ago: executing program 0 (id=1083):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40000000c6302, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = timerfd_create(0x0, 0x0)
ioctl$TFD_IOC_SET_TICKS(r3, 0x40085400, &(0x7f0000000080))
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20)
r5 = dup(r4)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000140)="650f07400f01c9660f3881bf001800002e66440f388230c744240001000000c7442402be000000c7442406000000000f011c24b9ba0a00000f320f20c035200000000f22c0e406c462418ca000000080670fc769b8", 0x55}], 0x1, 0x42, 0x0, 0x0)
r7 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SOUND_PCM_READ_BITS(r7, 0x80045005, &(0x7f00000000c0))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000340)={'batadv_slave_1\x00', <r8=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x3, 0x10, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@jmp={0x5, 0x0, 0x9, 0x4, 0x1, 0x18, 0xffffffffffffffff}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000240)='syzkaller\x00', 0x6, 0x89, &(0x7f0000000280)=""/137, 0x41000, 0x10, '\x00', r8, @fallback=0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x4, 0xa, 0x51, 0x8}, 0x10, 0x0, r5, 0x5, 0x0, &(0x7f0000000400)=[{0x3, 0x4, 0x7, 0x9}, {0x1, 0x1, 0x0, 0x6}, {0x3, 0x1, 0x1, 0x8}, {0x2, 0x4, 0x3, 0x6}, {0x0, 0x1, 0x5, 0x4}], 0x10, 0xfffffffd}, 0x94)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0xb)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000700)="b9800000c00f3235010000000f30eaeb000000d800360f0666ba6100ed66ba420066edc4c23d9ecf672e670f0666baf80cb8f0227089ef66bafc0cb854000000ef650f00d8660ff42e", 0x49}], 0x1, 0x11, 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r7, 0xc0045006, &(0x7f0000000540)=0x4)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendfile(r1, r1, 0x0, 0xffffffff)

286.045032ms ago: executing program 0 (id=1084):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$key(0xf, 0x3, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000004180)='/proc/mdstat\x00', 0x0, 0x0)
pread64(r3, &(0x7f0000000000)=""/252, 0xfc, 0x4a)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x18f1e1dd08897bd4, '\x00', 0x0, @fallback=0x38, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @value=r3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0x100}, 0x18)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002f40)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c00028005000100000000000800074000000001180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x3a00, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000894)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000000), 0xbfa, 0x0)
ioctl$USBDEVFS_RESETEP(r5, 0x80045503, &(0x7f0000000040)={0xf, 0x1})
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000000c0)}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb3f2152ebdbc21520ca01f64bb821576deef4ed6696cdddc1768b5b4fbd68a687cb6ba52ecf5cc6f8f05062f26de19d6aaaeb6cbca00e46685f77d2b3e8dd9d0d099e799cd5a76c67ab283f790366f7f744508edc", 0xc2}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0)

384.37µs ago: executing program 1 (id=1085):
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0xb}}, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r2=>0x0})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f0000002140)={0x2020, 0x0, <r4=>0x0}, 0x2020)
syz_fuse_handle_req(r3, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, {0x40, 0x3, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x120, 0x6000, 0x0, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r3, &(0x7f0000000440)={0x50, 0x0, r4, {0x7, 0x29, 0x0, 0x14c0348, 0x0, 0x2, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1)
ioctl$TIOCGPTPEER(r5, 0x40140921, 0x8)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r2, 0x1, {0x2, 0x0, 0x2}, 0xfe}, 0x18)
syz_emit_vhci(&(0x7f0000001480)=ANY=[@ANYBLOB="040e04076d0c"], 0x2)

150.357µs ago: executing program 2 (id=1086):
r0 = syz_io_uring_setup(0x749e, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x2e7}, &(0x7f0000000100), &(0x7f0000000140))
syz_io_uring_setup(0x1005c20, &(0x7f0000000240)={0x0, 0xe454, 0x13290, 0x2}, &(0x7f0000000100), &(0x7f00000003c0))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000009c0), r1)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000012c0), 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r3, 0x58, &(0x7f0000000240)={0x0, <r4=>0x0}}, 0x10)
prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001200)={r4}, 0xc)
sendmsg$TIPC_CMD_SET_NETID(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)={0x24, r2, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {}, {0x8, 0x2, 0x1ff}}}, 0x24}, 0x1, 0x0, 0x0, 0x840}, 0x4400)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), r1)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x88, r5, 0x20, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6tnl0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x8000}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}]}, 0x88}, 0x1, 0x0, 0x0, 0x400ccd5}, 0x8000000)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x749e, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x2e7}, &(0x7f0000000100), &(0x7f0000000140)) (async)
syz_io_uring_setup(0x1005c20, &(0x7f0000000240)={0x0, 0xe454, 0x13290, 0x2}, &(0x7f0000000100), &(0x7f00000003c0)) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$tipc(&(0x7f00000009c0), r1) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000012c0), 0x48) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r3, 0x58, &(0x7f0000000240)}, 0x10) (async)
prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001200)={r4}, 0xc) (async)
sendmsg$TIPC_CMD_SET_NETID(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)={0x24, r2, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {}, {0x8, 0x2, 0x1ff}}}, 0x24}, 0x1, 0x0, 0x0, 0x840}, 0x4400) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), r1) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x88, r5, 0x20, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6tnl0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x8000}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}]}, 0x88}, 0x1, 0x0, 0x0, 0x400ccd5}, 0x8000000) (async)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) (async)

0s ago: executing program 2 (id=1087):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file4\x00', 0x1, 0x20)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file4\x00', &(0x7f00000000c0)={0x8a001, 0x0, 0x20}, 0x18)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file4\x00', &(0x7f00000002c0)={0x40000, 0x0, 0x22}, 0x18)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x19, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="100000001600010309000000"], 0x14}}, 0x4000000)
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
r2 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r2, 0x8)
socket$packet(0x11, 0x3, 0x300)
r3 = syz_io_uring_setup(0x47bc, &(0x7f0000000180)={0x0, 0x65cd, 0x2, 0x3, 0x5a}, &(0x7f0000000040), &(0x7f0000000240))
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r4 = accept4(r2, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x9, 0x0, 0x8001, 0x3ff, 0xfffffff1}, &(0x7f00000000c0)=0x14)

kernel console output (not intermixed with test programs):

 T7448] block nbd5: NBD_DISCONNECT
[   83.062010][    C3] usblp0: nonzero write bulk status received: -71
[   83.062104][ T6297] usb 10-1: USB disconnect, device number 3
[   83.075657][ T6297] usblp0: removed
[   83.218433][ T7459] vcan0: tx drop: invalid sa for name 0x0000000000000001
[   83.350309][   T40] kauditd_printk_skb: 24 callbacks suppressed
[   83.350320][   T40] audit: type=1400 audit(1754585700.147:376): avc:  denied  { kexec_image_load } for  pid=7474 comm="syz.2.501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[   83.418063][   T40] audit: type=1400 audit(1754585700.217:377): avc:  denied  { sqpoll } for  pid=7478 comm="syz.1.503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   83.421743][ T7479] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.427739][ T7479] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.654199][  T841] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   83.805241][  T841] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   83.808090][  T841] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   83.811748][  T841] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[   83.815223][  T841] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[   83.818763][  T841] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[   83.823543][  T841] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   83.826665][  T841] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   83.829270][  T841] usb 6-1: Product: syz
[   83.830682][  T841] usb 6-1: Manufacturer: syz
[   83.835422][  T841] cdc_wdm 6-1:1.0: skipping garbage
[   83.837200][  T841] cdc_wdm 6-1:1.0: skipping garbage
[   83.839901][  T841] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[   83.842028][  T841] cdc_wdm 6-1:1.0: Unknown control protocol
[   83.885329][   T34] ip6_tunnel: ip6gretap0: Local routing loop detected!
[   83.983889][   T61] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[   84.035040][   T40] audit: type=1400 audit(1754585700.837:378): avc:  denied  { read write } for  pid=7478 comm="syz.1.503" name="cdc-wdm0" dev="devtmpfs" ino=2931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[   84.040149][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.042234][   T40] audit: type=1400 audit(1754585700.837:379): avc:  denied  { open } for  pid=7478 comm="syz.1.503" path="/dev/cdc-wdm0" dev="devtmpfs" ino=2931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[   84.044402][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.054064][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.056249][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.058829][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.060938][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.062944][ T6048] usb 6-1: USB disconnect, device number 8
[   84.114047][   T34] ip6_tunnel: ip6gretap0: Local routing loop detected!
[   84.164212][   T61] usb 10-1: Using ep0 maxpacket: 8
[   84.175545][   T61] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[   84.178174][   T61] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   84.181288][   T61] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   84.184706][   T61] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[   84.187784][   T61] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   84.191850][   T61] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   84.194810][   T61] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.203980][ T6041] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[   84.204626][   T61] usbtmc 10-1:16.0: bulk endpoints not found
[   84.365491][ T6041] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   84.371512][ T6041] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   84.374395][ T6041] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   84.376890][ T6041] usb 7-1: Product: syz
[   84.378196][ T6041] usb 7-1: Manufacturer: syz
[   84.379640][ T6041] usb 7-1: SerialNumber: syz
[   84.421096][   T61] usb 10-1: USB disconnect, device number 4
[   84.588500][ T6041] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   84.664059][ T5978] Bluetooth: hci4: command tx timeout
[   84.708959][ T7526] vcan0: tx drop: invalid sa for name 0x0000000000000001
[   84.842529][ T7531] block nbd2: NBD_DISCONNECT
[   84.854163][    C2] usblp0: nonzero write bulk status received: -71
[   84.856742][ T6041] usb 7-1: USB disconnect, device number 9
[   84.870271][ T6041] usblp0: removed
[   84.914156][   T61] ip6_tunnel: ip6gretap0 xmit: Routing loop! Remote address found on this node!
[   84.923026][ T7535] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[   85.104006][ T6048] ip6_tunnel: ip6gretap0 xmit: Routing loop! Remote address found on this node!
[   85.163891][   T61] usb 6-1: new low-speed USB device number 9 using dummy_hcd
[   85.287138][   T40] audit: type=1400 audit(1754585702.087:380): avc:  denied  { mount } for  pid=7543 comm="syz.5.525" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   85.305032][   T40] audit: type=1400 audit(1754585702.107:381): avc:  denied  { read } for  pid=7543 comm="syz.5.525" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   85.311831][   T40] audit: type=1400 audit(1754585702.107:382): avc:  denied  { open } for  pid=7543 comm="syz.5.525" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   85.315185][   T61] usb 6-1: Invalid ep0 maxpacket: 64
[   85.319477][   T40] audit: type=1400 audit(1754585702.117:383): avc:  denied  { write } for  pid=7547 comm="syz.0.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   85.325414][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.403245][ T7549] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   85.416324][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.421465][ T5978] Bluetooth: hci3: ISO packet for unknown connection handle 3584
[   85.454169][   T61] usb 6-1: new low-speed USB device number 10 using dummy_hcd
[   85.593805][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   85.625972][   T40] audit: type=1400 audit(1754585702.427:384): avc:  denied  { ioctl } for  pid=7565 comm="syz.0.534" path="socket:[15224]" dev="sockfs" ino=15224 ioctlcmd=0x6608 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   85.634051][   T61] usb 6-1: Invalid ep0 maxpacket: 64
[   85.636694][   T61] usb usb6-port1: attempt power cycle
[   85.994026][   T61] usb 6-1: new low-speed USB device number 11 using dummy_hcd
[   86.025656][   T61] usb 6-1: Invalid ep0 maxpacket: 64
[   86.174139][   T61] usb 6-1: new low-speed USB device number 12 using dummy_hcd
[   86.195384][   T61] usb 6-1: Invalid ep0 maxpacket: 64
[   86.197199][   T61] usb usb6-port1: unable to enumerate USB device
[   86.434160][ T7592] FAULT_INJECTION: forcing a failure.
[   86.434160][ T7592] name failslab, interval 1, probability 0, space 0, times 0
[   86.438398][ T7592] CPU: 3 UID: 0 PID: 7592 Comm: syz.5.544 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   86.438413][ T7592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.438419][ T7592] Call Trace:
[   86.438424][ T7592]  <TASK>
[   86.438428][ T7592]  dump_stack_lvl+0x16c/0x1f0
[   86.438450][ T7592]  should_fail_ex+0x512/0x640
[   86.438462][ T7592]  should_failslab+0xc2/0x120
[   86.438476][ T7592]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   86.438488][ T7592]  ? skb_clone+0x190/0x3f0
[   86.438507][ T7592]  skb_clone+0x190/0x3f0
[   86.438523][ T7592]  netlink_deliver_tap+0xabd/0xd30
[   86.438543][ T7592]  netlink_unicast+0x64c/0x870
[   86.438555][ T7592]  ? __pfx_netlink_unicast+0x10/0x10
[   86.438565][ T7592]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   86.438586][ T7592]  netlink_sendmsg+0x8d1/0xdd0
[   86.438598][ T7592]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.438614][ T7592]  ____sys_sendmsg+0xa98/0xc70
[   86.438627][ T7592]  ? copy_msghdr_from_user+0x10a/0x160
[   86.438643][ T7592]  ? __pfx_____sys_sendmsg+0x10/0x10
[   86.438661][ T7592]  ___sys_sendmsg+0x134/0x1d0
[   86.438678][ T7592]  ? __pfx____sys_sendmsg+0x10/0x10
[   86.438705][ T7592]  ? __mutex_unlock_slowpath+0x100/0x800
[   86.438728][ T7592]  __sys_sendmsg+0x16d/0x220
[   86.438744][ T7592]  ? __pfx___sys_sendmsg+0x10/0x10
[   86.438769][ T7592]  do_syscall_64+0xcd/0x4c0
[   86.438780][ T7592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.438791][ T7592] RIP: 0033:0x7f11d578ebe9
[   86.438800][ T7592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.438810][ T7592] RSP: 002b:00007f11d39f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.438821][ T7592] RAX: ffffffffffffffda RBX: 00007f11d59b5fa0 RCX: 00007f11d578ebe9
[   86.438827][ T7592] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[   86.438833][ T7592] RBP: 00007f11d39f6090 R08: 0000000000000000 R09: 0000000000000000
[   86.438839][ T7592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.438845][ T7592] R13: 00007f11d59b6038 R14: 00007f11d59b5fa0 R15: 00007ffce639ad28
[   86.438858][ T7592]  </TASK>
[   86.510460][    C3] vkms_vblank_simulate: vblank timer overrun
[   86.554876][ T7601] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   86.744004][ T5978] Bluetooth: hci4: command tx timeout
[   86.790188][   T40] audit: type=1400 audit(1754585703.587:385): avc:  denied  { mount } for  pid=7624 comm="syz.5.557" name="/" dev="autofs" ino=15356 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[   86.905839][ T7639] smc: net device bond0 applied user defined pnetid SYZ0
[   86.923916][   T59] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[   87.076413][   T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   87.079803][   T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[   87.083117][   T59] usb 7-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00
[   87.087413][   T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.091129][   T59] usb 7-1: config 0 descriptor??
[   87.094972][ T7622] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[   87.304645][ T7622] evm: overlay not supported
[   87.312434][   T59] usbhid 7-1:0.0: can't add hid device: -71
[   87.314862][   T59] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[   87.318543][   T59] usb 7-1: USB disconnect, device number 11
[   87.955134][ T7673] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   87.983369][ T7677] FAULT_INJECTION: forcing a failure.
[   87.983369][ T7677] name failslab, interval 1, probability 0, space 0, times 0
[   87.987578][ T7677] CPU: 3 UID: 0 PID: 7677 Comm: syz.1.563 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   87.987593][ T7677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.987600][ T7677] Call Trace:
[   87.987604][ T7677]  <TASK>
[   87.987608][ T7677]  dump_stack_lvl+0x16c/0x1f0
[   87.987628][ T7677]  should_fail_ex+0x512/0x640
[   87.987639][ T7677]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[   87.987652][ T7677]  should_failslab+0xc2/0x120
[   87.987664][ T7677]  __kmalloc_cache_node_noprof+0x6d/0x420
[   87.987675][ T7677]  ? __get_vm_area_node+0x101/0x330
[   87.987692][ T7677]  __get_vm_area_node+0x101/0x330
[   87.987708][ T7677]  __vmalloc_node_range_noprof+0x271/0x14b0
[   87.987724][ T7677]  ? vhost_task_create+0x1d2/0x2e0
[   87.987735][ T7677]  ? local_lock_release+0x99/0x140
[   87.987752][ T7677]  ? vhost_task_create+0x1d2/0x2e0
[   87.987762][ T7677]  ? rcu_read_unlock+0x17/0x60
[   87.987776][ T7677]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   87.987797][ T7677]  ? vhost_task_create+0x1d2/0x2e0
[   87.987807][ T7677]  __vmalloc_node_noprof+0xad/0xf0
[   87.987822][ T7677]  ? vhost_task_create+0x1d2/0x2e0
[   87.987833][ T7677]  copy_process+0x2c70/0x7690
[   87.987855][ T7677]  ? __pfx_copy_process+0x10/0x10
[   87.987871][ T7677]  ? lockdep_init_map_type+0x5c/0x280
[   87.987882][ T7677]  ? lockdep_init_map_type+0x5c/0x280
[   87.987892][ T7677]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   87.987907][ T7677]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   87.987925][ T7677]  vhost_task_create+0x1d2/0x2e0
[   87.987935][ T7677]  ? __pfx_vhost_task_create+0x10/0x10
[   87.987950][ T7677]  ? __pfx_vhost_task_fn+0x10/0x10
[   87.987967][ T7677]  kvm_mmu_post_init_vm+0x1b7/0x380
[   87.987980][ T7677]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[   87.987996][ T7677]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[   87.988017][ T7677]  kvm_vcpu_ioctl+0x5eb/0x1690
[   87.988033][ T7677]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   87.988047][ T7677]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   87.988060][ T7677]  ? do_vfs_ioctl+0x128/0x14f0
[   87.988077][ T7677]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   87.988093][ T7677]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   87.988113][ T7677]  ? hook_file_ioctl_common+0x145/0x410
[   87.988133][ T7677]  ? selinux_file_ioctl+0x180/0x270
[   87.988146][ T7677]  ? selinux_file_ioctl+0xb4/0x270
[   87.988160][ T7677]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   87.988174][ T7677]  __x64_sys_ioctl+0x18e/0x210
[   87.988191][ T7677]  do_syscall_64+0xcd/0x4c0
[   87.988202][ T7677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.988213][ T7677] RIP: 0033:0x7f1fb878ebe9
[   87.988222][ T7677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.988233][ T7677] RSP: 002b:00007f1fb9683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   87.988243][ T7677] RAX: ffffffffffffffda RBX: 00007f1fb89b5fa0 RCX: 00007f1fb878ebe9
[   87.988250][ T7677] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   87.988256][ T7677] RBP: 00007f1fb9683090 R08: 0000000000000000 R09: 0000000000000000
[   87.988262][ T7677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.988268][ T7677] R13: 00007f1fb89b6038 R14: 00007f1fb89b5fa0 R15: 00007fff50434858
[   87.988281][ T7677]  </TASK>
[   87.988406][ T7677] syz.1.563: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   88.120910][ T7677] CPU: 2 UID: 0 PID: 7677 Comm: syz.1.563 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   88.120925][ T7677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.120931][ T7677] Call Trace:
[   88.120935][ T7677]  <TASK>
[   88.120939][ T7677]  dump_stack_lvl+0x16c/0x1f0
[   88.120960][ T7677]  warn_alloc+0x248/0x3a0
[   88.120972][ T7677]  ? __pfx_warn_alloc+0x10/0x10
[   88.120984][ T7677]  ? __kmalloc_cache_node_noprof+0x272/0x420
[   88.120997][ T7677]  ? __kasan_kmalloc+0x8a/0xb0
[   88.121008][ T7677]  ? __get_vm_area_node+0x208/0x330
[   88.121026][ T7677]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[   88.121042][ T7677]  ? local_lock_release+0x99/0x140
[   88.121058][ T7677]  ? vhost_task_create+0x1d2/0x2e0
[   88.121069][ T7677]  ? rcu_read_unlock+0x17/0x60
[   88.121083][ T7677]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   88.121104][ T7677]  ? vhost_task_create+0x1d2/0x2e0
[   88.121114][ T7677]  __vmalloc_node_noprof+0xad/0xf0
[   88.121129][ T7677]  ? vhost_task_create+0x1d2/0x2e0
[   88.121141][ T7677]  copy_process+0x2c70/0x7690
[   88.121162][ T7677]  ? __pfx_copy_process+0x10/0x10
[   88.121178][ T7677]  ? lockdep_init_map_type+0x5c/0x280
[   88.121190][ T7677]  ? lockdep_init_map_type+0x5c/0x280
[   88.121200][ T7677]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   88.121215][ T7677]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   88.121232][ T7677]  vhost_task_create+0x1d2/0x2e0
[   88.121243][ T7677]  ? __pfx_vhost_task_create+0x10/0x10
[   88.121258][ T7677]  ? __pfx_vhost_task_fn+0x10/0x10
[   88.121275][ T7677]  kvm_mmu_post_init_vm+0x1b7/0x380
[   88.121288][ T7677]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[   88.121304][ T7677]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[   88.121321][ T7677]  kvm_vcpu_ioctl+0x5eb/0x1690
[   88.121336][ T7677]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   88.121350][ T7677]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   88.121364][ T7677]  ? do_vfs_ioctl+0x128/0x14f0
[   88.121380][ T7677]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   88.121396][ T7677]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   88.121415][ T7677]  ? hook_file_ioctl_common+0x145/0x410
[   88.121435][ T7677]  ? selinux_file_ioctl+0x180/0x270
[   88.121448][ T7677]  ? selinux_file_ioctl+0xb4/0x270
[   88.121462][ T7677]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   88.121476][ T7677]  __x64_sys_ioctl+0x18e/0x210
[   88.121494][ T7677]  do_syscall_64+0xcd/0x4c0
[   88.121505][ T7677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.121516][ T7677] RIP: 0033:0x7f1fb878ebe9
[   88.121525][ T7677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.121535][ T7677] RSP: 002b:00007f1fb9683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   88.121545][ T7677] RAX: ffffffffffffffda RBX: 00007f1fb89b5fa0 RCX: 00007f1fb878ebe9
[   88.121551][ T7677] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   88.121558][ T7677] RBP: 00007f1fb9683090 R08: 0000000000000000 R09: 0000000000000000
[   88.121563][ T7677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.121569][ T7677] R13: 00007f1fb89b6038 R14: 00007f1fb89b5fa0 R15: 00007fff50434858
[   88.121583][ T7677]  </TASK>
[   88.121587][ T7677] Mem-Info:
[   88.211193][ T7684] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[   88.212586][ T7677] active_anon:8926 inactive_anon:0 isolated_anon:0
[   88.212586][ T7677]  active_file:16029 inactive_file:40603 isolated_file:0
[   88.212586][ T7677]  unevictable:18113 dirty:303 writeback:0
[   88.212586][ T7677]  slab_reclaimable:12391 slab_unreclaimable:73902
[   88.212586][ T7677]  mapped:30632 shmem:2407 pagetables:1466
[   88.212586][ T7677]  sec_pagetables:303 bounce:0
[   88.212586][ T7677]  kernel_misc_reclaimable:0
[   88.212586][ T7677]  free:424868 free_pcp:13273 free_cma:0
[   88.240987][ T7677] Node 0 active_anon:35704kB inactive_anon:0kB active_file:64116kB inactive_file:162208kB unevictable:68916kB isolated(anon):0kB isolated(file):0kB mapped:122528kB dirty:1204kB writeback:0kB shmem:6092kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13456kB pagetables:5648kB sec_pagetables:1212kB all_unreclaimable? no Balloon:0kB
[   88.253083][ T7677] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:112kB pagetables:216kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   88.267771][ T7677] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   88.280028][ T7677] lowmem_reserve[]: 0 1233 1233 1233 1233
[   88.281753][ T7677] Node 0 DMA32 free:82424kB boost:2048kB min:29564kB low:36440kB high:43316kB reserved_highatomic:0KB free_highatomic:0KB active_anon:35580kB inactive_anon:0kB active_file:64116kB inactive_file:162208kB unevictable:68916kB writepending:1440kB present:2080628kB managed:1263548kB mlocked:0kB bounce:0kB free_pcp:39876kB local_pcp:17932kB free_cma:0kB
[   88.292420][ T7677] lowmem_reserve[]: 0 0 0 0 0
[   88.294115][ T7677] Node 1 Normal free:1601688kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:3536kB writepending:8kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:14348kB local_pcp:6464kB free_cma:0kB
[   88.303492][ T7677] lowmem_reserve[]: 0 0 0 0 0
[   88.306199][ T7677] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   88.310097][ T7677] Node 0 DMA32: 132*4kB (UME) 425*8kB (UM) 528*16kB (UME) 120*32kB (UM) 88*64kB (UME) 39*128kB (UME) 37*256kB (UM) 28*512kB (UM) 11*1024kB (UM) 2*2048kB (UM) 4*4096kB (U) = 82392kB
[   88.315798][ T7677] Node 1 Normal: 10*4kB (UME) 26*8kB (UME) 32*16kB (UME) 27*32kB (UME) 17*64kB (UME) 8*128kB (UME) 4*256kB (UE) 5*512kB (UME) 1*1024kB (E) 2*2048kB (UM) 388*4096kB (ME) = 1601688kB
[   88.321324][ T7677] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   88.324383][ T7677] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   88.327245][ T7677] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   88.330176][ T7677] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[   88.333014][ T7677] 75380 total pagecache pages
[   88.334542][ T7677] 0 pages in swap cache
[   88.335856][ T7677] Free swap  = 124996kB
[   88.337174][ T7677] Total swap = 124996kB
[   88.338485][ T7677] 1048443 pages RAM
[   88.339706][ T7677] 0 pages HighMem/MovableOnly
[   88.341204][ T7677] 283243 pages reserved
[   88.342499][ T7677] 0 pages cma reserved
[   88.389793][   T40] kauditd_printk_skb: 6 callbacks suppressed
[   88.389804][   T40] audit: type=1400 audit(1754585705.187:392): avc:  denied  { accept } for  pid=7685 comm="syz.5.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   88.422240][   T40] audit: type=1400 audit(1754585705.217:393): avc:  denied  { bind } for  pid=7685 comm="syz.5.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   88.428824][   T40] audit: type=1400 audit(1754585705.217:394): avc:  denied  { listen } for  pid=7685 comm="syz.5.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   88.435188][   T40] audit: type=1400 audit(1754585705.217:395): avc:  denied  { accept } for  pid=7685 comm="syz.5.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   88.458633][ T7691] overlayfs: failed to clone upperpath
[   88.708472][ T7719] FAULT_INJECTION: forcing a failure.
[   88.708472][ T7719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.712564][ T7719] CPU: 2 UID: 0 PID: 7719 Comm: syz.2.579 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   88.712579][ T7719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.712586][ T7719] Call Trace:
[   88.712590][ T7719]  <TASK>
[   88.712594][ T7719]  dump_stack_lvl+0x16c/0x1f0
[   88.712615][ T7719]  should_fail_ex+0x512/0x640
[   88.712628][ T7719]  _copy_from_user+0x2e/0xd0
[   88.712640][ T7719]  move_addr_to_kernel+0x65/0x170
[   88.712654][ T7719]  __copy_msghdr+0x386/0x470
[   88.712670][ T7719]  copy_msghdr_from_user+0xc1/0x160
[   88.712686][ T7719]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   88.712708][ T7719]  ___sys_sendmsg+0xfe/0x1d0
[   88.712725][ T7719]  ? __pfx____sys_sendmsg+0x10/0x10
[   88.712752][ T7719]  ? __mutex_unlock_slowpath+0x100/0x800
[   88.712774][ T7719]  __sys_sendmsg+0x16d/0x220
[   88.712789][ T7719]  ? __pfx___sys_sendmsg+0x10/0x10
[   88.712814][ T7719]  do_syscall_64+0xcd/0x4c0
[   88.712825][ T7719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.712836][ T7719] RIP: 0033:0x7fa685f8ebe9
[   88.712844][ T7719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.712855][ T7719] RSP: 002b:00007fa686d88038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.712865][ T7719] RAX: ffffffffffffffda RBX: 00007fa6861b5fa0 RCX: 00007fa685f8ebe9
[   88.712871][ T7719] RDX: 0000000000040800 RSI: 0000200000001480 RDI: 0000000000000003
[   88.712878][ T7719] RBP: 00007fa686d88090 R08: 0000000000000000 R09: 0000000000000000
[   88.712884][ T7719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.712889][ T7719] R13: 00007fa6861b6038 R14: 00007fa6861b5fa0 R15: 00007ffd1d7588c8
[   88.712902][ T7719]  </TASK>
[   88.807881][ T7723] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=28944 sclass=netlink_route_socket pid=7723 comm=syz.2.581
[   88.890018][   T40] audit: type=1400 audit(1754585705.687:396): avc:  denied  { append } for  pid=7732 comm="syz.5.586" name="ubi_ctrl" dev="devtmpfs" ino=718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   88.895966][ T7734] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.900018][ T7734] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.908347][ T7728] kvm: kvm [7727]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x4000000000007
[   88.912012][ T7728] kvm: kvm [7727]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x4000000000007
[   88.960656][   T40] audit: type=1400 audit(1754585705.757:397): avc:  denied  { ioctl } for  pid=7720 comm="syz.1.580" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x54dc scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   88.972398][ T7728] kvm_intel: kvm [7727]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x1d9) = 0x4000000000001
[   88.987737][ T7728] kvm: kvm [7727]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x187) = 0x4000000000001
[   88.991275][ T7728] kvm: kvm [7727]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0x4000000000001
[   89.153965][ T6041] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[   89.307978][ T6041] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   89.311527][ T6041] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   89.314614][ T6041] usb 10-1: Product: syz
[   89.316276][ T6041] usb 10-1: Manufacturer: syz
[   89.318109][ T6041] usb 10-1: SerialNumber: syz
[   89.324873][ T6041] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   89.343711][   T40] audit: type=1400 audit(1754585706.137:398): avc:  denied  { firmware_load } for  pid=6041 comm="kworker/2:3" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[   89.350927][ T6041] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   89.560505][   T59] usb 10-1: USB disconnect, device number 5
[   89.725599][   T40] audit: type=1400 audit(1754585706.527:399): avc:  denied  { read append } for  pid=7757 comm="syz.2.591" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   89.752595][ T7756] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   89.758378][   T40] audit: type=1400 audit(1754585706.527:400): avc:  denied  { open } for  pid=7757 comm="syz.2.591" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   89.766758][   T40] audit: type=1400 audit(1754585706.527:401): avc:  denied  { ioctl } for  pid=7757 comm="syz.2.591" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   89.991164][ T7771] syzkaller1: entered promiscuous mode
[   89.993376][ T7771] syzkaller1: entered allmulticast mode
[   90.185513][ T7775] fanotify: failed to encode fid (type=0, len=0, err=-2)
[   90.186897][ T7774] fanotify: failed to encode fid (type=0, len=0, err=-2)
[   90.233910][  T842] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[   90.251685][ T7781] FAULT_INJECTION: forcing a failure.
[   90.251685][ T7781] name failslab, interval 1, probability 0, space 0, times 0
[   90.255839][ T7781] CPU: 2 UID: 0 PID: 7781 Comm: syz.5.600 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   90.255853][ T7781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.255860][ T7781] Call Trace:
[   90.255864][ T7781]  <TASK>
[   90.255868][ T7781]  dump_stack_lvl+0x16c/0x1f0
[   90.255889][ T7781]  should_fail_ex+0x512/0x640
[   90.255899][ T7781]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   90.255918][ T7781]  should_failslab+0xc2/0x120
[   90.255930][ T7781]  __kmalloc_cache_noprof+0x6a/0x3e0
[   90.255947][ T7781]  ? rfcomm_dev_ioctl+0xa5b/0x1c90
[   90.255958][ T7781]  ? rfcomm_dlc_clear_state+0x13/0x220
[   90.255970][ T7781]  rfcomm_dev_ioctl+0xa5b/0x1c90
[   90.255981][ T7781]  ? __pfx_bt_sock_ioctl+0x10/0x10
[   90.255995][ T7781]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[   90.256008][ T7781]  ? tomoyo_path_number_perm+0x18d/0x580
[   90.256022][ T7781]  rfcomm_sock_ioctl+0xaa/0xd0
[   90.256037][ T7781]  sock_do_ioctl+0x118/0x280
[   90.256050][ T7781]  ? __pfx_sock_do_ioctl+0x10/0x10
[   90.256065][ T7781]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   90.256082][ T7781]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   90.256099][ T7781]  sock_ioctl+0x227/0x6b0
[   90.256112][ T7781]  ? __pfx_sock_ioctl+0x10/0x10
[   90.256123][ T7781]  ? hook_file_ioctl_common+0x145/0x410
[   90.256142][ T7781]  ? selinux_file_ioctl+0x180/0x270
[   90.256155][ T7781]  ? selinux_file_ioctl+0xb4/0x270
[   90.256169][ T7781]  ? __pfx_sock_ioctl+0x10/0x10
[   90.256181][ T7781]  __x64_sys_ioctl+0x18e/0x210
[   90.256198][ T7781]  do_syscall_64+0xcd/0x4c0
[   90.256209][ T7781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.256220][ T7781] RIP: 0033:0x7f11d578ebe9
[   90.256229][ T7781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.256239][ T7781] RSP: 002b:00007f11d39f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   90.256249][ T7781] RAX: ffffffffffffffda RBX: 00007f11d59b5fa0 RCX: 00007f11d578ebe9
[   90.256256][ T7781] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[   90.256262][ T7781] RBP: 00007f11d39f6090 R08: 0000000000000000 R09: 0000000000000000
[   90.256268][ T7781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.256274][ T7781] R13: 00007f11d59b6038 R14: 00007f11d59b5fa0 R15: 00007ffce639ad28
[   90.256287][ T7781]  </TASK>
[   90.393953][  T842] usb 7-1: device descriptor read/64, error -71
[   90.424596][ T6041] ath9k_htc 10-1:1.0: ath9k_htc: Target is unresponsive
[   90.427558][ T6041] ath9k_htc: Failed to initialize the device
[   90.431065][   T59] usb 10-1: ath9k_htc: USB layer deinitialized
[   90.495265][ T6297] libceph: connect (1)[c::]:6789 error -101
[   90.497582][ T6297] libceph: mon0 (1)[c::]:6789 connect error
[   90.634508][  T842] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[   90.755009][ T6041] libceph: connect (1)[c::]:6789 error -101
[   90.756985][ T6041] libceph: mon0 (1)[c::]:6789 connect error
[   90.761582][ T7817] mkiss: ax0: crc mode is auto.
[   90.773911][  T842] usb 7-1: device descriptor read/64, error -71
[   90.863910][   T59] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[   90.884872][  T842] usb usb7-port1: attempt power cycle
[   91.003990][  T840] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[   91.015080][   T59] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   91.020552][   T59] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   91.023362][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   91.026067][   T59] usb 6-1: Product: syz
[   91.027392][   T59] usb 6-1: Manufacturer: syz
[   91.028862][   T59] usb 6-1: SerialNumber: syz
[   91.143928][  T840] usb 10-1: device descriptor read/64, error -71
[   91.223887][  T842] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[   91.235965][   T59] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   91.245449][  T842] usb 7-1: device descriptor read/8, error -71
[   91.264941][   T59] libceph: connect (1)[c::]:6789 error -101
[   91.266942][   T59] libceph: mon0 (1)[c::]:6789 connect error
[   91.307693][ T7800] ceph: No mds server is up or the cluster is laggy
[   91.384259][  T840] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[   91.417550][ T7837] 9pnet_fd: Insufficient options for proto=fd
[   91.483945][  T842] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[   91.497077][    C0] usblp0: nonzero write bulk status received: -71
[   91.499575][ T6041] usb 6-1: USB disconnect, device number 13
[   91.503177][ T6041] usblp0: removed
[   91.505577][  T842] usb 7-1: device descriptor read/8, error -71
[   91.533928][  T840] usb 10-1: device descriptor read/64, error -71
[   91.614050][  T842] usb usb7-port1: unable to enumerate USB device
[   91.654167][  T840] usb usb10-port1: attempt power cycle
[   91.993988][  T840] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[   92.014383][  T840] usb 10-1: device descriptor read/8, error -71
[   92.114779][ T7874] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   92.253916][  T840] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[   92.275590][  T840] usb 10-1: device descriptor read/8, error -71
[   92.394933][  T840] usb usb10-port1: unable to enumerate USB device
[   92.539447][ T7904] __nla_validate_parse: 14 callbacks suppressed
[   92.539459][ T7904] netlink: 12 bytes leftover after parsing attributes in process `syz.0.632'.
[   92.545475][ T7904] netlink: 8 bytes leftover after parsing attributes in process `syz.0.632'.
[   92.593974][ T6048] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[   92.755208][ T6048] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   92.760902][ T6048] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   92.763792][ T6048] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   92.766463][ T6048] usb 6-1: Product: syz
[   92.767847][ T6048] usb 6-1: Manufacturer: syz
[   92.769413][ T6048] usb 6-1: SerialNumber: syz
[   92.975818][ T6048] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 14 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   93.079697][ T7912] Bluetooth: MGMT ver 1.23
[   93.138921][ T7914] netlink: 16 bytes leftover after parsing attributes in process `syz.2.634'.
[   93.168852][ T7918] netlink: 8 bytes leftover after parsing attributes in process `syz.2.635'.
[   93.231548][ T7921] block nbd1: NBD_DISCONNECT
[   93.235610][    C2] usblp0: nonzero write bulk status received: -71
[   93.236569][ T6048] usb 6-1: USB disconnect, device number 14
[   93.241492][ T6048] usblp0: removed
[   93.289423][ T7927] kernel profiling enabled (shift: 3)
[   93.559569][ T7934] netlink: 40 bytes leftover after parsing attributes in process `syz.0.642'.
[   93.635220][ T7939] FAULT_INJECTION: forcing a failure.
[   93.635220][ T7939] name failslab, interval 1, probability 0, space 0, times 0
[   93.639152][ T7939] CPU: 1 UID: 0 PID: 7939 Comm: syz.2.644 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   93.639167][ T7939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.639174][ T7939] Call Trace:
[   93.639178][ T7939]  <TASK>
[   93.639182][ T7939]  dump_stack_lvl+0x16c/0x1f0
[   93.639202][ T7939]  should_fail_ex+0x512/0x640
[   93.639212][ T7939]  ? __kmalloc_noprof+0xbf/0x510
[   93.639224][ T7939]  ? drm_atomic_state_init+0xe4/0x320
[   93.639237][ T7939]  should_failslab+0xc2/0x120
[   93.639250][ T7939]  __kmalloc_noprof+0xd2/0x510
[   93.639263][ T7939]  drm_atomic_state_init+0xe4/0x320
[   93.639276][ T7939]  ? __kasan_kmalloc+0xaa/0xb0
[   93.639286][ T7939]  drm_atomic_state_alloc+0xd3/0x120
[   93.639300][ T7939]  drm_mode_atomic_ioctl+0x393/0x25f0
[   93.639316][ T7939]  ? avc_has_extended_perms+0x33a/0x1090
[   93.639335][ T7939]  ? avc_has_extended_perms+0x47c/0x1090
[   93.639352][ T7939]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[   93.639366][ T7939]  ? __lock_acquire+0xb97/0x1ce0
[   93.639391][ T7939]  ? drm_is_current_master+0x2c/0x40
[   93.639405][ T7939]  ? do_raw_spin_unlock+0x172/0x230
[   93.639419][ T7939]  drm_ioctl_kernel+0x1f4/0x3e0
[   93.639429][ T7939]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[   93.639444][ T7939]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   93.639459][ T7939]  drm_ioctl+0x5c9/0xc30
[   93.639471][ T7939]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[   93.639486][ T7939]  ? __pfx_drm_ioctl+0x10/0x10
[   93.639502][ T7939]  ? selinux_file_ioctl+0x180/0x270
[   93.639515][ T7939]  ? selinux_file_ioctl+0xb4/0x270
[   93.639529][ T7939]  ? __pfx_drm_ioctl+0x10/0x10
[   93.639540][ T7939]  __x64_sys_ioctl+0x18e/0x210
[   93.639558][ T7939]  do_syscall_64+0xcd/0x4c0
[   93.639569][ T7939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.639580][ T7939] RIP: 0033:0x7fa685f8ebe9
[   93.639589][ T7939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.639599][ T7939] RSP: 002b:00007fa686d88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   93.639609][ T7939] RAX: ffffffffffffffda RBX: 00007fa6861b5fa0 RCX: 00007fa685f8ebe9
[   93.639615][ T7939] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 0000000000000008
[   93.639621][ T7939] RBP: 00007fa686d88090 R08: 0000000000000000 R09: 0000000000000000
[   93.639627][ T7939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.639633][ T7939] R13: 00007fa6861b6038 R14: 00007fa6861b5fa0 R15: 00007ffd1d7588c8
[   93.639646][ T7939]  </TASK>
[   93.742122][ T7942] netlink: 8 bytes leftover after parsing attributes in process `syz.2.645'.
[   93.816380][ T7950] FAULT_INJECTION: forcing a failure.
[   93.816380][ T7950] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.820417][ T7950] CPU: 1 UID: 0 PID: 7950 Comm: syz.2.648 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   93.820431][ T7950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.820438][ T7950] Call Trace:
[   93.820456][ T7950]  <TASK>
[   93.820462][ T7950]  dump_stack_lvl+0x16c/0x1f0
[   93.820482][ T7950]  should_fail_ex+0x512/0x640
[   93.820495][ T7950]  _copy_to_user+0x32/0xd0
[   93.820508][ T7950]  simple_read_from_buffer+0xcb/0x170
[   93.820522][ T7950]  proc_fail_nth_read+0x197/0x240
[   93.820534][ T7950]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   93.820548][ T7950]  ? rw_verify_area+0xcf/0x6c0
[   93.820564][ T7950]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   93.820576][ T7950]  vfs_read+0x1e1/0xc60
[   93.820588][ T7950]  ? __pfx___mutex_lock+0x10/0x10
[   93.820598][ T7950]  ? __pfx_vfs_read+0x10/0x10
[   93.820612][ T7950]  ? __fget_files+0x20e/0x3c0
[   93.820628][ T7950]  ksys_read+0x12a/0x250
[   93.820639][ T7950]  ? __pfx_ksys_read+0x10/0x10
[   93.820662][ T7950]  ? fput+0x9b/0xd0
[   93.820678][ T7950]  do_syscall_64+0xcd/0x4c0
[   93.820690][ T7950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.820701][ T7950] RIP: 0033:0x7fa685f8d5fc
[   93.820709][ T7950] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   93.820723][ T7950] RSP: 002b:00007fa686d88030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   93.820734][ T7950] RAX: ffffffffffffffda RBX: 00007fa6861b5fa0 RCX: 00007fa685f8d5fc
[   93.820741][ T7950] RDX: 000000000000000f RSI: 00007fa686d880a0 RDI: 0000000000000008
[   93.820747][ T7950] RBP: 00007fa686d88090 R08: 0000000000000000 R09: 0000000000000000
[   93.820753][ T7950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.820759][ T7950] R13: 00007fa6861b6038 R14: 00007fa6861b5fa0 R15: 00007ffd1d7588c8
[   93.820772][ T7950]  </TASK>
[   94.096753][ T7972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.656'.
[   94.233950][   T40] kauditd_printk_skb: 5 callbacks suppressed
[   94.233961][   T40] audit: type=1400 audit(1754585711.027:407): avc:  denied  { create } for  pid=7981 comm="syz.1.660" name="blkio.bfq.io_service_bytes_recursive" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   94.243512][   T40] audit: type=1400 audit(1754585711.037:408): avc:  denied  { associate } for  pid=7981 comm="syz.1.660" name="blkio.bfq.io_service_bytes_recursive" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   94.273955][   T34] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[   94.333907][ T4251] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[   94.425101][   T34] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   94.430639][   T34] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   94.433483][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   94.436557][   T34] usb 7-1: Product: syz
[   94.437896][   T34] usb 7-1: Manufacturer: syz
[   94.439373][   T34] usb 7-1: SerialNumber: syz
[   94.485463][ T4251] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   94.491335][ T4251] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   94.494639][ T4251] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   94.497224][ T4251] usb 10-1: Product: syz
[   94.498619][ T4251] usb 10-1: Manufacturer: syz
[   94.500190][ T4251] usb 10-1: SerialNumber: syz
[   94.583387][ T8000] netlink: 12 bytes leftover after parsing attributes in process `syz.1.666'.
[   94.639912][ T8004] FAULT_INJECTION: forcing a failure.
[   94.639912][ T8004] name failslab, interval 1, probability 0, space 0, times 0
[   94.644861][ T8004] CPU: 2 UID: 0 PID: 8004 Comm: syz.1.668 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   94.644877][ T8004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.644883][ T8004] Call Trace:
[   94.644887][ T8004]  <TASK>
[   94.644892][ T8004]  dump_stack_lvl+0x16c/0x1f0
[   94.644912][ T8004]  should_fail_ex+0x512/0x640
[   94.644923][ T8004]  ? __kmalloc_noprof+0xbf/0x510
[   94.644935][ T8004]  ? lsm_blob_alloc+0x68/0x90
[   94.644951][ T8004]  should_failslab+0xc2/0x120
[   94.644964][ T8004]  __kmalloc_noprof+0xd2/0x510
[   94.644974][ T8004]  ? __pfx_perf_event_init_task+0x10/0x10
[   94.644990][ T8004]  ? audit_alloc+0xa2/0x7b0
[   94.645006][ T8004]  lsm_blob_alloc+0x68/0x90
[   94.645022][ T8004]  security_task_alloc+0x2d/0x260
[   94.645038][ T8004]  copy_process+0x2205/0x7690
[   94.645060][ T8004]  ? __pfx_copy_process+0x10/0x10
[   94.645076][ T8004]  ? lockdep_init_map_type+0x5c/0x280
[   94.645088][ T8004]  ? lockdep_init_map_type+0x5c/0x280
[   94.645098][ T8004]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   94.645113][ T8004]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   94.645130][ T8004]  vhost_task_create+0x1d2/0x2e0
[   94.645141][ T8004]  ? __pfx_vhost_task_create+0x10/0x10
[   94.645156][ T8004]  ? __pfx_vhost_task_fn+0x10/0x10
[   94.645173][ T8004]  kvm_mmu_post_init_vm+0x1b7/0x380
[   94.645186][ T8004]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[   94.645202][ T8004]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[   94.645219][ T8004]  kvm_vcpu_ioctl+0x5eb/0x1690
[   94.645235][ T8004]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   94.645249][ T8004]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   94.645262][ T8004]  ? do_vfs_ioctl+0x128/0x14f0
[   94.645279][ T8004]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   94.645295][ T8004]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   94.645314][ T8004]  ? hook_file_ioctl_common+0x145/0x410
[   94.645334][ T8004]  ? selinux_file_ioctl+0x180/0x270
[   94.645347][ T8004]  ? selinux_file_ioctl+0xb4/0x270
[   94.645361][ T8004]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   94.645375][ T8004]  __x64_sys_ioctl+0x18e/0x210
[   94.645392][ T8004]  do_syscall_64+0xcd/0x4c0
[   94.645403][ T8004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.645414][ T8004] RIP: 0033:0x7f1fb878ebe9
[   94.645423][ T8004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.645433][ T8004] RSP: 002b:00007f1fb9683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   94.645443][ T8004] RAX: ffffffffffffffda RBX: 00007f1fb89b5fa0 RCX: 00007f1fb878ebe9
[   94.645450][ T8004] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[   94.645456][ T8004] RBP: 00007f1fb9683090 R08: 0000000000000000 R09: 0000000000000000
[   94.645462][ T8004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.645467][ T8004] R13: 00007f1fb89b6038 R14: 00007f1fb89b5fa0 R15: 00007fff50434858
[   94.645481][ T8004]  </TASK>
[   94.651924][   T34] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   94.750085][ T4251] usblp 10-1:1.0: usblp1: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   94.906281][ T8012] block nbd2: NBD_DISCONNECT
[   94.909525][    C1] usblp0: nonzero write bulk status received: -71
[   94.910192][   T34] usb 7-1: USB disconnect, device number 16
[   94.950370][ T8014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.672'.
[   94.975121][ T7973] usblp0: removed
[   95.046445][ T4251] usb 10-1: USB disconnect, device number 10
[   95.050053][ T4251] usblp1: removed
[   95.194600][ T8029] netlink: 12 bytes leftover after parsing attributes in process `syz.0.676'.
[   95.436465][   T40] audit: type=1400 audit(1754585712.237:409): avc:  denied  { ioctl } for  pid=8036 comm="syz.2.679" path="socket:[17247]" dev="sockfs" ino=17247 ioctlcmd=0x89e4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   95.678550][   T40] audit: type=1400 audit(1754585712.477:410): avc:  denied  { write } for  pid=8047 comm="syz.2.684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   95.739045][ T8056] FAULT_INJECTION: forcing a failure.
[   95.739045][ T8056] name failslab, interval 1, probability 0, space 0, times 0
[   95.743018][ T8056] CPU: 0 UID: 0 PID: 8056 Comm: syz.5.688 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   95.743033][ T8056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.743040][ T8056] Call Trace:
[   95.743044][ T8056]  <TASK>
[   95.743048][ T8056]  dump_stack_lvl+0x16c/0x1f0
[   95.743068][ T8056]  should_fail_ex+0x512/0x640
[   95.743078][ T8056]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   95.743091][ T8056]  should_failslab+0xc2/0x120
[   95.743103][ T8056]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   95.743114][ T8056]  ? getname_flags.part.0+0x4c/0x550
[   95.743132][ T8056]  getname_flags.part.0+0x4c/0x550
[   95.743150][ T8056]  getname_flags+0x93/0xf0
[   95.743161][ T8056]  do_sys_openat2+0xb8/0x1d0
[   95.743175][ T8056]  ? __pfx_do_sys_openat2+0x10/0x10
[   95.743191][ T8056]  ? __fget_files+0x20e/0x3c0
[   95.743206][ T8056]  __x64_sys_openat+0x174/0x210
[   95.743221][ T8056]  ? __pfx___x64_sys_openat+0x10/0x10
[   95.743235][ T8056]  ? ksys_write+0x1ac/0x250
[   95.743250][ T8056]  do_syscall_64+0xcd/0x4c0
[   95.743261][ T8056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.743272][ T8056] RIP: 0033:0x7f11d578ebe9
[   95.743281][ T8056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.743291][ T8056] RSP: 002b:00007f11d39f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   95.743301][ T8056] RAX: ffffffffffffffda RBX: 00007f11d59b5fa0 RCX: 00007f11d578ebe9
[   95.743308][ T8056] RDX: 0000000000000100 RSI: 0000200000000240 RDI: ffffffffffffff9c
[   95.743314][ T8056] RBP: 00007f11d39f6090 R08: 0000000000000000 R09: 0000000000000000
[   95.743320][ T8056] R10: 0000000000000198 R11: 0000000000000246 R12: 0000000000000001
[   95.743326][ T8056] R13: 00007f11d59b6038 R14: 00007f11d59b5fa0 R15: 00007ffce639ad28
[   95.743339][ T8056]  </TASK>
[   95.827799][ T8058] bridge0: entered promiscuous mode
[   95.829671][ T8058] macvlan2: entered promiscuous mode
[   95.835648][ T8059] : Can't lookup blockdev
[   95.887020][   T40] audit: type=1400 audit(1754585712.687:411): avc:  denied  { mounton } for  pid=8062 comm="syz.5.690" path="/proc/138/task" dev="proc" ino=20243 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   95.908398][   T40] audit: type=1400 audit(1754585712.707:412): avc:  denied  { ioctl } for  pid=8065 comm="syz.5.691" path="socket:[17267]" dev="sockfs" ino=17267 ioctlcmd=0x8919 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   95.942908][ T8066] FAULT_INJECTION: forcing a failure.
[   95.942908][ T8066] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.947339][ T8066] CPU: 2 UID: 0 PID: 8066 Comm: syz.5.691 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   95.947355][ T8066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.947362][ T8066] Call Trace:
[   95.947366][ T8066]  <TASK>
[   95.947370][ T8066]  dump_stack_lvl+0x16c/0x1f0
[   95.947391][ T8066]  should_fail_ex+0x512/0x640
[   95.947404][ T8066]  _copy_to_iter+0x29f/0x16f0
[   95.947420][ T8066]  ? __pfx__copy_to_iter+0x10/0x10
[   95.947438][ T8066]  simple_copy_to_iter+0x46/0x90
[   95.947452][ T8066]  __skb_datagram_iter+0x5af/0x900
[   95.947465][ T8066]  ? __pfx_simple_copy_to_iter+0x10/0x10
[   95.947483][ T8066]  skb_copy_datagram_iter+0x40/0x50
[   95.947497][ T8066]  mptcp_recvmsg+0x5ac/0x2230
[   95.947519][ T8066]  ? __pfx_mptcp_recvmsg+0x10/0x10
[   95.947534][ T8066]  ? __lock_acquire+0x62e/0x1ce0
[   95.947552][ T8066]  ? sock_has_perm+0x259/0x2f0
[   95.947569][ T8066]  ? __pfx_mptcp_recvmsg+0x10/0x10
[   95.947583][ T8066]  inet_recvmsg+0x46f/0x6a0
[   95.947596][ T8066]  ? __fget_files+0x204/0x3c0
[   95.947608][ T8066]  ? __pfx_inet_recvmsg+0x10/0x10
[   95.947625][ T8066]  sock_recvmsg+0x1b2/0x250
[   95.947638][ T8066]  __sys_recvfrom+0x203/0x310
[   95.947658][ T8066]  ? __pfx___sys_recvfrom+0x10/0x10
[   95.947684][ T8066]  ? ksys_write+0x1ac/0x250
[   95.947695][ T8066]  ? __pfx_ksys_write+0x10/0x10
[   95.947708][ T8066]  __x64_sys_recvfrom+0xe0/0x1c0
[   95.947722][ T8066]  ? do_syscall_64+0x91/0x4c0
[   95.947731][ T8066]  ? lockdep_hardirqs_on+0x7c/0x110
[   95.947747][ T8066]  do_syscall_64+0xcd/0x4c0
[   95.947758][ T8066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.947769][ T8066] RIP: 0033:0x7f11d578ebe9
[   95.947778][ T8066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.947788][ T8066] RSP: 002b:00007f11d39f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[   95.947799][ T8066] RAX: ffffffffffffffda RBX: 00007f11d59b5fa0 RCX: 00007f11d578ebe9
[   95.947805][ T8066] RDX: fffffffffffffecb RSI: 0000200000000180 RDI: 0000000000000007
[   95.947811][ T8066] RBP: 00007f11d39f6090 R08: 0000000000000000 R09: 0000000000000000
[   95.947817][ T8066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.947823][ T8066] R13: 00007f11d59b6038 R14: 00007f11d59b5fa0 R15: 00007ffce639ad28
[   95.947836][ T8066]  </TASK>
[   96.025927][  T840] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[   96.113756][   T40] audit: type=1400 audit(1754585712.907:413): avc:  denied  { setopt } for  pid=8081 comm="syz.5.696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   96.172378][   T40] audit: type=1400 audit(1754585712.967:414): avc:  denied  { write } for  pid=8089 comm="syz.0.699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   96.177096][  T840] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   96.183621][  T840] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   96.186507][  T840] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   96.189001][  T840] usb 7-1: Product: syz
[   96.190322][  T840] usb 7-1: Manufacturer: syz
[   96.191776][  T840] usb 7-1: SerialNumber: syz
[   96.194075][ T4251] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[   96.345269][ T4251] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   96.348376][ T4251] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   96.351413][ T4251] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   96.357057][ T4251] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   96.359879][ T4251] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   96.362463][ T4251] usb 6-1: Product: syz
[   96.363804][ T4251] usb 6-1: Manufacturer: syz
[   96.365487][ T4251] usb 6-1: SerialNumber: syz
[   96.404532][  T840] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 17 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   96.572600][ T4251] usblp 6-1:1.0: usblp1: USB Unidirectional printer dev 15 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   96.658414][ T8094] block nbd2: NBD_DISCONNECT
[   96.661916][    C1] usblp0: nonzero write bulk status received: -71
[   96.662041][ T6041] usb 7-1: USB disconnect, device number 17
[   96.667671][ T6041] usblp0: removed
[   96.776523][ T4251] usb 6-1: USB disconnect, device number 15
[   96.780436][ T4251] usblp1: removed
[   96.882480][   T40] audit: type=1400 audit(1754585713.677:415): avc:  denied  { map } for  pid=8104 comm="syz.0.705" path="/286/file0" dev="tmpfs" ino=1493 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   97.185340][   T40] audit: type=1400 audit(1754585713.987:416): avc:  denied  { map } for  pid=8121 comm="syz.5.710" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   97.346140][ T8140] nbd: must specify a device to reconfigure
[   97.463914][   T10] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[   97.503924][ T4251] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[   97.613947][   T10] usb 7-1: Using ep0 maxpacket: 16
[   97.617268][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.621437][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.625383][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   97.630286][   T10] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   97.633805][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.638163][   T10] usb 7-1: config 0 descriptor??
[   97.653888][ T4251] usb 10-1: Using ep0 maxpacket: 8
[   97.656717][ T4251] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[   97.659272][ T4251] usb 10-1: config 0 has no interface number 0
[   97.661271][ T4251] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   97.665730][ T4251] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[   97.669324][ T4251] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   97.672735][ T4251] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[   97.677054][ T4251] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[   97.679884][ T4251] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.683585][ T4251] usb 10-1: config 0 descriptor??
[   97.688369][ T4251] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[   97.815807][ T8142] __nla_validate_parse: 4 callbacks suppressed
[   97.815818][ T8142] netlink: 72 bytes leftover after parsing attributes in process `syz.1.718'.
[   97.821919][ T8142] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[   97.954030][ T4251] usb 10-1: USB disconnect, device number 11
[   97.957808][ T4251] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[   98.083924][ T6041] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[   98.235208][ T6041] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   98.240823][ T6041] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   98.243692][ T6041] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   98.246406][ T6041] usb 6-1: Product: syz
[   98.247884][ T6041] usb 6-1: Manufacturer: syz
[   98.249368][ T6041] usb 6-1: SerialNumber: syz
[   98.256542][ T8133] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.260146][ T8133] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.272218][   T10] usbhid 7-1:0.0: can't add hid device: -71
[   98.274729][   T10] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[   98.278748][   T10] usb 7-1: USB disconnect, device number 18
[   98.461781][ T6041] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   98.524129][ T8154] FAULT_INJECTION: forcing a failure.
[   98.524129][ T8154] name failslab, interval 1, probability 0, space 0, times 0
[   98.528090][ T8154] CPU: 1 UID: 0 PID: 8154 Comm: syz.5.722 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[   98.528105][ T8154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.528111][ T8154] Call Trace:
[   98.528115][ T8154]  <TASK>
[   98.528120][ T8154]  dump_stack_lvl+0x16c/0x1f0
[   98.528140][ T8154]  should_fail_ex+0x512/0x640
[   98.528153][ T8154]  should_failslab+0xc2/0x120
[   98.528167][ T8154]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   98.528179][ T8154]  ? skb_clone+0x190/0x3f0
[   98.528197][ T8154]  skb_clone+0x190/0x3f0
[   98.528213][ T8154]  netlink_deliver_tap+0xabd/0xd30
[   98.528233][ T8154]  netlink_unicast+0x64c/0x870
[   98.528244][ T8154]  ? __pfx_netlink_unicast+0x10/0x10
[   98.528254][ T8154]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   98.528275][ T8154]  netlink_sendmsg+0x8d1/0xdd0
[   98.528287][ T8154]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.528302][ T8154]  ____sys_sendmsg+0xa98/0xc70
[   98.528315][ T8154]  ? copy_msghdr_from_user+0x10a/0x160
[   98.528330][ T8154]  ? __pfx_____sys_sendmsg+0x10/0x10
[   98.528348][ T8154]  ___sys_sendmsg+0x134/0x1d0
[   98.528365][ T8154]  ? __pfx____sys_sendmsg+0x10/0x10
[   98.528393][ T8154]  ? __mutex_unlock_slowpath+0x100/0x800
[   98.528439][ T8154]  __sys_sendmsg+0x16d/0x220
[   98.528455][ T8154]  ? __pfx___sys_sendmsg+0x10/0x10
[   98.528480][ T8154]  do_syscall_64+0xcd/0x4c0
[   98.528491][ T8154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.528502][ T8154] RIP: 0033:0x7f11d578ebe9
[   98.528511][ T8154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.528521][ T8154] RSP: 002b:00007f11d39f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   98.528531][ T8154] RAX: ffffffffffffffda RBX: 00007f11d59b5fa0 RCX: 00007f11d578ebe9
[   98.528538][ T8154] RDX: 0000000024044884 RSI: 0000200000000300 RDI: 0000000000000003
[   98.528544][ T8154] RBP: 00007f11d39f6090 R08: 0000000000000000 R09: 0000000000000000
[   98.528550][ T8154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.528556][ T8154] R13: 00007f11d59b6038 R14: 00007f11d59b5fa0 R15: 00007ffce639ad28
[   98.528569][ T8154]  </TASK>
[   98.655439][ T8159] netlink: 12 bytes leftover after parsing attributes in process `syz.5.725'.
[   98.713103][ T8166] block nbd1: NBD_DISCONNECT
[   98.718969][    C2] usblp0: nonzero write bulk status received: -71
[   98.719125][ T4251] usb 6-1: USB disconnect, device number 16
[   98.725973][ T4251] usblp0: removed
[   98.733167][ T8169] netlink: 24 bytes leftover after parsing attributes in process `syz.5.727'.
[   98.738087][ T8169] netlink: 24 bytes leftover after parsing attributes in process `syz.5.727'.
[   99.043962][   T10] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[   99.203928][   T10] usb 7-1: Using ep0 maxpacket: 8
[   99.207648][   T10] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   99.211656][   T10] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[   99.216156][   T10] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[   99.220424][   T10] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[   99.225004][   T10] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   99.228496][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.238067][   T10] hub 7-1:1.0: bad descriptor, ignoring hub
[   99.240421][   T10] hub 7-1:1.0: probe with driver hub failed with error -5
[   99.243788][   T10] cdc_wdm 7-1:1.0: skipping garbage
[   99.246033][   T10] cdc_wdm 7-1:1.0: skipping garbage
[   99.249530][   T10] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[   99.251841][   T10] cdc_wdm 7-1:1.0: Unknown control protocol
[   99.264745][ T8180] netlink: 256 bytes leftover after parsing attributes in process `syz.1.731'.
[   99.319540][ T8184] netlink: 12 bytes leftover after parsing attributes in process `syz.0.735'.
[   99.322004][   T40] kauditd_printk_skb: 6 callbacks suppressed
[   99.322015][   T40] audit: type=1400 audit(1754585716.117:423): avc:  denied  { bind } for  pid=8185 comm="syz.1.734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   99.377750][   T40] audit: type=1400 audit(1754585716.177:424): avc:  denied  { ioctl } for  pid=8185 comm="syz.1.734" path="socket:[21340]" dev="sockfs" ino=21340 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   99.418422][ T8189] nbd: couldn't find device at index -1605786504
[   99.614084][  T840] usb 7-1: USB disconnect, device number 19
[  100.149875][ T8198] netlink: 28 bytes leftover after parsing attributes in process `syz.1.745'.
[  100.157769][ T8202] FAULT_INJECTION: forcing a failure.
[  100.157769][ T8202] name failslab, interval 1, probability 0, space 0, times 0
[  100.161888][ T8202] CPU: 2 UID: 0 PID: 8202 Comm: syz.5.738 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[  100.161903][ T8202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.161909][ T8202] Call Trace:
[  100.161915][ T8202]  <TASK>
[  100.161919][ T8202]  dump_stack_lvl+0x16c/0x1f0
[  100.161940][ T8202]  should_fail_ex+0x512/0x640
[  100.161952][ T8202]  should_failslab+0xc2/0x120
[  100.161966][ T8202]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  100.161978][ T8202]  ? skb_clone+0x190/0x3f0
[  100.161996][ T8202]  skb_clone+0x190/0x3f0
[  100.162012][ T8202]  netlink_deliver_tap+0xabd/0xd30
[  100.162032][ T8202]  netlink_unicast+0x71f/0x870
[  100.162044][ T8202]  ? __pfx_netlink_unicast+0x10/0x10
[  100.162054][ T8202]  ? genl_rcv_msg+0x4bb/0x800
[  100.162069][ T8202]  netlink_ack+0x696/0xb80
[  100.162082][ T8202]  netlink_rcv_skb+0x332/0x420
[  100.162092][ T8202]  ? __pfx_genl_rcv_msg+0x10/0x10
[  100.162104][ T8202]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  100.162120][ T8202]  ? netlink_deliver_tap+0x1ae/0xd30
[  100.162138][ T8202]  genl_rcv+0x28/0x40
[  100.162147][ T8202]  netlink_unicast+0x5a7/0x870
[  100.162159][ T8202]  ? __pfx_netlink_unicast+0x10/0x10
[  100.162169][ T8202]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  100.162189][ T8202]  netlink_sendmsg+0x8d1/0xdd0
[  100.162201][ T8202]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.162216][ T8202]  ____sys_sendmsg+0xa98/0xc70
[  100.162230][ T8202]  ? copy_msghdr_from_user+0x10a/0x160
[  100.162245][ T8202]  ? __pfx_____sys_sendmsg+0x10/0x10
[  100.162263][ T8202]  ___sys_sendmsg+0x134/0x1d0
[  100.162280][ T8202]  ? __pfx____sys_sendmsg+0x10/0x10
[  100.162308][ T8202]  ? __mutex_unlock_slowpath+0x100/0x800
[  100.162329][ T8202]  __sys_sendmsg+0x16d/0x220
[  100.162345][ T8202]  ? __pfx___sys_sendmsg+0x10/0x10
[  100.162370][ T8202]  do_syscall_64+0xcd/0x4c0
[  100.162381][ T8202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.162392][ T8202] RIP: 0033:0x7f11d578ebe9
[  100.162402][ T8202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.162412][ T8202] RSP: 002b:00007f11d39f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.162422][ T8202] RAX: ffffffffffffffda RBX: 00007f11d59b5fa0 RCX: 00007f11d578ebe9
[  100.162428][ T8202] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  100.162434][ T8202] RBP: 00007f11d39f6090 R08: 0000000000000000 R09: 0000000000000000
[  100.162440][ T8202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.162446][ T8202] R13: 00007f11d59b6038 R14: 00007f11d59b5fa0 R15: 00007ffce639ad28
[  100.162459][ T8202]  </TASK>
[  100.262174][ T8209] netlink: 4 bytes leftover after parsing attributes in process `syz.0.741'.
[  100.291639][ T8212] binder: 8211:8212 ioctl c00c620f 200000000400 returned -22
[  100.423981][  T840] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  100.482048][ T8216] netlink: 12 bytes leftover after parsing attributes in process `syz.0.744'.
[  100.587731][  T840] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  100.594873][  T840] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  100.597826][  T840] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  100.600708][  T840] usb 6-1: Product: syz
[  100.602226][  T840] usb 6-1: Manufacturer: syz
[  100.604005][  T840] usb 6-1: SerialNumber: syz
[  100.613516][   T40] audit: type=1400 audit(1754585717.407:425): avc:  denied  { bind } for  pid=8228 comm="syz.0.749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  100.811033][  T840] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 17 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  101.065969][ T8237] block nbd1: NBD_DISCONNECT
[  101.068748][   T40] audit: type=1400 audit(1754585717.867:426): avc:  denied  { write } for  pid=8238 comm="syz.2.753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  101.078144][    C1] usblp0: nonzero write bulk status received: -71
[  101.080374][ T6048] usb 6-1: USB disconnect, device number 17
[  101.083950][ T6048] usblp0: removed
[  101.155295][ T8239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.753'.
[  101.230618][ T8251] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.233146][ T8251] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.236326][ T8251] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.248740][ T8257] syz.2.759: attempt to access beyond end of device
[  101.248740][ T8257] loop2: rw=0, sector=2, nr_sectors = 2 limit=0
[  101.253178][ T8257] MINIX-fs: unable to read superblock
[  101.257308][ T8256] syz.2.759: attempt to access beyond end of device
[  101.257308][ T8256] loop2: rw=0, sector=2, nr_sectors = 2 limit=0
[  101.262216][ T8256] MINIX-fs: unable to read superblock
[  101.384403][   T40] audit: type=1400 audit(1754585718.187:427): avc:  denied  { create } for  pid=8268 comm="syz.2.764" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  101.402049][ T8270] FAULT_INJECTION: forcing a failure.
[  101.402049][ T8270] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.403626][ T8269] SELinux: ebitmap: truncated map
[  101.406178][ T8270] CPU: 1 UID: 0 PID: 8270 Comm: syz.2.764 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[  101.406193][ T8270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  101.406199][ T8270] Call Trace:
[  101.406203][ T8270]  <TASK>
[  101.406207][ T8270]  dump_stack_lvl+0x16c/0x1f0
[  101.406227][ T8270]  should_fail_ex+0x512/0x640
[  101.406239][ T8270]  _copy_to_user+0x32/0xd0
[  101.406252][ T8270]  simple_read_from_buffer+0xcb/0x170
[  101.406265][ T8270]  proc_fail_nth_read+0x197/0x240
[  101.406278][ T8270]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  101.406292][ T8270]  ? rw_verify_area+0xcf/0x6c0
[  101.406308][ T8270]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  101.406320][ T8270]  vfs_read+0x1e1/0xc60
[  101.406332][ T8270]  ? __pfx___mutex_lock+0x10/0x10
[  101.406342][ T8270]  ? __pfx_vfs_read+0x10/0x10
[  101.406357][ T8270]  ? __fget_files+0x20e/0x3c0
[  101.406367][ T8270]  ? ktime_get_ts64+0x160/0x400
[  101.406387][ T8270]  ksys_read+0x12a/0x250
[  101.406397][ T8270]  ? __pfx_ksys_read+0x10/0x10
[  101.406412][ T8270]  do_syscall_64+0xcd/0x4c0
[  101.406423][ T8270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.406433][ T8270] RIP: 0033:0x7fa685f8d5fc
[  101.406442][ T8270] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  101.406452][ T8270] RSP: 002b:00007fa686d88030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  101.406463][ T8270] RAX: ffffffffffffffda RBX: 00007fa6861b5fa0 RCX: 00007fa685f8d5fc
[  101.406469][ T8270] RDX: 000000000000000f RSI: 00007fa686d880a0 RDI: 0000000000000009
[  101.406475][ T8270] RBP: 00007fa686d88090 R08: 0000000000000000 R09: 0000000000000000
[  101.406481][ T8270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.406487][ T8270] R13: 00007fa6861b6038 R14: 00007fa6861b5fa0 R15: 00007ffd1d7588c8
[  101.406500][ T8270]  </TASK>
[  101.490496][ T8269] SELinux: failed to load policy
[  101.594023][ T8286] FAULT_INJECTION: forcing a failure.
[  101.594023][ T8286] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.598083][ T8286] CPU: 3 UID: 0 PID: 8286 Comm: syz.5.769 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[  101.598098][ T8286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  101.598104][ T8286] Call Trace:
[  101.598108][ T8286]  <TASK>
[  101.598112][ T8286]  dump_stack_lvl+0x16c/0x1f0
[  101.598147][ T8286]  should_fail_ex+0x512/0x640
[  101.598168][ T8286]  _copy_from_iter+0x29f/0x16f0
[  101.598187][ T8286]  ? __alloc_skb+0x200/0x380
[  101.598213][ T8286]  ? __pfx__copy_from_iter+0x10/0x10
[  101.598230][ T8286]  ? cap_capable+0xb3/0x250
[  101.598249][ T8286]  netlink_sendmsg+0x829/0xdd0
[  101.598262][ T8286]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.598277][ T8286]  ____sys_sendmsg+0xa98/0xc70
[  101.598290][ T8286]  ? copy_msghdr_from_user+0x10a/0x160
[  101.598306][ T8286]  ? __pfx_____sys_sendmsg+0x10/0x10
[  101.598324][ T8286]  ___sys_sendmsg+0x134/0x1d0
[  101.598340][ T8286]  ? __pfx____sys_sendmsg+0x10/0x10
[  101.598368][ T8286]  ? __mutex_unlock_slowpath+0x100/0x800
[  101.598390][ T8286]  __sys_sendmsg+0x16d/0x220
[  101.598406][ T8286]  ? __pfx___sys_sendmsg+0x10/0x10
[  101.598431][ T8286]  do_syscall_64+0xcd/0x4c0
[  101.598442][ T8286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.598453][ T8286] RIP: 0033:0x7f11d578ebe9
[  101.598462][ T8286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.598473][ T8286] RSP: 002b:00007f11d39f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.598486][ T8286] RAX: ffffffffffffffda RBX: 00007f11d59b5fa0 RCX: 00007f11d578ebe9
[  101.598493][ T8286] RDX: 0000000000008010 RSI: 0000200000000140 RDI: 0000000000000003
[  101.598499][ T8286] RBP: 00007f11d39f6090 R08: 0000000000000000 R09: 0000000000000000
[  101.598505][ T8286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.598511][ T8286] R13: 00007f11d59b6038 R14: 00007f11d59b5fa0 R15: 00007ffce639ad28
[  101.598524][ T8286]  </TASK>
[  101.664778][    C3] vkms_vblank_simulate: vblank timer overrun
[  101.874409][    C3] ip6_tunnel: ip6gretap0: Local routing loop detected!
[  101.885597][   T40] audit: type=1400 audit(1754585718.687:428): avc:  denied  { connect } for  pid=8299 comm="syz.1.775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  101.928522][ T8304] batadv_slave_1: entered promiscuous mode
[  101.935637][ T8303] batadv_slave_1: left promiscuous mode
[  102.208047][ T6041] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  102.324958][ T8328] input: syz0 as /devices/virtual/input/input9
[  102.355750][ T6041] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  102.361418][ T6041] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  102.364817][ T6041] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  102.367400][ T6041] usb 6-1: Product: syz
[  102.368796][ T6041] usb 6-1: Manufacturer: syz
[  102.370384][ T6041] usb 6-1: SerialNumber: syz
[  102.577722][ T6041] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  102.639406][   T40] audit: type=1400 audit(1754585719.437:429): avc:  denied  { map } for  pid=8351 comm="syz.5.798" path="time:[4026531834]" dev="nsfs" ino=4026531834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  102.649464][   T40] audit: type=1400 audit(1754585719.437:430): avc:  denied  { ioctl } for  pid=8351 comm="syz.5.798" path="time:[4026531834]" dev="nsfs" ino=4026531834 ioctlcmd=0x1501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  102.688154][   T40] audit: type=1400 audit(1754585719.487:431): avc:  denied  { listen } for  pid=8355 comm="syz.5.800" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  102.694213][   T40] audit: type=1400 audit(1754585719.487:432): avc:  denied  { read } for  pid=8355 comm="syz.5.800" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  102.811997][ T8363] FAULT_INJECTION: forcing a failure.
[  102.811997][ T8363] name failslab, interval 1, probability 0, space 0, times 0
[  102.816930][ T8363] CPU: 3 UID: 0 PID: 8363 Comm: syz.5.803 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[  102.816947][ T8363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  102.816954][ T8363] Call Trace:
[  102.816959][ T8363]  <TASK>
[  102.816963][ T8363]  dump_stack_lvl+0x16c/0x1f0
[  102.816984][ T8363]  should_fail_ex+0x512/0x640
[  102.817009][ T8363]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  102.817029][ T8363]  should_failslab+0xc2/0x120
[  102.817042][ T8363]  __kmalloc_cache_noprof+0x6a/0x3e0
[  102.817060][ T8363]  ? ipv6_add_dev+0x64a/0x15f0
[  102.817075][ T8363]  ipv6_add_dev+0x64a/0x15f0
[  102.817090][ T8363]  ipv6_find_idev+0x192/0x220
[  102.817103][ T8363]  addrconf_add_dev+0x31/0x1c0
[  102.817116][ T8363]  addrconf_init_auto_addrs+0x201/0x810
[  102.817130][ T8363]  addrconf_notify+0x6e2/0x19e0
[  102.817146][ T8363]  ? ip6mr_device_event+0x1bc/0x230
[  102.817166][ T8363]  notifier_call_chain+0xbc/0x410
[  102.817183][ T8363]  ? __pfx_addrconf_notify+0x10/0x10
[  102.817202][ T8363]  call_netdevice_notifiers_info+0xbe/0x140
[  102.817217][ T8363]  netif_state_change+0x165/0x3b0
[  102.817229][ T8363]  ? __pfx_netif_state_change+0x10/0x10
[  102.817244][ T8363]  ? ip_tunnel_update+0x73b/0x960
[  102.817259][ T8363]  netdev_state_change+0xaa/0x240
[  102.817270][ T8363]  ip_tunnel_changelink+0x174/0x330
[  102.817285][ T8363]  ipgre_changelink+0x170/0x260
[  102.817303][ T8363]  ? __pfx_ipgre_changelink+0x10/0x10
[  102.817319][ T8363]  ? cap_capable+0xb3/0x250
[  102.817335][ T8363]  ? ns_capable+0xd7/0x110
[  102.817350][ T8363]  ? __pfx_ipgre_changelink+0x10/0x10
[  102.817368][ T8363]  rtnl_newlink+0x129b/0x2000
[  102.817390][ T8363]  ? __pfx_rtnl_newlink+0x10/0x10
[  102.817407][ T8363]  ? find_held_lock+0x2b/0x80
[  102.817423][ T8363]  ? avc_has_perm_noaudit+0x117/0x3b0
[  102.817443][ T8363]  ? avc_has_perm_noaudit+0x149/0x3b0
[  102.817474][ T8363]  ? find_held_lock+0x2b/0x80
[  102.817486][ T8363]  ? __pfx_rtnl_newlink+0x10/0x10
[  102.817503][ T8363]  ? __pfx_rtnl_newlink+0x10/0x10
[  102.817519][ T8363]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  102.817530][ T8363]  ? __pfx_rtnl_newlink+0x10/0x10
[  102.817548][ T8363]  rtnetlink_rcv_msg+0x95e/0xe90
[  102.817559][ T8363]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  102.817574][ T8363]  ? ref_tracker_free+0x37c/0x830
[  102.817592][ T8363]  netlink_rcv_skb+0x158/0x420
[  102.817604][ T8363]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  102.817615][ T8363]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  102.817631][ T8363]  ? netlink_deliver_tap+0x1ae/0xd30
[  102.817652][ T8363]  netlink_unicast+0x5a7/0x870
[  102.817664][ T8363]  ? __pfx_netlink_unicast+0x10/0x10
[  102.817680][ T8363]  netlink_sendmsg+0x8d1/0xdd0
[  102.817694][ T8363]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.817710][ T8363]  ____sys_sendmsg+0xa98/0xc70
[  102.817723][ T8363]  ? copy_msghdr_from_user+0x10a/0x160
[  102.817740][ T8363]  ? __pfx_____sys_sendmsg+0x10/0x10
[  102.817760][ T8363]  ___sys_sendmsg+0x134/0x1d0
[  102.817778][ T8363]  ? __pfx____sys_sendmsg+0x10/0x10
[  102.817808][ T8363]  ? __mutex_unlock_slowpath+0x100/0x800
[  102.817831][ T8363]  __sys_sendmsg+0x16d/0x220
[  102.817849][ T8363]  ? __pfx___sys_sendmsg+0x10/0x10
[  102.817876][ T8363]  do_syscall_64+0xcd/0x4c0
[  102.817888][ T8363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.817900][ T8363] RIP: 0033:0x7f11d578ebe9
[  102.817909][ T8363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.817921][ T8363] RSP: 002b:00007f11d39f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.817931][ T8363] RAX: ffffffffffffffda RBX: 00007f11d59b5fa0 RCX: 00007f11d578ebe9
[  102.817938][ T8363] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[  102.817944][ T8363] RBP: 00007f11d39f6090 R08: 0000000000000000 R09: 0000000000000000
[  102.817950][ T8363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.817955][ T8363] R13: 00007f11d59b6038 R14: 00007f11d59b5fa0 R15: 00007ffce639ad28
[  102.817969][ T8363]  </TASK>
[  102.948696][ T8364] block nbd1: NBD_DISCONNECT
[  102.957359][    C3] usblp0: nonzero write bulk status received: -71
[  102.957964][ T6041] usb 6-1: USB disconnect, device number 18
[  102.969555][ T6041] usblp0: removed
[  103.433654][ T8380] __nla_validate_parse: 16 callbacks suppressed
[  103.433666][ T8380] netlink: 12 bytes leftover after parsing attributes in process `syz.0.807'.
[  103.538734][ T8390] netlink: 'syz.1.812': attribute type 3 has an invalid length.
[  103.547224][ T8388] netlink: 'syz.0.811': attribute type 10 has an invalid length.
[  103.603450][ T8388] wlan1: mtu less than device minimum
[  103.605564][ T8388] : (slave wlan1): Error -22 calling dev_set_mtu
[  103.687277][ T8394] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  103.693947][ T8397] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  103.701985][ T8397] CIFS mount error: No usable UNC path provided in device string!
[  103.701985][ T8397] 
[  103.705972][ T8397] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  104.063912][   T61] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  104.215629][   T61] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  104.222194][   T61] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  104.226147][   T61] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  104.229264][   T61] usb 6-1: Product: syz
[  104.230915][   T61] usb 6-1: Manufacturer: syz
[  104.232754][   T61] usb 6-1: SerialNumber: syz
[  104.449052][   T61] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 19 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  104.464265][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  104.464275][   T40] audit: type=1400 audit(1754585721.257:438): avc:  denied  { create } for  pid=8423 comm="syz.2.824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  104.487691][ T8426] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket pid=8426 comm=syz.2.825
[  104.530628][   T40] audit: type=1400 audit(1754585721.327:439): avc:  denied  { write } for  pid=8427 comm="syz.2.826" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  104.538049][   T40] audit: type=1400 audit(1754585721.327:440): avc:  denied  { open } for  pid=8427 comm="syz.2.826" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  104.547281][   T40] audit: type=1400 audit(1754585721.327:441): avc:  denied  { ioctl } for  pid=8427 comm="syz.2.826" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  104.690839][ T5978] Bluetooth: hci2: connection err: -111
[  104.702262][ T8440] block nbd1: NBD_DISCONNECT
[  104.708846][    C3] usblp0: nonzero write bulk status received: -71
[  104.715324][ T4251] usb 6-1: USB disconnect, device number 19
[  104.724640][ T4251] usblp0: removed
[  105.002398][ T8461] netlink: 'syz.5.837': attribute type 5 has an invalid length.
[  105.078899][ T8467] af_packet: tpacket_rcv: packet too big, clamped from 60 to 4294967272. macoff=96
[  105.459001][   T40] audit: type=1400 audit(1754585722.257:442): avc:  denied  { read } for  pid=8476 comm="syz.5.843" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  105.459199][ T8477] program syz.5.843 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  105.545689][   T40] audit: type=1400 audit(1754585722.347:443): avc:  denied  { setattr } for  pid=8483 comm="syz.5.847" name="tty1" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  105.663945][   T61] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  105.664425][ T8500] fuse: Bad value for 'group_id'
[  105.668607][ T8500] fuse: Bad value for 'group_id'
[  105.677026][   T40] audit: type=1400 audit(1754585722.477:444): avc:  denied  { ioctl } for  pid=8499 comm="syz.0.854" path="socket:[22793]" dev="sockfs" ino=22793 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[  105.752524][ T8505] batman_adv: batadv0: Adding interface: dummy0
[  105.754726][ T8505] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.762499][ T8505] batman_adv: batadv0: Interface activated: dummy0
[  105.769174][ T8505] batadv0: mtu less than device minimum
[  105.771464][ T8505] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.775428][ T8505] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.779165][ T8505] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.782887][ T8505] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.786640][ T8505] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.790364][ T8505] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.794138][ T8505] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.815335][   T61] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  105.822088][   T61] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  105.825725][   T61] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  105.828892][   T61] usb 6-1: Product: syz
[  105.830635][   T61] usb 6-1: Manufacturer: syz
[  105.832490][   T61] usb 6-1: SerialNumber: syz
[  105.958435][   T40] audit: type=1400 audit(1754585722.757:445): avc:  denied  { setopt } for  pid=8509 comm="syz.5.857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  105.964485][   T40] audit: type=1400 audit(1754585722.757:446): avc:  denied  { read } for  pid=8509 comm="syz.5.857" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  106.038574][   T61] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 20 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  106.299623][ T8515] block nbd1: NBD_DISCONNECT
[  106.303728][    C1] usblp0: nonzero write bulk status received: -71
[  106.304631][   T10] usb 6-1: USB disconnect, device number 20
[  106.310060][   T10] usblp0: removed
[  106.541650][   T40] audit: type=1400 audit(1754585723.337:447): avc:  denied  { read } for  pid=8525 comm="syz.5.863" path="socket:[24907]" dev="sockfs" ino=24907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  106.698030][ T8537] netlink: 24 bytes leftover after parsing attributes in process `syz.5.863'.
[  106.725439][ T8539] netlink: 8 bytes leftover after parsing attributes in process `syz.5.867'.
[  106.734068][  T842] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  106.869510][ T8549] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.904778][ T8551] netlink: 'syz.1.872': attribute type 10 has an invalid length.
[  106.907344][ T8551] netlink: 40 bytes leftover after parsing attributes in process `syz.1.872'.
[  106.915874][ T8551] team0: Port device geneve0 added
[  106.946366][ T8549] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.997252][  T842] usb 7-1: unable to get BOS descriptor or descriptor too short
[  106.999793][  T842] usb 7-1: no configurations
[  107.001327][  T842] usb 7-1: can't read configurations, error -22
[  107.046163][ T8549] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.103501][ T8549] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.176618][   T46] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.184303][   T46] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.190991][   T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.198153][   T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.406472][ T8562] netlink: 'syz.1.876': attribute type 10 has an invalid length.
[  107.410433][ T8562] bond0: (slave wlan1): Opening slave failed
[  107.475951][ T8567] netlink: 8 bytes leftover after parsing attributes in process `syz.1.878'.
[  107.554801][ T8576] ipvlan2: entered promiscuous mode
[  107.557258][ T8576] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  107.618487][ T8583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.886'.
[  107.620127][ T8585] random: crng reseeded on system resumption
[  107.623526][ T8586] netlink: 4 bytes leftover after parsing attributes in process `syz.2.887'.
[  107.627307][ T8586] bridge_slave_1: left allmulticast mode
[  107.629140][ T8586] bridge_slave_1: left promiscuous mode
[  107.631039][ T8586] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.637765][ T8586] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.872998][ T8604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.895'.
[  107.882933][ T8604] trusted_key: syz.1.895 sent an empty control message without MSG_MORE.
[  107.978933][ T8614] netlink: 'syz.5.898': attribute type 15 has an invalid length.
[  107.981387][ T8614] netlink: 24 bytes leftover after parsing attributes in process `syz.5.898'.
[  108.014132][ T8618] netlink: 24 bytes leftover after parsing attributes in process `syz.5.900'.
[  108.036356][ T8618] FAULT_INJECTION: forcing a failure.
[  108.036356][ T8618] name failslab, interval 1, probability 0, space 0, times 0
[  108.040928][ T8618] CPU: 3 UID: 0 PID: 8618 Comm: syz.5.900 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[  108.040943][ T8618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.040950][ T8618] Call Trace:
[  108.040954][ T8618]  <TASK>
[  108.040958][ T8618]  dump_stack_lvl+0x16c/0x1f0
[  108.040978][ T8618]  should_fail_ex+0x512/0x640
[  108.040989][ T8618]  ? __kmalloc_noprof+0xbf/0x510
[  108.041001][ T8618]  ? __list_lru_init+0xe8/0x4c0
[  108.041010][ T8618]  should_failslab+0xc2/0x120
[  108.041023][ T8618]  __kmalloc_noprof+0xd2/0x510
[  108.041033][ T8618]  ? lockdep_init_map_type+0x5c/0x280
[  108.041045][ T8618]  __list_lru_init+0xe8/0x4c0
[  108.041056][ T8618]  alloc_super+0x904/0xbd0
[  108.041071][ T8618]  sget_fc+0x116/0xc20
[  108.041081][ T8618]  ? __pfx_set_anon_super_fc+0x10/0x10
[  108.041099][ T8618]  ? __pfx_mqueue_fill_super+0x10/0x10
[  108.041116][ T8618]  get_tree_nodev+0x28/0x190
[  108.041128][ T8618]  mqueue_get_tree+0xf1/0x130
[  108.041144][ T8618]  vfs_get_tree+0x8e/0x340
[  108.041160][ T8618]  fc_mount_longterm+0x18/0x160
[  108.041177][ T8618]  mq_init_ns+0x426/0x620
[  108.041190][ T8618]  copy_ipcs+0x383/0x610
[  108.041200][ T8618]  ? copy_utsname+0xab/0x470
[  108.041213][ T8618]  create_new_namespaces+0x20a/0xa90
[  108.041227][ T8618]  ? security_capable+0x7e/0x260
[  108.041240][ T8618]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  108.041256][ T8618]  ksys_unshare+0x45b/0xa40
[  108.041272][ T8618]  ? __pfx_ksys_unshare+0x10/0x10
[  108.041287][ T8618]  ? ksys_write+0x1ac/0x250
[  108.041302][ T8618]  __x64_sys_unshare+0x31/0x40
[  108.041317][ T8618]  do_syscall_64+0xcd/0x4c0
[  108.041328][ T8618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.041339][ T8618] RIP: 0033:0x7f11d578ebe9
[  108.041348][ T8618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.041359][ T8618] RSP: 002b:00007f11d39f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  108.041369][ T8618] RAX: ffffffffffffffda RBX: 00007f11d59b5fa0 RCX: 00007f11d578ebe9
[  108.041375][ T8618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006a040000
[  108.041381][ T8618] RBP: 00007f11d39f6090 R08: 0000000000000000 R09: 0000000000000000
[  108.041387][ T8618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.041393][ T8618] R13: 00007f11d59b6038 R14: 00007f11d59b5fa0 R15: 00007ffce639ad28
[  108.041406][ T8618]  </TASK>
[  108.063349][ T8623] fuse: Unknown parameter '0x000000000000000c00000000000000000000014'
[  108.097597][ T8626] input: syz1 as /devices/virtual/input/input10
[  108.142140][ T8625] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  108.288510][ T8637] gretap0: entered promiscuous mode
[  108.294352][ T8637] net_ratelimit: 12 callbacks suppressed
[  108.294361][ T8637] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  108.303324][ T8637] tipc: Started in network mode
[  108.305072][ T8637] tipc: Node identity 4, cluster identity 4711
[  108.307017][ T8637] tipc: Node number set to 4
[  108.362321][ T8642] syz.5.907 (8642) used greatest stack depth: 19576 bytes left
[  108.663917][ T6048] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  108.664717][ T8658] qnx6: Unknown parameter 'nl80211'
[  108.681460][ T8658] syz.1.914: attempt to access beyond end of device
[  108.681460][ T8658] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0
[  108.686846][ T8658] syz.1.914: attempt to access beyond end of device
[  108.686846][ T8658] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0
[  108.690862][ T8658] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  108.693926][ T8658] syz.1.914: attempt to access beyond end of device
[  108.693926][ T8658] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0
[  108.697903][ T8658] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  108.700931][ T8658] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  108.703289][ T8658] UDF-fs: Scanning with blocksize 1024 failed
[  108.705465][ T8656] nbd1: detected capacity change from 0 to 10
[  108.708605][ T8658] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  108.712557][ T8658] block nbd1: Send control failed (result -89)
[  108.714759][ T8658] block nbd1: Request send failed, requeueing
[  108.717767][ T5979] block nbd1: Receive control failed (result -32)
[  108.718664][  T149] block nbd1: Dead connection, failed to find a fallback
[  108.722632][  T149] block nbd1: shutting down sockets
[  108.724513][  T149] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.727565][ T8658] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=1, location=1
[  108.727769][ T6923] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.734281][ T6923] Buffer I/O error on dev nbd1, logical block 0, async page read
[  108.737247][ T6923] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.740056][ T6923] Buffer I/O error on dev nbd1, logical block 1, async page read
[  108.743033][ T6923] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.746155][ T6923] Buffer I/O error on dev nbd1, logical block 0, async page read
[  108.748613][ T6923] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.751423][ T6923] Buffer I/O error on dev nbd1, logical block 1, async page read
[  108.753994][ T6923] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.756804][ T6923] Buffer I/O error on dev nbd1, logical block 0, async page read
[  108.759243][ T6923] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.762030][ T6923] Buffer I/O error on dev nbd1, logical block 1, async page read
[  108.764622][ T6923] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.767416][ T6923] Buffer I/O error on dev nbd1, logical block 0, async page read
[  108.769879][ T6923] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.772681][ T6923] Buffer I/O error on dev nbd1, logical block 1, async page read
[  108.775216][ T6923] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  108.778019][ T6923] Buffer I/O error on dev nbd1, logical block 0, async page read
[  108.780451][ T6923] Buffer I/O error on dev nbd1, logical block 1, async page read
[  108.784585][ T8658] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=0, location=0
[  108.784700][ T6923] ldm_validate_partition_table(): Disk read failed.
[  108.787609][ T8658] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  108.790431][ T6923] Dev nbd1: unable to read RDB block 0
[  108.792438][ T8658] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  108.792449][ T8658] UDF-fs: Scanning with blocksize 2048 failed
[  108.793050][ T8658] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  108.795110][ T6923]  nbd1: unable to read partition table
[  108.799031][ T8658] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=0, location=0
[  108.799275][ T6923] nbd1: partition table beyond EOD, 
[  108.802197][ T8658] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  108.803934][ T6923] truncated
[  108.812595][ T8658] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  108.813346][ T6923] ldm_validate_partition_table(): Disk read failed.
[  108.815008][ T8658] UDF-fs: Scanning with blocksize 4096 failed
[  108.815016][ T8658] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[  108.821935][ T6923] Dev nbd1: unable to read RDB block 0
[  108.823810][ T6923]  nbd1: unable to read partition table
[  108.826505][ T6923] nbd1: partition table beyond EOD, truncated
[  108.831931][ T6048] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  108.839049][ T6048] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  108.841897][ T6048] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  108.853877][ T6048] usb 10-1: Product: syz
[  108.855231][ T6048] usb 10-1: Manufacturer: syz
[  108.856750][ T6048] usb 10-1: SerialNumber: syz
[  108.871233][ T8669] netlink: 76 bytes leftover after parsing attributes in process `syz.1.919'.
[  109.058601][ T8684] capability: warning: `syz.0.923' uses deprecated v2 capabilities in a way that may be insecure
[  109.064264][ T6048] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  109.165336][ T8693] netlink: 'syz.2.926': attribute type 10 has an invalid length.
[  109.177376][ T5978] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  109.220744][ T8697] FAULT_INJECTION: forcing a failure.
[  109.220744][ T8697] name failslab, interval 1, probability 0, space 0, times 0
[  109.224950][ T8697] CPU: 3 UID: 0 PID: 8697 Comm: syz.2.926 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[  109.224965][ T8697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  109.224972][ T8697] Call Trace:
[  109.224975][ T8697]  <TASK>
[  109.224979][ T8697]  dump_stack_lvl+0x16c/0x1f0
[  109.224999][ T8697]  should_fail_ex+0x512/0x640
[  109.225009][ T8697]  ? __kmalloc_noprof+0xbf/0x510
[  109.225022][ T8697]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  109.225035][ T8697]  should_failslab+0xc2/0x120
[  109.225048][ T8697]  __kmalloc_noprof+0xd2/0x510
[  109.225061][ T8697]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  109.225076][ T8697]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  109.225089][ T8697]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  109.225106][ T8697]  ? bpf_lsm_capable+0x9/0x10
[  109.225121][ T8697]  ? security_capable+0x7e/0x260
[  109.225133][ T8697]  ? ns_capable+0xd7/0x110
[  109.225147][ T8697]  genl_rcv_msg+0x55c/0x800
[  109.225160][ T8697]  ? __pfx_genl_rcv_msg+0x10/0x10
[  109.225171][ T8697]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  109.225185][ T8697]  ? __pfx_nl80211_new_interface+0x10/0x10
[  109.225198][ T8697]  ? __pfx_nl80211_post_doit+0x10/0x10
[  109.225213][ T8697]  netlink_rcv_skb+0x158/0x420
[  109.225223][ T8697]  ? __pfx_genl_rcv_msg+0x10/0x10
[  109.225235][ T8697]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  109.225250][ T8697]  ? netlink_deliver_tap+0x1ae/0xd30
[  109.225268][ T8697]  genl_rcv+0x28/0x40
[  109.225278][ T8697]  netlink_unicast+0x5a7/0x870
[  109.225290][ T8697]  ? __pfx_netlink_unicast+0x10/0x10
[  109.225303][ T8697]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  109.225333][ T8697]  netlink_sendmsg+0x8d1/0xdd0
[  109.225350][ T8697]  ? __pfx_netlink_sendmsg+0x10/0x10
[  109.225372][ T8697]  ____sys_sendmsg+0xa98/0xc70
[  109.225385][ T8697]  ? copy_msghdr_from_user+0x10a/0x160
[  109.225400][ T8697]  ? __pfx_____sys_sendmsg+0x10/0x10
[  109.225418][ T8697]  ___sys_sendmsg+0x134/0x1d0
[  109.225435][ T8697]  ? __pfx____sys_sendmsg+0x10/0x10
[  109.225463][ T8697]  ? __mutex_unlock_slowpath+0x100/0x800
[  109.225484][ T8697]  __sys_sendmsg+0x16d/0x220
[  109.225500][ T8697]  ? __pfx___sys_sendmsg+0x10/0x10
[  109.225527][ T8697]  ? fput+0x9b/0xd0
[  109.225543][ T8697]  do_syscall_64+0xcd/0x4c0
[  109.225554][ T8697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.225565][ T8697] RIP: 0033:0x7fa685f8ebe9
[  109.225574][ T8697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.225584][ T8697] RSP: 002b:00007fa686d67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  109.225594][ T8697] RAX: ffffffffffffffda RBX: 00007fa6861b6090 RCX: 00007fa685f8ebe9
[  109.225601][ T8697] RDX: 0000000024044884 RSI: 0000200000000300 RDI: 0000000000000003
[  109.225607][ T8697] RBP: 00007fa686d67090 R08: 0000000000000000 R09: 0000000000000000
[  109.225613][ T8697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.225619][ T8697] R13: 00007fa6861b6128 R14: 00007fa6861b6090 R15: 00007ffd1d7588c8
[  109.225632][ T8697]  </TASK>
[  109.234057][ T8699] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.925'.
[  109.320670][ T8703] block nbd5: NBD_DISCONNECT
[  109.346968][    C1] usblp0: nonzero write bulk status received: -71
[  109.347229][ T6029] usb 10-1: USB disconnect, device number 12
[  109.354265][ T6029] usblp0: removed
[  109.372965][ T8708] netlink: 24 bytes leftover after parsing attributes in process `syz.1.929'.
[  109.454781][ T8714] qnx6: Unknown parameter 'nl80211'
[  109.464191][ T8702] nbd2: detected capacity change from 0 to 10
[  109.469506][ T6923] block nbd2: Send control failed (result -89)
[  109.472039][ T6923] block nbd2: Request send failed, requeueing
[  109.476770][ T5978] block nbd2: Receive control failed (result -32)
[  109.478933][  T155] block nbd2: Dead connection, failed to find a fallback
[  109.481690][  T155] block nbd2: shutting down sockets
[  109.484662][ T6923] ldm_validate_partition_table(): Disk read failed.
[  109.486958][ T6923] Dev nbd2: unable to read RDB block 0
[  109.489410][ T6923]  nbd2: unable to read partition table
[  109.491246][ T6923] nbd2: partition table beyond EOD, truncated
[  109.495583][ T8702] ldm_validate_partition_table(): Disk read failed.
[  109.498005][ T8702] Dev nbd2: unable to read RDB block 0
[  109.499940][ T8702]  nbd2: unable to read partition table
[  109.501790][ T8702] nbd2: partition table beyond EOD, truncated
[  109.504322][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  109.505910][ T6923] ldm_validate_partition_table(): Disk read failed.
[  109.507403][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=4, location=4
[  109.510133][ T6923] Dev nbd2: unable to read RDB block 0
[  109.512257][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=3, location=3
[  109.514645][ T6923]  nbd2: unable to read partition table
[  109.517041][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2, location=2
[  109.518855][ T6923] nbd2: partition table beyond EOD, truncated
[  109.521624][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  109.526493][ T8702] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  109.528861][ T8702] UDF-fs: Scanning with blocksize 1024 failed
[  109.531156][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  109.534271][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1, location=1
[  109.537196][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=0, location=0
[  109.540086][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  109.543036][ T8702] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  109.545878][ T8702] UDF-fs: Scanning with blocksize 2048 failed
[  109.548089][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  109.551156][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=0, location=0
[  109.554137][ T8702] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  109.557102][ T8702] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  109.559466][ T8702] UDF-fs: Scanning with blocksize 4096 failed
[  109.561444][ T8702] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[  109.599134][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  109.599144][   T40] audit: type=1400 audit(1754585726.397:466): avc:  denied  { nlmsg_read } for  pid=8716 comm="syz.2.932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  109.607700][   T40] audit: type=1400 audit(1754585726.397:467): avc:  denied  { ioctl } for  pid=8716 comm="syz.2.932" path="socket:[23293]" dev="sockfs" ino=23293 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  109.635110][ T8718] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  109.663070][ T8725] netlink: 24 bytes leftover after parsing attributes in process `syz.2.933'.
[  109.687638][ T8725] __vm_enough_memory: pid: 8725, comm: syz.2.933, bytes: 21200587841536 not enough memory for the allocation
[  109.815096][ T8735] netlink: 100 bytes leftover after parsing attributes in process `syz.1.938'.
[  109.819506][ T8735] netlink: 'syz.1.938': attribute type 10 has an invalid length.
[  109.821944][ T8735] netlink: 40 bytes leftover after parsing attributes in process `syz.1.938'.
[  109.849399][ T8738] netlink: 'syz.1.939': attribute type 2 has an invalid length.
[  109.908058][ T8744] syz.1.947: attempt to access beyond end of device
[  109.908058][ T8744] nbd1: rw=2048, sector=0, nr_sectors = 8 limit=0
[  109.912240][ T8744] SQUASHFS error: Failed to read block 0x0: -5
[  109.914923][ T8744] unable to read squashfs_super_block
[  109.970091][ T8748] netlink: 256 bytes leftover after parsing attributes in process `syz.1.943'.
[  109.971537][ T8749] qnx6: Unknown parameter 'nl80211'
[  109.997351][ T8749] /dev/nbd0: Can't lookup blockdev
[  110.024478][ T8753] netlink: 'syz.0.945': attribute type 10 has an invalid length.
[  110.027116][ T8753] wlan1: mtu less than device minimum
[  110.028950][ T8753] : (slave wlan1): Error -22 calling dev_set_mtu
[  110.041444][   T40] audit: type=1400 audit(1754585726.837:468): avc:  denied  { connect } for  pid=8754 comm="syz.1.946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  110.042004][ T8755] netlink: 16 bytes leftover after parsing attributes in process `syz.1.946'.
[  110.051544][ T8755] netlink: 16 bytes leftover after parsing attributes in process `syz.1.946'.
[  110.114816][ T8761] netlink: 'syz.0.948': attribute type 16 has an invalid length.
[  110.117277][ T8761] netlink: 'syz.0.948': attribute type 17 has an invalid length.
[  110.155807][ T8761] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.166718][ T8761] dummy0: left allmulticast mode
[  110.206360][ T8761] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  110.212178][ T8761] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  110.270727][ T8761] macsec1: left promiscuous mode
[  110.272355][ T8761] macsec1: left allmulticast mode
[  110.275659][   T13] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.278436][   T13] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.281170][   T13] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.284413][   T13] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  110.313923][ T6029] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  110.465641][ T6029] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  110.471241][ T6029] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  110.474227][ T6029] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  110.476758][ T6029] usb 6-1: Product: syz
[  110.478114][ T6029] usb 6-1: Manufacturer: syz
[  110.479588][ T6029] usb 6-1: SerialNumber: syz
[  110.673129][ T8770] syzkaller0: entered promiscuous mode
[  110.675430][ T8770] syzkaller0: entered allmulticast mode
[  110.686800][ T6029] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 21 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  110.853878][ T8775] netlink: 8 bytes leftover after parsing attributes in process `syz.5.954'.
[  110.944477][ T8780] block nbd1: NBD_DISCONNECT
[  110.960920][    C2] usblp0: nonzero write bulk status received: -71
[  110.961105][ T6029] usb 6-1: USB disconnect, device number 21
[  110.966422][ T6029] usblp0: removed
[  111.095724][ T8785] nbd5: detected capacity change from 0 to 10
[  111.098733][ T8785] qnx6: Unknown parameter 'nl80211'
[  111.101152][ T6923] block nbd5: Send control failed (result -89)
[  111.103162][ T6923] block nbd5: Request send failed, requeueing
[  111.105952][ T5978] block nbd5: Receive control failed (result -32)
[  111.106036][   T67] block nbd5: Dead connection, failed to find a fallback
[  111.110335][   T67] block nbd5: shutting down sockets
[  111.112661][ T6923] ldm_validate_partition_table(): Disk read failed.
[  111.115129][ T6923] Dev nbd5: unable to read RDB block 0
[  111.117163][ T6923]  nbd5: unable to read partition table
[  111.119051][ T6923] nbd5: partition table beyond EOD, truncated
[  111.130873][ T8783] ldm_validate_partition_table(): Disk read failed.
[  111.133197][ T8783] Dev nbd5: unable to read RDB block 0
[  111.135881][ T8783]  nbd5: unable to read partition table
[  111.137726][ T8783] nbd5: partition table beyond EOD, truncated
[  111.140403][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  111.143689][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=4, location=4
[  111.145569][ T6923] ldm_validate_partition_table(): Disk read failed.
[  111.146758][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=3, location=3
[  111.149467][ T6923] Dev nbd5: unable to read RDB block 0
[  111.151622][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2, location=2
[  111.153805][ T6923]  nbd5: unable to read partition table
[  111.156200][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  111.156213][ T8783] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[  111.156220][ T8783] UDF-fs: Scanning with blocksize 1024 failed
[  111.156494][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  111.158258][ T6923] nbd5: partition table beyond EOD, 
[  111.161058][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1, location=1
[  111.163422][ T6923] truncated
[  111.165522][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=0, location=0
[  111.177084][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  111.180069][ T8783] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[  111.182414][ T8783] UDF-fs: Scanning with blocksize 2048 failed
[  111.185139][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  111.188213][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=0, location=0
[  111.191127][ T8783] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  111.194151][ T8783] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[  111.196519][ T8783] UDF-fs: Scanning with blocksize 4096 failed
[  111.198415][ T8783] UDF-fs: warning (device nbd5): udf_fill_super: No partition found (1)
[  111.557178][ T8787] veth1_vlan: left promiscuous mode
[  111.564958][ T8787] netlink: 'syz.1.958': attribute type 2 has an invalid length.
[  111.619502][ T8798] Invalid logical block size (2)
[  111.652758][ T5978] Bluetooth: hci4: unknown advertising packet type: 0x82
[  111.652803][ T5978] Bluetooth: hci4: Malformed LE Event: 0x02
[  111.768713][ T8819] FAULT_INJECTION: forcing a failure.
[  111.768713][ T8819] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.772872][ T8819] CPU: 1 UID: 0 PID: 8819 Comm: syz.1.970 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[  111.772887][ T8819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.772894][ T8819] Call Trace:
[  111.772898][ T8819]  <TASK>
[  111.772902][ T8819]  dump_stack_lvl+0x16c/0x1f0
[  111.772922][ T8819]  should_fail_ex+0x512/0x640
[  111.772934][ T8819]  _copy_from_user+0x2e/0xd0
[  111.772947][ T8819]  drm_mode_atomic_ioctl+0x633/0x25f0
[  111.772967][ T8819]  ? avc_has_extended_perms+0x47c/0x1090
[  111.772985][ T8819]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  111.772999][ T8819]  ? __lock_acquire+0xb97/0x1ce0
[  111.773025][ T8819]  ? drm_is_current_master+0x2c/0x40
[  111.773040][ T8819]  ? do_raw_spin_unlock+0x172/0x230
[  111.773053][ T8819]  drm_ioctl_kernel+0x1f4/0x3e0
[  111.773064][ T8819]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  111.773079][ T8819]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  111.773094][ T8819]  drm_ioctl+0x5c9/0xc30
[  111.773106][ T8819]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  111.773121][ T8819]  ? __pfx_drm_ioctl+0x10/0x10
[  111.773137][ T8819]  ? selinux_file_ioctl+0x180/0x270
[  111.773150][ T8819]  ? selinux_file_ioctl+0xb4/0x270
[  111.773164][ T8819]  ? __pfx_drm_ioctl+0x10/0x10
[  111.773175][ T8819]  __x64_sys_ioctl+0x18e/0x210
[  111.773193][ T8819]  do_syscall_64+0xcd/0x4c0
[  111.773204][ T8819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.773215][ T8819] RIP: 0033:0x7f1fb878ebe9
[  111.773224][ T8819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.773235][ T8819] RSP: 002b:00007f1fb9683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  111.773246][ T8819] RAX: ffffffffffffffda RBX: 00007f1fb89b5fa0 RCX: 00007f1fb878ebe9
[  111.773252][ T8819] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 000000000000000c
[  111.773258][ T8819] RBP: 00007f1fb9683090 R08: 0000000000000000 R09: 0000000000000000
[  111.773264][ T8819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  111.773270][ T8819] R13: 00007f1fb89b6038 R14: 00007f1fb89b5fa0 R15: 00007fff50434858
[  111.773283][ T8819]  </TASK>
[  111.870009][   T40] audit: type=1400 audit(1754585728.667:469): avc:  denied  { watch } for  pid=8822 comm="syz.0.973" path="/361/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=1892 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  111.883924][   T40] audit: type=1400 audit(1754585728.667:470): avc:  denied  { watch_sb watch_reads } for  pid=8822 comm="syz.0.973" path="/361/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=1892 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  111.893966][  T842] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  111.995805][ T8840] netlink: 'syz.0.978': attribute type 10 has an invalid length.
[  111.998494][ T8840] wlan1: mtu less than device minimum
[  112.000247][ T8840] : (slave wlan1): Error -22 calling dev_set_mtu
[  112.045510][  T842] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  112.051239][  T842] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  112.054889][  T842] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  112.057398][  T842] usb 7-1: Product: syz
[  112.058711][  T842] usb 7-1: Manufacturer: syz
[  112.060165][  T842] usb 7-1: SerialNumber: syz
[  112.104596][    C0] ip6_tunnel: ip6gretap0 xmit: Routing loop! Remote address found on this node!
[  112.184316][ T4251] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  112.265761][  T842] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  112.333879][ T4251] usb 6-1: Using ep0 maxpacket: 8
[  112.336700][ T4251] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  112.339707][ T4251] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  112.342689][ T4251] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  112.346108][ T4251] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  112.350192][ T4251] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  112.352988][ T4251] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.520066][ T8857] block nbd2: NBD_DISCONNECT
[  112.524755][    C3] usblp0: nonzero write bulk status received: -71
[  112.524882][  T841] usb 7-1: USB disconnect, device number 22
[  112.531749][  T841] usblp0: removed
[  112.560608][ T8839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.563386][ T8839] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.566528][ T4251] usb 6-1: GET_CAPABILITIES returned 0
[  112.568428][ T4251] usbtmc 6-1:16.0: can't read capabilities
[  112.590984][   T40] audit: type=1400 audit(1754585729.387:471): avc:  denied  { connect } for  pid=8861 comm="syz.0.987" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  112.698640][   T40] audit: type=1400 audit(1754585729.497:472): avc:  denied  { listen } for  pid=8865 comm="syz.0.989" lport=54535 faddr=::ffff:172.30.0.1 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  112.767164][ T8839] netlink: 'syz.1.979': attribute type 4 has an invalid length.
[  112.771130][ T8839] misc userio: Invalid payload size
[  112.773783][  T842] usb 6-1: USB disconnect, device number 22
[  112.848543][ T8879] tmpfs: Unknown parameter 'nÌÁ…?'
[  113.075309][   T40] audit: type=1400 audit(1754585729.877:473): avc:  denied  { create } for  pid=8888 comm="syz.2.996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  113.079805][ T8889] openvswitch: netlink: Message has 24 unknown bytes.
[  113.083552][ T8889] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  113.088349][   T40] audit: type=1400 audit(1754585729.887:474): avc:  denied  { setopt } for  pid=8888 comm="syz.2.996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  113.098054][   T40] audit: type=1400 audit(1754585729.897:475): avc:  denied  { ioctl } for  pid=8888 comm="syz.2.996" path="socket:[25387]" dev="sockfs" ino=25387 ioctlcmd=0x89e7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  113.367404][ T8909] syzkaller1: entered allmulticast mode
[  113.452457][ T8912] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=771 sclass=netlink_route_socket pid=8912 comm=syz.1.1003
[  113.483142][ T8915] tipc: Started in network mode
[  113.484960][ T8915] tipc: Node identity 7e8cac3d2a97, cluster identity 4711
[  113.487296][ T8915] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  113.490135][ T8915] syzkaller0: entered promiscuous mode
[  113.491924][ T8915] syzkaller0: entered allmulticast mode
[  113.504200][ T8915] tipc: Resetting bearer <eth:syzkaller0>
[  113.507080][ T8917] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode balance-alb(6)
[  113.511544][ T8914] tipc: Resetting bearer <eth:syzkaller0>
[  113.521527][ T8914] tipc: Disabling bearer <eth:syzkaller0>
[  113.556356][ T8923] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  113.637808][ T8931] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[  113.766520][ T8941] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  114.584278][ T8967] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  114.726272][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  114.726283][   T40] audit: type=1400 audit(1754585731.527:479): avc:  denied  { execute } for  pid=8973 comm="syz.5.1027" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  115.490891][ T8993] __nla_validate_parse: 11 callbacks suppressed
[  115.490903][ T8993] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1034'.
[  115.715056][   T40] audit: type=1400 audit(1754585732.517:480): avc:  denied  { accept } for  pid=9011 comm="syz.1.1039" lport=35874 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  115.722123][   T40] audit: type=1400 audit(1754585732.517:481): avc:  denied  { write } for  pid=9011 comm="syz.1.1039" lport=35874 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  115.730685][   T40] audit: type=1400 audit(1754585732.517:482): avc:  denied  { setopt } for  pid=9011 comm="syz.1.1039" lport=35874 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  115.772205][ T9025] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1039'.
[  116.314273][ T9036] capability: warning: `syz.0.1048' uses 32-bit capabilities (legacy support in use)
[  116.322750][ T5978] Bluetooth: hci3: Malformed Event: 0x02
[  116.635804][   T40] audit: type=1400 audit(1754585733.437:483): avc:  denied  { watch } for  pid=9051 comm="syz.5.1053" path=2F6D656D66643A2D263A0A2DB25D3B0FB2864E563626B83D945A7DFA577EAE8788EADED93D2D01202864656C6574656429 dev="tmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  116.645296][   T40] audit: type=1326 audit(1754585733.437:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.5.1053" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d578ebe9 code=0x7ffc0000
[  116.652316][   T40] audit: type=1326 audit(1754585733.437:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.5.1053" exe="/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f11d578ebe9 code=0x7ffc0000
[  116.659476][   T40] audit: type=1326 audit(1754585733.437:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.5.1053" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d578ebe9 code=0x7ffc0000
[  116.666707][   T40] audit: type=1326 audit(1754585733.437:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.5.1053" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f11d578ebe9 code=0x7ffc0000
[  116.673744][   T40] audit: type=1326 audit(1754585733.437:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9051 comm="syz.5.1053" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d578ebe9 code=0x7ffc0000
[  116.813122][ T5978] Bluetooth: hci4: unexpected event for opcode 0x0809
[  116.974750][ T9085] netlink: 'syz.2.1066': attribute type 1 has an invalid length.
[  116.977294][ T9085] netlink: 228 bytes leftover after parsing attributes in process `syz.2.1066'.
[  117.021016][ T9090] 8021q: adding VLAN 0 to HW filter on device bond2
[  117.024430][ T9090] bond0: (slave bond2): Enslaving as an active interface with an up link
[  117.078764][ T9100] block device autoloading is deprecated and will be removed.
[  117.111177][ T9103] IPVS: length: 152 != 8
[  117.125068][ T5978] Bluetooth: hci3: Malformed HCI Event
[  117.152868][ T9110] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1076'.
[  117.159752][ T9110] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1076'.
[  117.233795][ T9122] 8021q: adding VLAN 0 to HW filter on device bond1
[  117.239181][ T9122] bond0: (slave bond1): Enslaving as an active interface with an up link
[  117.625627][   T34] ------------[ cut here ]------------
[  117.627515][   T34] refcount_t: underflow; use-after-free.
[  117.629504][   T34] WARNING: CPU: 3 PID: 34 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210
[  117.632346][   T34] Modules linked in:
[  117.633813][   T34] CPU: 3 UID: 0 PID: 34 Comm: kworker/3:0 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[  117.638677][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.642014][   T34] Workqueue: md_misc mddev_delayed_delete
[  117.643809][   T34] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  117.646154][   T34] Code: ff 89 de e8 a8 f0 d8 fc 84 db 0f 85 66 ff ff ff e8 bb f5 d8 fc c6 05 3c c2 b0 0b 01 90 48 c7 c7 00 80 15 8c e8 47 94 97 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 98 f5 d8 fc 0f b6 1d 17 c2 b0 0b 31
[  117.652099][   T34] RSP: 0018:ffffc900006dfc10 EFLAGS: 00010286
[  117.654220][   T34] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a3358
[  117.656712][   T34] RDX: ffff88801ead4880 RSI: ffffffff817a3365 RDI: 0000000000000001
[  117.659171][   T34] RBP: ffff888033d42130 R08: 0000000000000001 R09: 0000000000000000
[  117.661640][   T34] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888033d42134
[  117.664327][   T34] R13: dffffc0000000000 R14: ffff888033d42130 R15: ffffc900006dfd10
[  117.666811][   T34] FS:  0000000000000000(0000) GS:ffff8880d69c4000(0000) knlGS:0000000000000000
[  117.669597][   T34] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  117.671661][   T34] CR2: 000000110c4082e0 CR3: 000000000e380000 CR4: 0000000000352ef0
[  117.674373][   T34] Call Trace:
[  117.675456][   T34]  <TASK>
[  117.676412][   T34]  kobject_put+0x230/0x5a0
[  117.677829][   T34]  process_one_work+0x9cc/0x1b70
[  117.679400][   T34]  ? __pfx_disk_events_workfn+0x10/0x10
[  117.681151][   T34]  ? __pfx_process_one_work+0x10/0x10
[  117.682836][   T34]  ? assign_work+0x1a0/0x250
[  117.684585][   T34]  worker_thread+0x6c8/0xf10
[  117.686065][   T34]  ? __pfx_worker_thread+0x10/0x10
[  117.687675][   T34]  kthread+0x3c5/0x780
[  117.688974][   T34]  ? __pfx_kthread+0x10/0x10
[  117.690438][   T34]  ? rcu_is_watching+0x12/0xc0
[  117.691949][   T34]  ? __pfx_kthread+0x10/0x10
[  117.693411][   T34]  ret_from_fork+0x5d4/0x6f0
[  117.694916][   T34]  ? __pfx_kthread+0x10/0x10
[  117.696409][   T34]  ret_from_fork_asm+0x1a/0x30
[  117.697985][   T34]  </TASK>
[  117.698988][   T34] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  117.701258][   T34] CPU: 3 UID: 0 PID: 34 Comm: kworker/3:0 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[  117.704858][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.708198][   T34] Workqueue: md_misc mddev_delayed_delete
[  117.710012][   T34] Call Trace:
[  117.711245][   T34]  <TASK>
[  117.712351][   T34]  dump_stack_lvl+0x3d/0x1f0
[  117.713823][   T34]  vpanic+0x6e8/0x7a0
[  117.715104][   T34]  ? __pfx_vpanic+0x10/0x10
[  117.716597][   T34]  ? refcount_warn_saturate+0x14a/0x210
[  117.718333][   T34]  panic+0xca/0xd0
[  117.719552][   T34]  ? __pfx_panic+0x10/0x10
[  117.720995][   T34]  ? check_panic_on_warn+0x1f/0xb0
[  117.722624][   T34]  check_panic_on_warn+0xab/0xb0
[  117.724217][   T34]  __warn+0xf6/0x3c0
[  117.725796][   T34]  ? __pfx_vprintk_emit+0x10/0x10
[  117.727387][   T34]  ? refcount_warn_saturate+0x14a/0x210
[  117.729140][   T34]  report_bug+0x3c3/0x580
[  117.730525][   T34]  ? refcount_warn_saturate+0x14a/0x210
[  117.732269][   T34]  handle_bug+0x184/0x210
[  117.733638][   T34]  exc_invalid_op+0x17/0x50
[  117.735073][   T34]  asm_exc_invalid_op+0x1a/0x20
[  117.736630][   T34] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  117.738557][   T34] Code: ff 89 de e8 a8 f0 d8 fc 84 db 0f 85 66 ff ff ff e8 bb f5 d8 fc c6 05 3c c2 b0 0b 01 90 48 c7 c7 00 80 15 8c e8 47 94 97 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 98 f5 d8 fc 0f b6 1d 17 c2 b0 0b 31
[  117.744490][   T34] RSP: 0018:ffffc900006dfc10 EFLAGS: 00010286
[  117.746406][   T34] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a3358
[  117.748878][   T34] RDX: ffff88801ead4880 RSI: ffffffff817a3365 RDI: 0000000000000001
[  117.751347][   T34] RBP: ffff888033d42130 R08: 0000000000000001 R09: 0000000000000000
[  117.753814][   T34] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888033d42134
[  117.756289][   T34] R13: dffffc0000000000 R14: ffff888033d42130 R15: ffffc900006dfd10
[  117.759051][   T34]  ? __warn_printk+0x198/0x350
[  117.760588][   T34]  ? __warn_printk+0x1a5/0x350
[  117.762108][   T34]  kobject_put+0x230/0x5a0
[  117.763524][   T34]  process_one_work+0x9cc/0x1b70
[  117.765103][   T34]  ? __pfx_disk_events_workfn+0x10/0x10
[  117.766857][   T34]  ? __pfx_process_one_work+0x10/0x10
[  117.768549][   T34]  ? assign_work+0x1a0/0x250
[  117.770014][   T34]  worker_thread+0x6c8/0xf10
[  117.771476][   T34]  ? __pfx_worker_thread+0x10/0x10
[  117.773092][   T34]  kthread+0x3c5/0x780
[  117.774382][   T34]  ? __pfx_kthread+0x10/0x10
[  117.775858][   T34]  ? rcu_is_watching+0x12/0xc0
[  117.777376][   T34]  ? __pfx_kthread+0x10/0x10
[  117.778831][   T34]  ret_from_fork+0x5d4/0x6f0
[  117.780291][   T34]  ? __pfx_kthread+0x10/0x10
[  117.781750][   T34]  ret_from_fork_asm+0x1a/0x30
[  117.783262][   T34]  </TASK>
[  117.784790][   T34] Kernel Offset: disabled
[  117.786168][   T34] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:55:34  Registers:
info registers vcpu 0

CPU#0
RAX=000000485e093c22 RBX=ffff88806a423a00 RCX=00000000000006e0 RDX=0000000000000048
RSI=ffff88806a423a00 RDI=0000000000010417 RBP=0000000000010417 RSP=ffffc90000007ec8
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000019 R15=ffff88806a427c80
RIP=ffffffff81683db5 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fa686d886c0 ffffffff 00c00000
GS =0000 ffff8880d66c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b31710ff8 CR3=000000003b138000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd1d758dd6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd1d758dd6 00007ffd1d758ddc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa686012e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa686012e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa686012e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa686012e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa686012ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa686012fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa6861874a8 00007fa6861874a0 00007fa686187498 00007fa686187470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa686ced100 00007fa686187460 00007fa686187478 00007fa6861874c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa6861874b8 00007fa6861874b0 00007fa6861874a8 00007fa6861874a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000046 RBX=0000000000000001 RCX=ffffc900000f8001 RDX=0000000000000000
RSI=ffffffff8df41e57 RDI=ffffffff8c161100 RBP=0000000000000001 RSP=ffffc900000f74b8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000003 R11=000000000003d730
R12=ffffffff816ae8a4 R13=0000000000000202 R14=ffff88801daa4880 R15=ffffc900000f75cc
RIP=ffffffff8b92b3cd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d67c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c335d6b CR3=000000003466e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000003400000012 0004000000080024 0028000000300038
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000002000000000 0000000000000000 0000000000000017
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2010000600719a18 000005970000000b 0000000900000002 0000000000000445
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000001ffffffff ffffffffdf0803b8 0300080003b00301
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080003a803000800 03a0030480800800 0398030008000390 0300080003880336
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08000380030802a0 020502800404a4e6 0800010000000806 06013be800000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030 646e6f6201ffffff ffffffffffdf0802 8003200800061000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80840001e4031804 0001e00300656764 69726201ffffffff fffffffff10801d0
ZMM25=6ae8922b6ae8922b 6ae8922b6ae8922b 6ae8922b6ae8922b 6ae8922b6ae8922b 6ae8922b6ae8922b 6ae8922b6ae8922b 6ae8922b6ae8922b 6ae8922b6ae8922b
ZMM26=0d631e460d631e46 0d631e460d631e46 0d631e460d631e46 0d631e460d631e46 0d631e460d631e46 0d631e460d631e46 0d631e460d631e46 0d631e460d631e46
ZMM27=97d2a11597d2a115 97d2a11597d2a115 97d2a11597d2a115 97d2a11597d2a115 97d2a11597d2a115 97d2a11597d2a115 97d2a11597d2a115 97d2a11597d2a115
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=1f0600001f060000 1f0600001f060000 1f0600001f060000 1f0600001f060000 1f0600001f060000 1f0600001f060000 1f0600001f060000 1f0600001f060000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffff88806a627c98 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff8b95551a RDI=ffffed100d4c4f93 RBP=0000000000000000 RSP=ffffc90000648ea0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=ffffc90000648ff8
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8197c9dc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555a7ae500 ffffffff 00c00000
GS =0000 ffff8880d68c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1fb9661f98 CR3=000000003b138000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85636790 RDI=ffffffff9b106160 RBP=ffffffff9b106120 RSP=ffffc900006df528
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff3620c7e R15=dffffc0000000000
RIP=ffffffff856367b7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c4082e0 CR3=0000000064b18000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004090001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8160b9c3 ffffffff812c7548
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8160b9c3 ffffffff812c7548
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff816cb65d
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff50434d66 00007fff50434d6c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1fb8812e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1fb8812e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1fb8812e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1fb8812e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1fb8812ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1fb8812fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1fb89874a8 00007f1fb89874a0 00007f1fb8987498 00007f1fb8987470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1fb94ed100 00007f1fb8987460 00007f1f00040008 000c00130014000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1fb89874b8 00007f1fb89874b0 00007f1fb89874a8 00007f1fb89874a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000