last executing test programs:

6.49035036s ago: executing program 3 (id=1346):
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
openat$yama_ptrace_scope(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = socket$inet(0x2, 0x3, 0x5)
getsockopt$MRT(r3, 0x0, 0xcf, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, &(0x7f0000000040)=""/249, 0x46, 0xf9, 0x6}, 0x20)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x800000000000009, 0x0)
read$msr(r7, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time}], 0x38)
readv(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1)
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ES={0x5, 0xa, 0x1}, @IFLA_MACSEC_INC_SCI={0x5, 0x9, 0x1}]}}}]}, 0x44}}, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
clock_gettime(0x0, &(0x7f000001fb00))
ppoll(&(0x7f000001fa40)=[{}, {0xffffffffffffffff, 0x14}], 0x2, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x10004, 0x2, 0xd000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x2, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x9, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
close(r2)

5.641779764s ago: executing program 2 (id=1348):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x11, 0xfffffffffffffffd)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xb, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x0, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(r2, &(0x7f000000a400)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9a7e5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c64e2645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fa421a39943513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b70fa8eae6fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90}, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r2, &(0x7f0000004300)={0x50, 0x0, r5, {0x7, 0x26}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46250e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa896a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca2e3443b858efa43d53efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b11405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4af047b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec15e7e8664d7bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45e4ff75c5d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a1031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f75", 0x2000, &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0xa0, 0x0, 0x0, {{0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xee01}}}}, 0x0})
openat(0xffffffffffffff9c, &(0x7f00000006c0)='./file0/file0\x00', 0x80041, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

5.429946536s ago: executing program 3 (id=1350):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x10, &(0x7f0000000400)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000200)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6c, &(0x7f0000000340)={r2, @in={{0x2, 0x0, @loopback}}}, &(0x7f0000000d00)=0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x7a, &(0x7f00000001c0)={0x0, 0x0, "a2938c728558"}, &(0x7f0000000040)=0xe)
unshare(0xc040400)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r3, 0x29, 0x40, 0x0, 0x60)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x4e20, 0x69f1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, 0x1c)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000005100000008000300", @ANYRES32=r6], 0x24}}, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r7 = gettid()
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e030023000b02d25a806f8c6394f97324fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f00000000c0)=<r9=>0x0)
timer_gettime(r9, &(0x7f0000000180))
timer_settime(0x0, 0x0, 0x0, 0x0)
r10 = socket$tipc(0x1e, 0x5, 0x0)
r11 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r11, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r11, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$bt_hci(r10, 0x84, 0x1, &(0x7f0000002280)=""/4091, &(0x7f0000001200)=0x87d)

5.156535292s ago: executing program 3 (id=1351):
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount$9p_rdma(0x0, &(0x7f0000003640)='./bus\x00', &(0x7f0000003680), 0x0, &(0x7f00000036c0)=ANY=[@ANYBLOB='trans='])

5.092329465s ago: executing program 3 (id=1352):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x80000003)
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
r1 = dup2(r0, r0)
read$FUSE(r1, &(0x7f0000004380)={0x2020}, 0x2020)
read$FUSE(r1, &(0x7f0000000180)={0x2020}, 0x2020)
recvmsg$unix(r1, &(0x7f0000000040)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000003540)=[{&(0x7f00000021c0)=""/155, 0x9b}, {&(0x7f0000002280)=""/93, 0x5d}, {&(0x7f0000002300)=""/231, 0xe7}, {&(0x7f0000002400)=""/133, 0x85}, {&(0x7f00000024c0)=""/94, 0x5e}, {&(0x7f0000002540)=""/4096, 0x1000}], 0x6}, 0x10022)

3.916036137s ago: executing program 2 (id=1356):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067000000050000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x10, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
add_key(&(0x7f0000000100)='big_key\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="6e0c9b6b38d8854d85727d43ce556eb22c5cb5fc81ee9f9941ba0c6c60c1ab528285e82284ed3c1478e8aea7dc02172e3a9755e16789af43f35444c503b905f0f48c295eead1cb90085023fb1d3546e33e6107011b1d3963eff1de242c4d51df88ffa9ef6dded54bd702fc891616a60466b0771476907653531caff22970069d23a621056e995789b2d6982d03f9c70ccf029dbb31868224a803744fe50b1497de47c94a58b49784ac42a2a16cb020fe53504bef26a4bc09df87bd132ff20d29544352f2ccc6ab2fb5ab1bbf820fec0af6b091e26d0f4af751a4cec7c5ec739b29aba620d4854355ad12b4177e4792b90c005f7b4fba056e5211236d95be73f601c5186ac23f672db56762cf54bcb034f8d485103661412189d5919fe63b0179465a5026cac8a590f6b49d35e2bce1876cef5625e99d3d5dbda46431f10a1e772465704e64d919ed70c0f085e74d9a9acb92dd0e85c66d1ef0681205b9b09ebec13b243bc18a0a912f3a511ada1d78030f8437f97674b02f3181b33d43cba3004bf9aa25d02bbbacec283716fd18773e3b75e431f340d11313c8689283501b78087f848ca54a3016ea180443e3e08c7fee7b1222bf36713d9468508086c8f6bef47fab5603321739203565512ff0c4d247673b6b7cb0a6644e13003fad2b8dd5db73676dd6864fe8fedbbe88ce48a52565cf476404238f4798c3464f45107a8ea93bf0c8b29bbe8c9ed55eb98891fadd2eece5c8e604472ea44a578aece6876980f880d431e5783a476ffbcadc4658f4761357333668ff890d8b33a583f61fe774cb05c93bc223742046832ac9de4f7e2f3dec915f1092174c7e1908bd155d08a666fd16e60b14f2906eace05a2763cb1b7638a52a60234c4c3ca6b2dc866ffa89f8a7bce7b3882918e028903f5bfadd98a1da11ae806faf0031ee3bcf02086bca65d3ce02bed0d96437c386c7ca345ad91080a0aadeae1f08c83c319134bf157f986a7f019581493f91f267972ccc5c6f6c9422e679866b56cf278ec2358ee779696caa04d439583be641043874375dd7782e98f359aaf7eb722aa393e3e0846c2f199f189ca83c8a3a64b3ff650fcedef52b366c6fa49e135ce98eac96ba4e2081dfb28e9234fdd9c00ad99ad9f07e1912dbede37cdccade1536c1b64f62321b40648faab1e282a01c342cb879bead9cc1a2b1ec15af2be7d34755834030768643b318e83cd4514448a8aed0c73e477eae4d6dc46e4a56e52c773377282c9dc7210e921b5ca0aa256c9d026ed0f11a00ea72896ebe0ddceae01d915a251045cd7c111a9a5ed31e4309ef3febc86ddf70f1b6d588699cd4fea874599570ddc142773c7c376688f696fd4c412bb570de5959e3174e0938cf99b791e1f4b1c5b3caf3ce36333a2d18561992644da22673938ee524a73974ca5d5d9b5fead6e84d20a479c45454ec40dc5c05d4e3236f950ff0b50d842062cfff7f51d9d68ad93ca5dbbbeb7bf624044d8a4b2e4a83a9c4d378ae187f706802b55ced5c6334f78210daffb70527aeccf1807fb2743264daa59d9e040a5c744851e880395048c15670e311e7c267a45966d89cf9f042cccf4be4fd3ca9e21a033d2a108fb318f5e392d5393a544cd7ca4e6500a819f062740cc3ecead9745116be7c9fd46b6e5afea5348ff5808ea582a8efa958537d99318c50a6dbf9eadd035c309a4f4f7ddfb95e89fa73eae672423bfbbe5b64a9626d30ee5797a49b31a46dcea377a24e02bc1a000bc09ebe03c1c7417379957cdadd93f3830e912d18c6ba302a41e5bc5127a482c9b426afa53f30302b9e1ebbaf4c85e42b418f89afc5515cfcb0b29143785e4c2146424335e16769ff526e57d419ce9742521748539371e1ac32a7d0eeff94fb07704e0d58e26c2206f1309c8d326952de382b3d8485442019730b1e2a504dd04131e7eae0e1776b8799d5f8844c90d596104dd235834e92ef086995e0e02b3472a9d264313a851ddc9f21e715cea39cafd31345caf1dc2a53e425f5bb41894285a339bcf6f233f2a9584e291bf6c047e57c0b2fba8d56f0452c9984f31f743f688e18cd3b214b890acf53a7a7e1497e4454792cde12fdf5c8856c4ade74ad49d74082f4795cdd00699e7e3b0b84cbf3955183168c92d34a68cdb7b2b032b4cbdd20d5eabbd55d2efafab0eae62c8f2f073240ffe4b165a63a42ed8cd847eca9134add6f5c16cdc6be77b4b5c8c5b477ff5163d44abfb4cadb97f36b8756b13d249c76b1b029570487aa739bda945ebcff4ea2ffb5e68b9334623e0f7466cc34288df9ed86ee5cf218ce33c5e6d91f07463b2963b9b2f228f33588124f2b57d52b288a51462c309d2823b46d5aeab356960ec766679dd391e3ef0dba9286", 0x6a0, 0xffffffffffffffff)

3.348004586s ago: executing program 1 (id=1357):
r0 = gettid()
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r1, 0x0)
accept4$x25(r1, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount$9p_rdma(0x0, &(0x7f0000003640)='./bus\x00', &(0x7f0000003680), 0x0, &(0x7f00000036c0)=ANY=[@ANYBLOB='trans='])
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r2, 0xc0045540, &(0x7f0000000040)=0x5)

3.098723269s ago: executing program 2 (id=1358):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x10, &(0x7f0000000400)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000200)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6c, &(0x7f0000000340)={r2, @in={{0x2, 0x0, @loopback}}}, &(0x7f0000000d00)=0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x7a, &(0x7f00000001c0)={0x0, 0x0, "a2938c728558"}, &(0x7f0000000040)=0xe)
unshare(0xc040400)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r3, 0x29, 0x40, 0x0, 0x60)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x4e20, 0x69f1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, 0x1c)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000005100000008000300", @ANYRES32=r6], 0x24}}, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r7 = gettid()
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e030023000b02d25a806f8c6394f97324fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f00000000c0)=<r9=>0x0)
timer_gettime(r9, &(0x7f0000000180))
timer_settime(0x0, 0x0, 0x0, 0x0)
r10 = socket$tipc(0x1e, 0x5, 0x0)
r11 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r11, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r11, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$bt_hci(r10, 0x84, 0x1, &(0x7f0000002280)=""/4091, &(0x7f0000001200)=0x87d)

2.979148484s ago: executing program 2 (id=1360):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68"], 0x0}, 0x90)
syz_usb_connect(0x0, 0x2d, &(0x7f0000001600)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001018b75000905"], 0x0)
syz_open_dev$evdev(&(0x7f0000000100), 0x4000000, 0x0) (fail_nth: 3)

2.917267243s ago: executing program 0 (id=1361):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000001c80), 0x8) (fail_nth: 3)

2.748982776s ago: executing program 0 (id=1362):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
dup(r0)
socket$l2tp6(0xa, 0x2, 0x73)
socket(0x1, 0x3, 0x0)
socket$inet(0xa, 0x801, 0x0)
socket(0x840000000002, 0x3, 0x100)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)

2.695169104s ago: executing program 0 (id=1363):
pipe(0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000007c0)=[{{0x0, 0x0, &(0x7f0000002740)=[{&(0x7f0000000780)="86", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000280)='\a', 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x2)

2.638976735s ago: executing program 0 (id=1364):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x10, &(0x7f0000000400)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000200)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6c, &(0x7f0000000340)={r2, @in={{0x2, 0x0, @loopback}}}, &(0x7f0000000d00)=0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x7a, &(0x7f00000001c0)={0x0, 0x0, "a2938c728558"}, &(0x7f0000000040)=0xe)
unshare(0xc040400)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r3, 0x29, 0x40, 0x0, 0x60)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x4e20, 0x69f1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, 0x1c)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000005100000008000300", @ANYRES32=r6], 0x24}}, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r7 = gettid()
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e030023000b02d25a806f8c6394f97324fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f00000000c0)=<r9=>0x0)
timer_gettime(r9, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
r10 = socket$tipc(0x1e, 0x5, 0x0)
r11 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r11, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r11, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$bt_hci(r10, 0x84, 0x1, &(0x7f0000002280)=""/4091, &(0x7f0000001200)=0x87d)

2.415985324s ago: executing program 1 (id=1365):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x10, &(0x7f0000000400)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000200)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6c, &(0x7f0000000340)={r2, @in={{0x2, 0x0, @loopback}}}, &(0x7f0000000d00)=0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x7a, &(0x7f00000001c0)={0x0, 0x0, "a2938c728558"}, &(0x7f0000000040)=0xe)
unshare(0xc040400)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r3, 0x29, 0x40, 0x0, 0x60)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x4e20, 0x69f1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, 0x1c)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000005100000008000300", @ANYRES32], 0x24}}, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
r6 = gettid()
r7 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e030023000b02d25a806f8c6394f97324fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f00000000c0)=<r8=>0x0)
timer_gettime(r8, &(0x7f0000000180))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
r9 = socket$tipc(0x1e, 0x5, 0x0)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r10, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r10, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$bt_hci(r9, 0x84, 0x1, &(0x7f0000002280)=""/4091, &(0x7f0000001200)=0x87d)

2.415639325s ago: executing program 3 (id=1366):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067000000050000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x10, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
add_key(&(0x7f0000000100)='big_key\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="6e0c9b6b38d8854d85727d43ce556eb22c5cb5fc81ee9f9941ba0c6c60c1ab528285e82284ed3c1478e8aea7dc02172e3a9755e16789af43f35444c503b905f0f48c295eead1cb90085023fb1d3546e33e6107011b1d3963eff1de242c4d51df88ffa9ef6dded54bd702fc891616a60466b0771476907653531caff22970069d23a621056e995789b2d6982d03f9c70ccf029dbb31868224a803744fe50b1497de47c94a58b49784ac42a2a16cb020fe53504bef26a4bc09df87bd132ff20d29544352f2ccc6ab2fb5ab1bbf820fec0af6b091e26d0f4af751a4cec7c5ec739b29aba620d4854355ad12b4177e4792b90c005f7b4fba056e5211236d95be73f601c5186ac23f672db56762cf54bcb034f8d485103661412189d5919fe63b0179465a5026cac8a590f6b49d35e2bce1876cef5625e99d3d5dbda46431f10a1e772465704e64d919ed70c0f085e74d9a9acb92dd0e85c66d1ef0681205b9b09ebec13b243bc18a0a912f3a511ada1d78030f8437f97674b02f3181b33d43cba3004bf9aa25d02bbbacec283716fd18773e3b75e431f340d11313c8689283501b78087f848ca54a3016ea180443e3e08c7fee7b1222bf36713d9468508086c8f6bef47fab5603321739203565512ff0c4d247673b6b7cb0a6644e13003fad2b8dd5db73676dd6864fe8fedbbe88ce48a52565cf476404238f4798c3464f45107a8ea93bf0c8b29bbe8c9ed55eb98891fadd2eece5c8e604472ea44a578aece6876980f880d431e5783a476ffbcadc4658f4761357333668ff890d8b33a583f61fe774cb05c93bc223742046832ac9de4f7e2f3dec915f1092174c7e1908bd155d08a666fd16e60b14f2906eace05a2763cb1b7638a52a60234c4c3ca6b2dc866ffa89f8a7bce7b3882918e028903f5bfadd98a1da11ae806faf0031ee3bcf02086bca65d3ce02bed0d96437c386c7ca345ad91080a0aadeae1f08c83c319134bf157f986a7f019581493f91f267972ccc5c6f6c9422e679866b56cf278ec2358ee779696caa04d439583be641043874375dd7782e98f359aaf7eb722aa393e3e0846c2f199f189ca83c8a3a64b3ff650fcedef52b366c6fa49e135ce98eac96ba4e2081dfb28e9234fdd9c00ad99ad9f07e1912dbede37cdccade1536c1b64f62321b40648faab1e282a01c342cb879bead9cc1a2b1ec15af2be7d34755834030768643b318e83cd4514448a8aed0c73e477eae4d6dc46e4a56e52c773377282c9dc7210e921b5ca0aa256c9d026ed0f11a00ea72896ebe0ddceae01d915a251045cd7c111a9a5ed31e4309ef3febc86ddf70f1b6d588699cd4fea874599570ddc142773c7c376688f696fd4c412bb570de5959e3174e0938cf99b791e1f4b1c5b3caf3ce36333a2d18561992644da22673938ee524a73974ca5d5d9b5fead6e84d20a479c45454ec40dc5c05d4e3236f950ff0b50d842062cfff7f51d9d68ad93ca5dbbbeb7bf624044d8a4b2e4a83a9c4d378ae187f706802b55ced5c6334f78210daffb70527aeccf1807fb2743264daa59d9e040a5c744851e880395048c15670e311e7c267a45966d89cf9f042cccf4be4fd3ca9e21a033d2a108fb318f5e392d5393a544cd7ca4e6500a819f062740cc3ecead9745116be7c9fd46b6e5afea5348ff5808ea582a8efa958537d99318c50a6dbf9eadd035c309a4f4f7ddfb95e89fa73eae672423bfbbe5b64a9626d30ee5797a49b31a46dcea377a24e02bc1a000bc09ebe03c1c7417379957cdadd93f3830e912d18c6ba302a41e5bc5127a482c9b426afa53f30302b9e1ebbaf4c85e42b418f89afc5515cfcb0b29143785e4c2146424335e16769ff526e57d419ce9742521748539371e1ac32a7d0eeff94fb07704e0d58e26c2206f1309c8d326952de382b3d8485442019730b1e2a504dd04131e7eae0e1776b8799d5f8844c90d596104dd235834e92ef086995e0e02b3472a9d264313a851ddc9f21e715cea39cafd31345caf1dc2a53e425f5bb41894285a339bcf6f233f2a9584e291bf6c047e57c0b2fba8d56f0452c9984f31f743f688e18cd3b214b890acf53a7a7e1497e4454792cde12fdf5c8856c4ade74ad49d74082f4795cdd00699e7e3b0b84cbf3955183168c92d34a68cdb7b2b032b4cbdd20d5eabbd55d2efafab0eae62c8f2f073240ffe4b165a63a42ed8cd847eca9134add6f5c16cdc6be77b4b5c8c5b477ff5163d44abfb4cadb97f36b8756b13d249c76b1b029570487aa739bda945ebcff4ea2ffb5e68b9334623e0f7466cc34288df9ed86ee5cf218ce33c5e6d91f07463b2963b9b2f228f33588124f2b57d52b288a51462c309d2823b46d5aeab356960ec766679dd391e3ef0dba9286", 0x6a0, 0xffffffffffffffff)

1.78740425s ago: executing program 3 (id=1367):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000800)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff1200000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000015000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36cd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151a8cc245cc5a4de925ca2a730a00c87c493dbfa60e63fda97a29682881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c75e0cf2f94b13ecb66d20e48d192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca78a0000000000000010c65608fda6ed5d08e7a796042aa127d8740e5787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de57f9c4af1e094fa4e3f05528c2a165996efaab5a430c08dd810bc97204b767dd969721a26aa74"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x1f2f, 0xf, 0x3ce, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000005900)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000001c0)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x4)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0x32)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000880), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(r4, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000008c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000070000000e0001006e657464657673696d0000000f000200"/46], 0x34}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_DEL(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="e0000000", @ANYRES16=r5, @ANYBLOB="020028bd7000fddbdf254d00000008000300020000000e0001006e657464657673696d0000000f0002006e657464657673696d300000a100a80046d680cf5dedfde3c68c8a4717734ab6305543353d0cd35a90a4d0f641dc97ad70865bbcbf9e86993140854d922a49e3c3dba26672cb61bb2da1900eef86cc438db0be0e2e33b7e8da35db4bede9577dc1605a717427429c74b862c9740e8209d6faf49e6981b5d8ca1b183ff9edb650f8fa3b862deaf358d9eda3e59853b05d52bc078f8a51c54a067b1af03d376022f2120c3b824e0f3c9a6ffb2cfa000000"], 0xe0}}, 0x80)
creat(&(0x7f00000002c0)='./file0\x00', 0x40)

1.715614564s ago: executing program 0 (id=1368):
r0 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000000c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "edafd7d2"}})
pipe(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000000c0)="1a00000082000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r4, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc)
r5 = syz_open_dev$vim2m(&(0x7f0000000040), 0x100000000002, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '|^b!'}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000340)=@mmap={0x0, 0x2, 0x4, 0xffffff7f, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "186856f3"}, 0x0, 0x1, {}, 0x0, 0x0, <r6=>0xffffffffffffffff})
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f00000000c0)="0b1c6840a936a0e377c392a7a3b38e1d", 0x10)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r8, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r8, 0x0)
r9 = accept$alg(r7, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r9)
setsockopt$WPAN_SECURITY_LEVEL(r1, 0x0, 0x2, &(0x7f0000000200), 0x4)
splice(r1, 0x0, r3, 0x0, 0x4ffe2, 0x0)
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000004800010000000040000000000a000000", @ANYRES32=0x0, @ANYBLOB="0000000008000200000000001400010000000000000000000000ffffac1e0001"], 0x38}}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000)=<r11=>0x0)
connect$nfc_raw(r10, &(0x7f0000000080)={0x27, r11, 0x0, 0x7}, 0x10)
ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc058565d, &(0x7f0000000140)=@multiplanar_mmap={0x8000, 0x1, 0x4, 0x20, 0x4f92, {0x0, 0xea60}, {0x3, 0x8, 0x2, 0x8, 0x2, 0x6, "4cafb4f3"}, 0x2, 0x1, {&(0x7f0000000240)=[{0x51, 0x10000, {0xfffffffffffffffe}, 0x40}, {0x214, 0x5, {}, 0x5}]}, 0x1, 0x0, r6})

1.543706631s ago: executing program 1 (id=1369):
syz_open_dev$sg(&(0x7f0000000380), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x8, 0x4, 0x4, 0x675, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@ccm_128={{0x303}, "4c649c02ce55033e", "8e398f5b97364adf5ffe73a1932848fc", "cca73fdc", "1d1c444b0a2eb27d"}, 0x28)
setsockopt$inet6_tcp_int(r0, 0x11a, 0x4, &(0x7f0000000100), 0x2)

1.541850412s ago: executing program 2 (id=1370):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xf8cf5356)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
shutdown(r1, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$snapshot(r2, &(0x7f0000000080)=""/167, 0xa7)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r3, 0x40096100, &(0x7f00000002c0))
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x3, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r5 = io_uring_setup(0x4d63, &(0x7f0000000380)={0x0, 0x0, 0x2000})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
getpid()
openat$vimc1(0xffffff9c, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@loopback, @multicast1}, 0xc)

1.502600828s ago: executing program 1 (id=1371):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0x541b, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
timer_create(0x0, 0x0, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{}, {0x0, 0x1c9c380}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480))
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000b00)=@newqdisc={0x120, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xa}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0xe0, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x42, 0x0, 0xfa, 0x2, 0x2, 0x0, 0x25e}}, {0x4}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x5, 0x3}}, {0xa, 0x2, [0xffff, 0x6, 0x1]}}, {{0x1c, 0x1, {0x0, 0x80, 0xf9c, 0x0, 0x0, 0x6, 0x8758, 0x8}}, {0x14, 0x2, [0x9, 0x7966, 0x0, 0x4d3, 0x4, 0x0, 0x67e, 0x6]}}, {{0x1c, 0x1, {0x6d, 0x3f, 0x9, 0x8001, 0x2, 0xb, 0x1}}, {0x4}}, {{0x1c, 0x1, {0x68, 0x0, 0x0, 0x0, 0x0, 0x6}}, {0x4}}, {{0x1c, 0x1, {0x6, 0x9, 0x3ff, 0x3, 0x2, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6}]}, 0x120}}, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001840)={0xffffffffffffffff, r7, 0x25, 0x0, @val=@netfilter}, 0x40)
syz_emit_ethernet(0xfdef, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000000400aaaaaaaaaabb88a80000810000008848"], 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})

653.949713ms ago: executing program 0 (id=1372):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r4=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r4}, 0x40)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x11dc0, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r3, 0x1)

558.753946ms ago: executing program 1 (id=1373):
syz_open_dev$MSR(0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000440), 0x4, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000200)=@overlay={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "12848098"}})
read$FUSE(r2, &(0x7f0000003800)={0x2020}, 0x2020)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="4000000010000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000a000100b93a59cc5aa90000140035006d616373656352000000000000000000"], 0x40}}, 0x0)
r3 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b\xba\xdf//\xdc/\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000001c0)='<', 0x1)

484.908144ms ago: executing program 1 (id=1374):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x80000003)
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
r1 = dup2(r0, r0)
read$FUSE(r1, &(0x7f0000004380)={0x2020}, 0x2020)
read$FUSE(r1, &(0x7f0000000180)={0x2020}, 0x2020)
recvmsg$unix(r1, &(0x7f0000000040)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000003540)=[{&(0x7f00000021c0)=""/155, 0x9b}, {&(0x7f0000002280)=""/93, 0x5d}, {&(0x7f0000002300)=""/231, 0xe7}, {&(0x7f0000002400)=""/133, 0x85}, {&(0x7f00000024c0)=""/94, 0x5e}, {&(0x7f0000002540)=""/4096, 0x1000}], 0x6}, 0x10022)

0s ago: executing program 2 (id=1375):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067000000050000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x10, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
add_key(&(0x7f0000000100)='big_key\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="6e0c9b6b38d8854d85727d43ce556eb22c5cb5fc81ee9f9941ba0c6c60c1ab528285e82284ed3c1478e8aea7dc02172e3a9755e16789af43f35444c503b905f0f48c295eead1cb90085023fb1d3546e33e6107011b1d3963eff1de242c4d51df88ffa9ef6dded54bd702fc891616a60466b0771476907653531caff22970069d23a621056e995789b2d6982d03f9c70ccf029dbb31868224a803744fe50b1497de47c94a58b49784ac42a2a16cb020fe53504bef26a4bc09df87bd132ff20d29544352f2ccc6ab2fb5ab1bbf820fec0af6b091e26d0f4af751a4cec7c5ec739b29aba620d4854355ad12b4177e4792b90c005f7b4fba056e5211236d95be73f601c5186ac23f672db56762cf54bcb034f8d485103661412189d5919fe63b0179465a5026cac8a590f6b49d35e2bce1876cef5625e99d3d5dbda46431f10a1e772465704e64d919ed70c0f085e74d9a9acb92dd0e85c66d1ef0681205b9b09ebec13b243bc18a0a912f3a511ada1d78030f8437f97674b02f3181b33d43cba3004bf9aa25d02bbbacec283716fd18773e3b75e431f340d11313c8689283501b78087f848ca54a3016ea180443e3e08c7fee7b1222bf36713d9468508086c8f6bef47fab5603321739203565512ff0c4d247673b6b7cb0a6644e13003fad2b8dd5db73676dd6864fe8fedbbe88ce48a52565cf476404238f4798c3464f45107a8ea93bf0c8b29bbe8c9ed55eb98891fadd2eece5c8e604472ea44a578aece6876980f880d431e5783a476ffbcadc4658f4761357333668ff890d8b33a583f61fe774cb05c93bc223742046832ac9de4f7e2f3dec915f1092174c7e1908bd155d08a666fd16e60b14f2906eace05a2763cb1b7638a52a60234c4c3ca6b2dc866ffa89f8a7bce7b3882918e028903f5bfadd98a1da11ae806faf0031ee3bcf02086bca65d3ce02bed0d96437c386c7ca345ad91080a0aadeae1f08c83c319134bf157f986a7f019581493f91f267972ccc5c6f6c9422e679866b56cf278ec2358ee779696caa04d439583be641043874375dd7782e98f359aaf7eb722aa393e3e0846c2f199f189ca83c8a3a64b3ff650fcedef52b366c6fa49e135ce98eac96ba4e2081dfb28e9234fdd9c00ad99ad9f07e1912dbede37cdccade1536c1b64f62321b40648faab1e282a01c342cb879bead9cc1a2b1ec15af2be7d34755834030768643b318e83cd4514448a8aed0c73e477eae4d6dc46e4a56e52c773377282c9dc7210e921b5ca0aa256c9d026ed0f11a00ea72896ebe0ddceae01d915a251045cd7c111a9a5ed31e4309ef3febc86ddf70f1b6d588699cd4fea874599570ddc142773c7c376688f696fd4c412bb570de5959e3174e0938cf99b791e1f4b1c5b3caf3ce36333a2d18561992644da22673938ee524a73974ca5d5d9b5fead6e84d20a479c45454ec40dc5c05d4e3236f950ff0b50d842062cfff7f51d9d68ad93ca5dbbbeb7bf624044d8a4b2e4a83a9c4d378ae187f706802b55ced5c6334f78210daffb70527aeccf1807fb2743264daa59d9e040a5c744851e880395048c15670e311e7c267a45966d89cf9f042cccf4be4fd3ca9e21a033d2a108fb318f5e392d5393a544cd7ca4e6500a819f062740cc3ecead9745116be7c9fd46b6e5afea5348ff5808ea582a8efa958537d99318c50a6dbf9eadd035c309a4f4f7ddfb95e89fa73eae672423bfbbe5b64a9626d30ee5797a49b31a46dcea377a24e02bc1a000bc09ebe03c1c7417379957cdadd93f3830e912d18c6ba302a41e5bc5127a482c9b426afa53f30302b9e1ebbaf4c85e42b418f89afc5515cfcb0b29143785e4c2146424335e16769ff526e57d419ce9742521748539371e1ac32a7d0eeff94fb07704e0d58e26c2206f1309c8d326952de382b3d8485442019730b1e2a504dd04131e7eae0e1776b8799d5f8844c90d596104dd235834e92ef086995e0e02b3472a9d264313a851ddc9f21e715cea39cafd31345caf1dc2a53e425f5bb41894285a339bcf6f233f2a9584e291bf6c047e57c0b2fba8d56f0452c9984f31f743f688e18cd3b214b890acf53a7a7e1497e4454792cde12fdf5c8856c4ade74ad49d74082f4795cdd00699e7e3b0b84cbf3955183168c92d34a68cdb7b2b032b4cbdd20d5eabbd55d2efafab0eae62c8f2f073240ffe4b165a63a42ed8cd847eca9134add6f5c16cdc6be77b4b5c8c5b477ff5163d44abfb4cadb97f36b8756b13d249c76b1b029570487aa739bda945ebcff4ea2ffb5e68b9334623e0f7466cc34288df9ed86ee5cf218ce33c5e6d91f07463b2963b9b2f228f33588124f2b57d52b288a51462c309d2823b46d5aeab356960ec766679dd391e3ef0dba9286", 0x6a0, 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

T8689]  ? selinux_file_ioctl+0xb4/0x270
[  237.872127][ T8689]  fb_ioctl+0xf1/0x160
[  237.872147][ T8689]  ? __pfx_fb_ioctl+0x10/0x10
[  237.872169][ T8689]  __x64_sys_ioctl+0x193/0x220
[  237.872192][ T8689]  do_syscall_64+0xcd/0x250
[  237.872208][ T8689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.872251][ T8689] RIP: 0033:0x7f1707377299
[  237.872265][ T8689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.872282][ T8689] RSP: 002b:00007f1708063048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  237.872300][ T8689] RAX: ffffffffffffffda RBX: 00007f1707506058 RCX: 00007f1707377299
[  237.872308][ T8689] RDX: 00000000200001c0 RSI: 0000000000004601 RDI: 0000000000000003
[  237.872316][ T8689] RBP: 00007f17080630a0 R08: 0000000000000000 R09: 0000000000000000
[  237.872327][ T8689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.872336][ T8689] R13: 000000000000006e R14: 00007f1707506058 R15: 00007fff7da13d38
[  237.872350][ T8689]  </TASK>
[  238.511052][   T39] audit: type=1400 audit(1722139557.626:566): avc:  denied  { setopt } for  pid=8698 comm="syz.2.986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  238.656292][ T8703] XFS (nullb0): Invalid superblock magic number
[  238.690256][ T8710] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  238.693405][ T8710] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  238.703617][ T8710] vhci_hcd vhci_hcd.0: Device attached
[  238.709052][ T8711] usbip_core: unknown command
[  238.711187][ T8711] vhci_hcd: unknown pdu 3020988904
[  238.749241][ T8711] usbip_core: unknown command
[  238.755484][ T1106] vhci_hcd: stop threads
[  238.757343][ T1106] vhci_hcd: release socket
[  238.759330][ T1106] vhci_hcd: disconnect device
[  238.824907][   T39] audit: type=1400 audit(1722139557.936:567): avc:  denied  { mount } for  pid=8702 comm="syz.0.988" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  238.916841][ T8718] netlink: 24 bytes leftover after parsing attributes in process `syz.1.991'.
[  239.683338][ T8729] FAULT_INJECTION: forcing a failure.
[  239.683338][ T8729] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.683408][ T8729] CPU: 2 UID: 0 PID: 8729 Comm: syz.2.993 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  239.683429][ T8729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.683447][ T8729] Call Trace:
[  239.683454][ T8729]  <TASK>
[  239.683467][ T8729]  dump_stack_lvl+0x16c/0x1f0
[  239.683499][ T8729]  should_fail_ex+0x497/0x5b0
[  239.683523][ T8729]  _copy_to_user+0x30/0xc0
[  239.683543][ T8729]  simple_read_from_buffer+0xd0/0x160
[  239.683568][ T8729]  proc_fail_nth_read+0x1b0/0x290
[  239.683589][ T8729]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.683606][ T8729]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.683625][ T8729]  vfs_read+0x1d4/0xbd0
[  239.683642][ T8729]  ? __fdget_pos+0xeb/0x180
[  239.683659][ T8729]  ? __pfx_vfs_read+0x10/0x10
[  239.683675][ T8729]  ? __pfx___mutex_lock+0x10/0x10
[  239.683692][ T8729]  ? __fget_files+0x256/0x400
[  239.683721][ T8729]  ksys_read+0x12f/0x260
[  239.683737][ T8729]  ? __pfx_ksys_read+0x10/0x10
[  239.683756][ T8729]  do_syscall_64+0xcd/0x250
[  239.683795][ T8729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.683817][ T8729] RIP: 0033:0x7f1707375d7c
[  239.683830][ T8729] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  239.683847][ T8729] RSP: 002b:00007f1708084040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  239.683867][ T8729] RAX: ffffffffffffffda RBX: 00007f1707505f80 RCX: 00007f1707375d7c
[  239.683880][ T8729] RDX: 000000000000000f RSI: 00007f17080840b0 RDI: 0000000000000005
[  239.683892][ T8729] RBP: 00007f17080840a0 R08: 0000000000000000 R09: 0000000000000000
[  239.683904][ T8729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.683915][ T8729] R13: 000000000000000b R14: 00007f1707505f80 R15: 00007fff7da13d38
[  239.683930][ T8729]  </TASK>
[  239.824934][ T8734] netlink: 32 bytes leftover after parsing attributes in process `syz.2.995'.
[  239.825410][ T8734] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  242.069954][ T8751] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  242.259681][   T39] audit: type=1400 audit(1722139561.376:568): avc:  denied  { read } for  pid=8753 comm="syz.3.1000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  242.274207][   T39] audit: type=1400 audit(1722139561.386:569): avc:  denied  { write } for  pid=8753 comm="syz.3.1000" name="uhid" dev="devtmpfs" ino=1113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  242.287450][ T8757] netlink: 'syz.3.1000': attribute type 10 has an invalid length.
[  242.318775][ T8757] batman_adv: batadv0: Adding interface: team0
[  242.322155][ T8757] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.335610][ T8757] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  242.400027][ T8752] dccp_check_seqno: Step 6 failed for RESET packet, (LSWL(128140777736043) <= P.seqno(0) <= S.SWH(128140777736117)) and (P.ackno exists or LAWL(39881893549962) <= P.ackno(39881893549963) <= S.AWH(39881893549963), sending SYNC...
[  242.858039][   T39] audit: type=1326 audit(1722139561.976:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8763 comm="syz.3.1004" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75b9977299 code=0x0
[  243.549739][ T8776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1008'.
[  243.557243][ T8776] netlink: 'syz.3.1008': attribute type 3 has an invalid length.
[  243.561763][ T8776] netlink: 196520 bytes leftover after parsing attributes in process `syz.3.1008'.
[  243.611497][   T39] audit: type=1400 audit(1722139562.726:571): avc:  denied  { create } for  pid=8773 comm="syz.1.1007" name="#f" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  243.623342][   T39] audit: type=1400 audit(1722139562.726:572): avc:  denied  { link } for  pid=8773 comm="syz.1.1007" name="#f" dev="tmpfs" ino=1360 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  243.649094][ T5343] Bluetooth: hci2: unexpected event for opcode 0x2003
[  243.655250][   T39] audit: type=1400 audit(1722139562.726:573): avc:  denied  { rename } for  pid=8773 comm="syz.1.1007" name="#10" dev="tmpfs" ino=1360 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  243.748245][ T8784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1011'.
[  243.757129][ T8784] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1011'.
[  243.760842][ T8784] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1011'.
[  243.779573][ T8781] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1009'.
[  244.338735][ T8792] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  244.857848][ T8805] tc_dump_action: action bad kind
[  244.866876][ T8805] input: syz0 as /devices/virtual/input/input13
[  245.107943][ T5378] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  245.284897][ T5378] usb 7-1: Using ep0 maxpacket: 8
[  245.289575][ T5378] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  245.292962][ T5378] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  245.297866][ T5378] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  245.302225][ T5378] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  245.306245][ T5378] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  245.311019][ T5378] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  245.315200][ T5378] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.526963][ T5378] usb 7-1: GET_CAPABILITIES returned 0
[  245.529518][ T5378] usbtmc 7-1:16.0: can't read capabilities
[  245.733902][  T831] usb 7-1: USB disconnect, device number 8
[  246.660624][ T5343] Bluetooth: hci2: unexpected event for opcode 0x1408
[  246.665386][   T39] audit: type=1400 audit(1722139565.776:574): avc:  denied  { setopt } for  pid=8836 comm="syz.1.1026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  246.879598][ T8843] netlink: 'syz.1.1028': attribute type 10 has an invalid length.
[  246.932532][ T8843] batman_adv: batadv0: Adding interface: team0
[  246.962119][ T8843] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.980219][ T8843] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  247.317910][ T8858] syz.1.1032: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  247.318721][ T8858] CPU: 0 UID: 0 PID: 8858 Comm: syz.1.1032 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  247.318745][ T8858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.318756][ T8858] Call Trace:
[  247.318765][ T8858]  <TASK>
[  247.318773][ T8858]  dump_stack_lvl+0x16c/0x1f0
[  247.318802][ T8858]  warn_alloc+0x24d/0x3a0
[  247.318830][ T8858]  ? __pfx_warn_alloc+0x10/0x10
[  247.318851][ T8858]  ? hlock_class+0x4e/0x130
[  247.318867][ T8858]  ? stack_depot_save_flags+0x28/0x8f0
[  247.318895][ T8858]  ? kasan_save_stack+0x42/0x60
[  247.318914][ T8858]  ? kasan_save_stack+0x33/0x60
[  247.318933][ T8858]  ? kasan_save_track+0x14/0x30
[  247.318952][ T8858]  ? __kasan_kmalloc+0xaa/0xb0
[  247.318972][ T8858]  ? xskq_create+0x52/0x1d0
[  247.318992][ T8858]  ? xsk_setsockopt+0x757/0xa10
[  247.319007][ T8858]  ? __sys_setsockopt+0x1a4/0x270
[  247.319022][ T8858]  ? __x64_sys_setsockopt+0xbd/0x160
[  247.319035][ T8858]  ? do_syscall_64+0xcd/0x250
[  247.319046][ T8858]  __vmalloc_node_range_noprof+0x10b8/0x1520
[  247.319066][ T8858]  ? xskq_create+0xfb/0x1d0
[  247.319077][ T8858]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  247.319092][ T8858]  ? xskq_create+0xfb/0x1d0
[  247.319103][ T8858]  vmalloc_user_noprof+0x6b/0x90
[  247.319117][ T8858]  ? xskq_create+0xfb/0x1d0
[  247.319128][ T8858]  xskq_create+0xfb/0x1d0
[  247.319140][ T8858]  xsk_setsockopt+0x757/0xa10
[  247.319155][ T8858]  ? __pfx_xsk_setsockopt+0x10/0x10
[  247.319172][ T8858]  ? find_held_lock+0x2d/0x110
[  247.319197][ T8858]  ? selinux_socket_setsockopt+0x6a/0x80
[  247.319216][ T8858]  ? __pfx_xsk_setsockopt+0x10/0x10
[  247.319235][ T8858]  do_sock_setsockopt+0x222/0x480
[  247.319261][ T8858]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  247.319287][ T8858]  ? __fget_light+0x173/0x210
[  247.319314][ T8858]  __sys_setsockopt+0x1a4/0x270
[  247.319334][ T8858]  ? __pfx___sys_setsockopt+0x10/0x10
[  247.319355][ T8858]  __x64_sys_setsockopt+0xbd/0x160
[  247.319374][ T8858]  ? do_syscall_64+0x91/0x250
[  247.319390][ T8858]  ? lockdep_hardirqs_on+0x7c/0x110
[  247.319429][ T8858]  do_syscall_64+0xcd/0x250
[  247.319446][ T8858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.319470][ T8858] RIP: 0033:0x7fe431b77299
[  247.319484][ T8858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.319499][ T8858] RSP: 002b:00007fe43297c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  247.319510][ T8858] RAX: ffffffffffffffda RBX: 00007fe431d06058 RCX: 00007fe431b77299
[  247.319518][ T8858] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000006
[  247.319526][ T8858] RBP: 00007fe431be48e6 R08: 0000000000000020 R09: 0000000000000000
[  247.319534][ T8858] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  247.319541][ T8858] R13: 000000000000006e R14: 00007fe431d06058 R15: 00007ffdc7141f58
[  247.319550][ T8858]  </TASK>
[  247.319555][ T8858] Mem-Info:
[  247.319560][ T8858] active_anon:5526 inactive_anon:0 isolated_anon:0
[  247.319560][ T8858]  active_file:5743 inactive_file:51611 isolated_file:0
[  247.319560][ T8858]  unevictable:1768 dirty:341 writeback:0
[  247.319560][ T8858]  slab_reclaimable:10301 slab_unreclaimable:71680
[  247.319560][ T8858]  mapped:20646 shmem:2305 pagetables:779
[  247.319560][ T8858]  sec_pagetables:322 bounce:0
[  247.319560][ T8858]  kernel_misc_reclaimable:0
[  247.319560][ T8858]  free:512307 free_pcp:3288 free_cma:0
[  247.319585][ T8858] Node 0 active_anon:22104kB inactive_anon:0kB active_file:22972kB inactive_file:206376kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:82584kB dirty:1364kB writeback:0kB shmem:5684kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11344kB pagetables:3116kB sec_pagetables:1288kB all_unreclaimable? no
[  247.319610][ T8858] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  247.319634][ T8858] Node 0 DMA free:15360kB boost:0kB min:328kB low:408kB high:488kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  247.319666][ T8858] lowmem_reserve[]: 0 1313 0 0 0
[  247.319686][ T8858] Node 0 DMA32 free:403360kB boost:0kB min:28924kB low:36152kB high:43380kB reserved_highatomic:0KB active_anon:22104kB inactive_anon:0kB active_file:22972kB inactive_file:206376kB unevictable:3536kB writepending:1364kB present:2080628kB managed:1372148kB mlocked:0kB bounce:0kB free_pcp:3504kB local_pcp:1024kB free_cma:0kB
[  247.319725][ T8858] lowmem_reserve[]: 0 0 0 0 0
[  247.319756][ T8858] Node 1 Normal free:1630508kB boost:0kB min:38324kB low:47904kB high:57484kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:9648kB local_pcp:2048kB free_cma:0kB
[  247.319802][ T8858] lowmem_reserve[]: 0 0 0 0 0
[  247.319835][ T8858] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  247.320012][ T8858] Node 0 DMA32: 382*4kB (UME) 477*8kB (UME) 430*16kB (UME) 468*32kB (UME) 221*64kB (UME) 98*128kB (UME) 47*256kB (UME) 31*512kB (UME) 12*1024kB (UME) 1*2048kB (M) 75*4096kB (UM) = 403328kB
[  247.320157][ T8858] Node 1 Normal: 5*4kB (UM) 5*8kB (UM) 7*16kB (UM) 16*32kB (UM) 12*64kB (UM) 5*128kB (UM) 3*256kB (U) 3*512kB (M) 6*1024kB (U) 3*2048kB (UM) 394*4096kB (M) = 1630508kB
[  247.320298][ T8858] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  247.320313][ T8858] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  247.320327][ T8858] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  247.320342][ T8858] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  247.320354][ T8858] 59657 total pagecache pages
[  247.320361][ T8858] 0 pages in swap cache
[  247.320367][ T8858] Free swap  = 123956kB
[  247.320374][ T8858] Total swap = 124996kB
[  247.320381][ T8858] 1048443 pages RAM
[  247.320387][ T8858] 0 pages HighMem/MovableOnly
[  247.320392][ T8858] 256085 pages reserved
[  247.320399][ T8858] 0 pages cma reserved
[  247.385901][ T8860] FAULT_INJECTION: forcing a failure.
[  247.385901][ T8860] name failslab, interval 1, probability 0, space 0, times 0
[  247.385930][ T8860] CPU: 2 UID: 0 PID: 8860 Comm: syz.0.1033 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  247.385951][ T8860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.385962][ T8860] Call Trace:
[  247.385968][ T8860]  <TASK>
[  247.385975][ T8860]  dump_stack_lvl+0x16c/0x1f0
[  247.386001][ T8860]  should_fail_ex+0x497/0x5b0
[  247.386025][ T8860]  should_failslab+0xc2/0x120
[  247.386048][ T8860]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  247.386069][ T8860]  ? skb_clone+0x190/0x3f0
[  247.386091][ T8860]  skb_clone+0x190/0x3f0
[  247.386112][ T8860]  netlink_deliver_tap+0xab3/0xd90
[  247.386137][ T8860]  netlink_unicast+0x6c2/0x830
[  247.386162][ T8860]  ? __pfx_netlink_unicast+0x10/0x10
[  247.386187][ T8860]  netlink_ack+0x6a8/0xb90
[  247.386212][ T8860]  netlink_rcv_skb+0x348/0x440
[  247.386235][ T8860]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  247.386257][ T8860]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  247.386283][ T8860]  ? security_capable+0x98/0xd0
[  247.386303][ T8860]  ? ns_capable+0xd7/0x110
[  247.386325][ T8860]  nfnetlink_rcv+0x1b4/0x430
[  247.386347][ T8860]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  247.386369][ T8860]  ? netlink_deliver_tap+0x1ae/0xd90
[  247.386394][ T8860]  netlink_unicast+0x544/0x830
[  247.386418][ T8860]  ? __pfx_netlink_unicast+0x10/0x10
[  247.386445][ T8860]  netlink_sendmsg+0x8b8/0xd70
[  247.386478][ T8860]  ? __pfx_netlink_sendmsg+0x10/0x10
[  247.386502][ T8860]  ? __import_iovec+0x1fd/0x6e0
[  247.386525][ T8860]  ____sys_sendmsg+0xab5/0xc90
[  247.386542][ T8860]  ? copy_msghdr_from_user+0x10b/0x160
[  247.386564][ T8860]  ? __pfx_____sys_sendmsg+0x10/0x10
[  247.386581][ T8860]  ? find_held_lock+0x2d/0x110
[  247.386607][ T8860]  ? __pfx___lock_acquire+0x10/0x10
[  247.386627][ T8860]  ___sys_sendmsg+0x135/0x1e0
[  247.386650][ T8860]  ? __pfx____sys_sendmsg+0x10/0x10
[  247.386674][ T8860]  ? ksys_write+0x21c/0x260
[  247.386693][ T8860]  ? __fget_light+0x173/0x210
[  247.386717][ T8860]  __sys_sendmsg+0x117/0x1f0
[  247.386739][ T8860]  ? __pfx___sys_sendmsg+0x10/0x10
[  247.386764][ T8860]  do_syscall_64+0xcd/0x250
[  247.386780][ T8860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.386800][ T8860] RIP: 0033:0x7f0f45b77299
[  247.386813][ T8860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.386829][ T8860] RSP: 002b:00007f0f468a3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  247.386844][ T8860] RAX: ffffffffffffffda RBX: 00007f0f45d05f80 RCX: 00007f0f45b77299
[  247.386851][ T8860] RDX: 0000000000000000 RSI: 0000000020001240 RDI: 0000000000000003
[  247.386858][ T8860] RBP: 00007f0f468a30a0 R08: 0000000000000000 R09: 0000000000000000
[  247.386864][ T8860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.386870][ T8860] R13: 000000000000000b R14: 00007f0f45d05f80 R15: 00007ffc92603f58
[  247.386878][ T8860]  </TASK>
[  247.442567][   T39] audit: type=1400 audit(1722139566.556:575): avc:  denied  { setopt } for  pid=8855 comm="syz.1.1032" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  247.449488][ T5379] IPVS: starting estimator thread 0...
[  247.476995][   T39] audit: type=1400 audit(1722139566.596:576): avc:  denied  { append } for  pid=8861 comm="syz.2.1034" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  247.575024][ T8866] IPVS: using max 23 ests per chain, 55200 per kthread
[  247.697108][ T5343] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  247.697202][ T5343] Bluetooth: hci2: Injecting HCI hardware error event
[  247.699463][ T5345] Bluetooth: hci2: hardware error 0x00
[  247.884876][   T10] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  248.027415][   T39] audit: type=1400 audit(1722139567.146:577): avc:  denied  { getattr } for  pid=8871 comm="syz.3.1036" path="net:[4026533795]" dev="nsfs" ino=4026533795 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  248.164185][ T8875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1037'.
[  248.172690][ T8875] netlink: 'syz.3.1037': attribute type 3 has an invalid length.
[  248.177201][ T8875] netlink: 196520 bytes leftover after parsing attributes in process `syz.3.1037'.
[  248.405658][   T10] usb 7-1: Using ep0 maxpacket: 32
[  248.409771][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  248.420433][   T10] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  248.424368][   T10] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  248.438120][   T10] usb 7-1: Product: syz
[  248.444947][   T10] usb 7-1: Manufacturer: syz
[  248.447165][   T10] usb 7-1: SerialNumber: syz
[  248.471649][   T10] usb 7-1: config 0 descriptor??
[  248.475192][ T8865] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  249.162645][   T39] audit: type=1400 audit(1722139568.276:578): avc:  denied  { connect } for  pid=8885 comm="syz.3.1041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  249.428166][   T39] audit: type=1400 audit(1722139568.546:579): avc:  denied  { mount } for  pid=8876 comm="syz.1.1038" name="/" dev="configfs" ino=2151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  249.429558][ T8878] overlayfs: failed to resolve './file1': -2
[  249.586467][ T8890] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1042'.
[  249.590426][ T8890] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1042'.
[  249.647331][  T832] usb 7-1: USB disconnect, device number 9
[  249.861909][   T39] audit: type=1400 audit(1722139568.976:580): avc:  denied  { unmount } for  pid=5338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  249.922468][ T8899] sctp: [Deprecated]: syz.1.1045 (pid 8899) Use of struct sctp_assoc_value in delayed_ack socket option.
[  249.922468][ T8899] Use struct sctp_sack_info instead
[  249.932411][   T39] audit: type=1400 audit(1722139569.046:581): avc:  denied  { setopt } for  pid=8898 comm="syz.1.1045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  249.950074][   T39] audit: type=1400 audit(1722139569.066:582): avc:  denied  { watch } for  pid=8898 comm="syz.1.1045" path="/269/file0" dev="9p" ino=36701658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  249.962191][   T39] audit: type=1400 audit(1722139569.076:583): avc:  denied  { watch_reads } for  pid=8898 comm="syz.1.1045" path="/269/file0" dev="9p" ino=36701658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  249.973181][   T39] audit: type=1400 audit(1722139569.076:584): avc:  denied  { associate } for  pid=8898 comm="syz.1.1045" name="bus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  249.992708][ T8901] FAULT_INJECTION: forcing a failure.
[  249.992708][ T8901] name failslab, interval 1, probability 0, space 0, times 0
[  250.013579][ T8901] CPU: 1 UID: 0 PID: 8901 Comm: syz.3.1046 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  250.017592][ T8901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  250.021752][ T8901] Call Trace:
[  250.023089][ T8901]  <TASK>
[  250.024476][ T8901]  dump_stack_lvl+0x16c/0x1f0
[  250.026577][ T8901]  should_fail_ex+0x497/0x5b0
[  250.028545][ T8901]  ? fs_reclaim_acquire+0xae/0x160
[  250.030843][ T8901]  should_failslab+0xc2/0x120
[  250.033001][ T8901]  __kmalloc_cache_noprof+0x6b/0x300
[  250.035388][ T8901]  ? alloc_pipe_info+0x10e/0x590
[  250.037598][ T8901]  alloc_pipe_info+0x10e/0x590
[  250.039733][ T8901]  ? __pfx___lock_acquire+0x10/0x10
[  250.042073][ T8901]  splice_direct_to_actor+0x79c/0xa40
[  250.044497][ T8901]  ? __pfx_direct_splice_actor+0x10/0x10
[  250.046961][ T8901]  ? inode_has_perm+0x16f/0x1d0
[  250.049114][ T8901]  ? file_has_perm+0x286/0x360
[  250.051070][ T8901]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  250.053401][ T8901]  ? __pfx_file_has_perm+0x10/0x10
[  250.055502][ T8901]  do_splice_direct+0x17e/0x250
[  250.057720][ T8901]  ? __pfx_do_splice_direct+0x10/0x10
[  250.060128][ T8901]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  250.062740][ T8901]  ? security_file_permission+0x98/0xc0
[  250.065261][ T8901]  do_sendfile+0xb1e/0xe50
[  250.067240][ T8901]  ? __pfx_do_sendfile+0x10/0x10
[  250.069487][ T8901]  __x64_sys_sendfile64+0x1da/0x220
[  250.071794][ T8901]  ? ksys_write+0x1ab/0x260
[  250.073810][ T8901]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  250.076372][ T8901]  do_syscall_64+0xcd/0x250
[  250.078339][ T8901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.080754][ T8901] RIP: 0033:0x7f75b9977299
[  250.082594][ T8901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.090687][ T8901] RSP: 002b:00007f75ba7f8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  250.094015][ T8901] RAX: ffffffffffffffda RBX: 00007f75b9b05f80 RCX: 00007f75b9977299
[  250.095054][ T5345] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  250.097445][ T8901] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  250.097462][ T8901] RBP: 00007f75ba7f80a0 R08: 0000000000000000 R09: 0000000000000000
[  250.097475][ T8901] R10: 000000008000fb00 R11: 0000000000000246 R12: 0000000000000001
[  250.097486][ T8901] R13: 000000000000000b R14: 00007f75b9b05f80 R15: 00007ffc733350a8
[  250.097502][ T8901]  </TASK>
[  250.171297][ T8905] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1047'.
[  250.176749][ T8905] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1047'.
[  250.182372][ T8905] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1047'.
[  250.318171][ T8909] netlink: 'syz.0.1049': attribute type 2 has an invalid length.
[  250.321704][ T8909] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1049'.
[  250.325749][ T8910] binder: 8906:8910 ioctl c018620b 0 returned -14
[  250.656268][ T5345] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  250.681526][ T5345] Bluetooth: hci1: Injecting HCI hardware error event
[  250.687534][ T5343] Bluetooth: hci1: hardware error 0x00
[  251.722534][ T8919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1053'.
[  252.055979][ T8935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1056'.
[  253.310609][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  253.310623][   T39] audit: type=1400 audit(1722139572.426:586): avc:  denied  { getopt } for  pid=8943 comm="syz.0.1059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  253.329153][   T39] audit: type=1400 audit(1722139572.436:587): avc:  denied  { accept } for  pid=8943 comm="syz.0.1059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  253.438004][ T8947] binder: 8945:8947 ioctl c018620b 0 returned -14
[  253.614956][ T5343] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  253.843488][ T8951] FAULT_INJECTION: forcing a failure.
[  253.843488][ T8951] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.857232][ T8951] CPU: 0 UID: 0 PID: 8951 Comm: syz.1.1062 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  253.861946][ T8951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.866733][ T8951] Call Trace:
[  253.868279][ T8951]  <TASK>
[  253.869639][ T8951]  dump_stack_lvl+0x16c/0x1f0
[  253.871789][ T8951]  should_fail_ex+0x497/0x5b0
[  253.873923][ T8951]  _copy_to_user+0x30/0xc0
[  253.875949][ T8951]  simple_read_from_buffer+0xd0/0x160
[  253.878366][ T8951]  proc_fail_nth_read+0x1b0/0x290
[  253.880646][ T8951]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  253.883135][ T8951]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  253.885600][ T8951]  vfs_read+0x1d4/0xbd0
[  253.887480][ T8951]  ? __fdget_pos+0xeb/0x180
[  253.889533][ T8951]  ? __pfx_vfs_read+0x10/0x10
[  253.891672][ T8951]  ? __pfx___mutex_lock+0x10/0x10
[  253.893956][ T8951]  ? __fget_files+0x256/0x400
[  253.896108][ T8951]  ksys_read+0x12f/0x260
[  253.898041][ T8951]  ? __pfx_ksys_read+0x10/0x10
[  253.900214][ T8951]  do_syscall_64+0xcd/0x250
[  253.902284][ T8951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.904943][ T8951] RIP: 0033:0x7fe431b75d7c
[  253.906917][ T8951] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  253.915485][ T8951] RSP: 002b:00007fe43299d040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  253.919239][ T8951] RAX: ffffffffffffffda RBX: 00007fe431d05f80 RCX: 00007fe431b75d7c
[  253.922609][ T8951] RDX: 000000000000000f RSI: 00007fe43299d0b0 RDI: 0000000000000004
[  253.925731][ T8951] RBP: 00007fe43299d0a0 R08: 0000000000000000 R09: 0000000000000000
[  253.928999][ T8951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.932470][ T8951] R13: 000000000000000b R14: 00007fe431d05f80 R15: 00007ffdc7141f58
[  253.935740][ T8951]  </TASK>
[  253.937158][    C0] vkms_vblank_simulate: vblank timer overrun
[  254.328189][   T39] audit: type=1326 audit(1722139573.446:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8952 comm="syz.1.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe431b77299 code=0x7ffc0000
[  254.366985][   T39] audit: type=1326 audit(1722139573.446:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8952 comm="syz.1.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe431b77299 code=0x7ffc0000
[  254.394011][   T39] audit: type=1326 audit(1722139573.446:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8952 comm="syz.1.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fe431b77299 code=0x7ffc0000
[  254.417500][   T39] audit: type=1326 audit(1722139573.446:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8952 comm="syz.1.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe431b77299 code=0x7ffc0000
[  254.444134][   T39] audit: type=1326 audit(1722139573.456:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8952 comm="syz.1.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe431b77299 code=0x7ffc0000
[  254.467347][   T39] audit: type=1326 audit(1722139573.456:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8952 comm="syz.1.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fe431b77299 code=0x7ffc0000
[  254.488024][   T39] audit: type=1326 audit(1722139573.456:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8952 comm="syz.1.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe431b77299 code=0x7ffc0000
[  254.509990][   T39] audit: type=1326 audit(1722139573.456:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8952 comm="syz.1.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe431b77299 code=0x7ffc0000
[  255.096509][ T8975] IPVS: rr: TCP 172.20.20.170:0 - no destination available
[  255.547189][ T8989] syz.2.1072[8989] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  255.547330][ T8989] syz.2.1072[8989] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  255.568746][ T8989] xt_l2tp: invalid flags combination: c
[  255.580576][ T8990] ªªªªªª: renamed from vlan0 (while UP)
[  255.645423][ T8993] FAULT_INJECTION: forcing a failure.
[  255.645423][ T8993] name failslab, interval 1, probability 0, space 0, times 0
[  255.650351][ T8993] CPU: 2 UID: 0 PID: 8993 Comm: syz.2.1073 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  255.665388][ T8993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.670923][ T8993] Call Trace:
[  255.672239][ T8993]  <TASK>
[  255.673319][ T8993]  dump_stack_lvl+0x16c/0x1f0
[  255.675260][ T8993]  should_fail_ex+0x497/0x5b0
[  255.677673][ T8993]  ? fs_reclaim_acquire+0xae/0x160
[  255.679932][ T8993]  should_failslab+0xc2/0x120
[  255.682016][ T8993]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  255.684430][ T8993]  ? alloc_empty_file+0x73/0x1e0
[  255.686202][ T8993]  alloc_empty_file+0x73/0x1e0
[  255.688193][ T8993]  path_openat+0xe0/0x2d20
[  255.690325][ T8993]  ? hlock_class+0x4e/0x130
[  255.692677][ T8993]  ? __lock_acquire+0x1620/0x3cb0
[  255.695023][ T8993]  ? __pfx_path_openat+0x10/0x10
[  255.697563][ T8993]  ? handle_mm_fault+0x4c9/0x7b0
[  255.700222][ T8993]  ? __pfx___lock_acquire+0x10/0x10
[  255.703544][ T8993]  do_filp_open+0x1dc/0x430
[  255.705760][ T8993]  ? __pfx_do_filp_open+0x10/0x10
[  255.708073][ T8993]  ? find_held_lock+0x2d/0x110
[  255.710268][ T8993]  ? _raw_spin_unlock+0x28/0x50
[  255.712371][ T8993]  ? alloc_fd+0x2d7/0x6c0
[  255.714237][ T8993]  do_sys_openat2+0x17a/0x1e0
[  255.716253][ T8993]  ? __pfx_do_sys_openat2+0x10/0x10
[  255.718776][ T8993]  __x64_sys_openat+0x175/0x210
[  255.720948][ T8993]  ? __pfx___x64_sys_openat+0x10/0x10
[  255.723455][ T8993]  ? ksys_write+0x1ab/0x260
[  255.725581][ T8993]  do_syscall_64+0xcd/0x250
[  255.727819][ T8993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.730569][ T8993] RIP: 0033:0x7f1707377299
[  255.732656][ T8993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.741482][ T8993] RSP: 002b:00007f1708084048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  255.745114][ T8993] RAX: ffffffffffffffda RBX: 00007f1707505f80 RCX: 00007f1707377299
[  255.749072][ T8993] RDX: 0000000000000002 RSI: 0000000020000000 RDI: 0000000000000003
[  255.752471][ T8993] RBP: 00007f17080840a0 R08: 0000000000000000 R09: 0000000000000000
[  255.755928][ T8993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.759385][ T8993] R13: 000000000000000b R14: 00007f1707505f80 R15: 00007fff7da13d38
[  255.763021][ T8993]  </TASK>
[  256.071127][ T9007] __nla_validate_parse: 2 callbacks suppressed
[  256.071144][ T9007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1081'.
[  256.079844][ T9007] netlink: 'syz.2.1081': attribute type 3 has an invalid length.
[  256.083544][ T9007] netlink: 196520 bytes leftover after parsing attributes in process `syz.2.1081'.
[  256.194089][ T9020] lo speed is unknown, defaulting to 1000
[  256.201212][ T9020] lo speed is unknown, defaulting to 1000
[  256.217040][ T9020] lo speed is unknown, defaulting to 1000
[  256.244979][ T9027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1084'.
[  256.330351][ T9037] FAULT_INJECTION: forcing a failure.
[  256.330351][ T9037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.340378][ T9037] CPU: 3 UID: 0 PID: 9037 Comm: syz.3.1090 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  256.344717][ T9037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  256.349178][ T9037] Call Trace:
[  256.350596][ T9037]  <TASK>
[  256.351855][ T9037]  dump_stack_lvl+0x16c/0x1f0
[  256.353887][ T9037]  should_fail_ex+0x497/0x5b0
[  256.355934][ T9037]  _copy_from_user+0x30/0xf0
[  256.357976][ T9037]  get_user_ifreq+0xf1/0x250
[  256.359929][ T9037]  sock_do_ioctl+0x16c/0x280
[  256.361907][ T9037]  ? __pfx_sock_do_ioctl+0x10/0x10
[  256.364064][ T9037]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  256.366857][ T9037]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  256.369708][ T9037]  sock_ioctl+0x22e/0x6c0
[  256.371521][ T9037]  ? __pfx_sock_ioctl+0x10/0x10
[  256.373796][ T9037]  ? selinux_file_ioctl+0x180/0x270
[  256.376015][ T9037]  ? selinux_file_ioctl+0xb4/0x270
[  256.378202][ T9037]  ? __pfx_sock_ioctl+0x10/0x10
[  256.380163][ T9037]  __x64_sys_ioctl+0x193/0x220
[  256.381960][ T9037]  do_syscall_64+0xcd/0x250
[  256.383650][ T9037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.385834][ T9037] RIP: 0033:0x7f75b9977299
[  256.387492][ T9037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.395460][ T9037] RSP: 002b:00007f75ba7f8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  256.398771][ T9037] RAX: ffffffffffffffda RBX: 00007f75b9b05f80 RCX: 00007f75b9977299
[  256.402155][ T9037] RDX: 0000000020000100 RSI: 0000000000008946 RDI: 0000000000000003
[  256.402430][  T832] lo speed is unknown, defaulting to 1000
[  256.405324][ T9037] RBP: 00007f75ba7f80a0 R08: 0000000000000000 R09: 0000000000000000
[  256.405339][ T9037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.405349][ T9037] R13: 000000000000000b R14: 00007f75b9b05f80 R15: 00007ffc733350a8
[  256.405363][ T9037]  </TASK>
[  256.421385][ T9020] infiniband syz1: set active
[  256.423857][ T9020] infiniband syz1: added lo
[  256.501220][ T9020] RDS/IB: syz1: added
[  256.515457][ T9020] smc: adding ib device syz1 with port count 1
[  256.520186][ T9020] smc:    ib device syz1 port 1 has pnetid 
[  256.528408][  T832] lo speed is unknown, defaulting to 1000
[  256.537762][ T9020] lo speed is unknown, defaulting to 1000
[  256.553593][ T9042] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1091'.
[  256.562986][ T9042] netlink: 'syz.3.1091': attribute type 3 has an invalid length.
[  256.567432][ T9042] netlink: 196520 bytes leftover after parsing attributes in process `syz.3.1091'.
[  256.571980][   T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  256.662366][ T9045] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1092'.
[  256.766006][   T10] usb 6-1: Using ep0 maxpacket: 8
[  256.774582][   T10] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.784894][   T10] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  256.798506][   T10] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  256.808114][   T10] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  256.825145][ T9020] lo speed is unknown, defaulting to 1000
[  256.830250][   T10] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  256.833795][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.844890][   T10] usb 6-1: Product: syz
[  256.846790][   T10] usb 6-1: Manufacturer: syz
[  256.858982][   T10] usb 6-1: SerialNumber: syz
[  257.365740][ T9020] lo speed is unknown, defaulting to 1000
[  257.718041][ T9020] lo speed is unknown, defaulting to 1000
[  257.835418][ T9061] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1097'.
[  258.127736][ T9020] lo speed is unknown, defaulting to 1000
[  258.131898][ T9068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1100'.
[  258.151922][ T9068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1100'.
[  258.156649][ T9068] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1100'.
[  258.489532][   T10] cdc_ncm 6-1:1.0: bind() failure
[  258.495935][   T10] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  258.499186][   T10] cdc_ncm 6-1:1.1: bind() failure
[  258.505020][   T10] usb 6-1: USB disconnect, device number 6
[  260.517048][ T9101] ieee802154 phy0 wpan0: encryption failed: -22
[  260.541582][ T9101] FAULT_INJECTION: forcing a failure.
[  260.541582][ T9101] name failslab, interval 1, probability 0, space 0, times 0
[  260.555504][ T9101] CPU: 0 UID: 0 PID: 9101 Comm: syz.1.1107 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  260.559854][ T9101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.564299][ T9101] Call Trace:
[  260.565630][ T9101]  <TASK>
[  260.566750][ T9101]  dump_stack_lvl+0x16c/0x1f0
[  260.568562][ T9101]  should_fail_ex+0x497/0x5b0
[  260.570383][ T9101]  ? fs_reclaim_acquire+0xae/0x160
[  260.572461][ T9101]  should_failslab+0xc2/0x120
[  260.574421][ T9101]  __kmalloc_noprof+0xcb/0x400
[  260.576503][ T9101]  ? __pfx_lock_acquire+0x10/0x10
[  260.584831][ T9101]  tomoyo_realpath_from_path+0xb9/0x720
[  260.593981][ T9101]  ? tomoyo_profile+0x47/0x60
[  260.596091][ T9101]  tomoyo_path_number_perm+0x245/0x590
[  260.598495][ T9101]  ? tomoyo_path_number_perm+0x232/0x590
[  260.600945][ T9101]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  260.603545][ T9101]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  260.606245][ T9101]  ? __fget_files+0x256/0x400
[  260.608272][ T9101]  security_file_ioctl+0x75/0xc0
[  260.610349][ T9101]  __x64_sys_ioctl+0xbb/0x220
[  260.612334][ T9101]  do_syscall_64+0xcd/0x250
[  260.614242][ T9101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.616768][ T9101] RIP: 0033:0x7fe431b77299
[  260.618680][ T9101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.626918][ T9101] RSP: 002b:00007fe43295b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  260.630656][ T9101] RAX: ffffffffffffffda RBX: 00007fe431d06130 RCX: 00007fe431b77299
[  260.634265][ T9101] RDX: 0000000020000400 RSI: 00000000c06864a2 RDI: 0000000000000004
[  260.638085][ T9101] RBP: 00007fe43295b0a0 R08: 0000000000000000 R09: 0000000000000000
[  260.641503][ T9101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.644919][ T9101] R13: 000000000000006e R14: 00007fe431d06130 R15: 00007ffdc7141f58
[  260.647994][ T9101]  </TASK>
[  260.710762][ T9111] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.1113' sets config #6
[  260.770327][ T9101] ERROR: Out of memory at tomoyo_realpath_from_path.
[  260.809519][ T9116] netlink: 'syz.3.1115': attribute type 3 has an invalid length.
[  260.954849][ T9122] netlink: 'syz.1.1116': attribute type 10 has an invalid length.
[  260.991747][ T9122] team0: Failed to send options change via netlink (err -105)
[  260.995229][ T9122] team0: Port device netdevsim0 added
[  261.004497][ T5160] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  261.016071][ T9125] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=512 sclass=netlink_route_socket pid=9125 comm=syz.3.1117
[  261.022979][ T9125] Bluetooth: MGMT ver 1.23
[  261.024041][ T9119] netlink: 'syz.1.1116': attribute type 10 has an invalid length.
[  261.037308][ T9119] team0: Failed to send options change via netlink (err -105)
[  261.041262][ T9119] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  261.044939][   T39] kauditd_printk_skb: 28 callbacks suppressed
[  261.044952][   T39] audit: type=1400 audit(1722139580.136:624): avc:  denied  { mount } for  pid=9124 comm="syz.3.1117" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  261.046303][ T9119] team0: Port device netdevsim0 removed
[  261.065612][ T9119] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  261.253765][   T39] audit: type=1400 audit(1722139580.366:625): avc:  denied  { read } for  pid=9131 comm="syz.1.1119" name="usbmon0" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  261.263693][ T9132] FAULT_INJECTION: forcing a failure.
[  261.263693][ T9132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.272287][ T9132] CPU: 0 UID: 0 PID: 9132 Comm: syz.1.1119 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  261.276204][   T39] audit: type=1400 audit(1722139580.366:626): avc:  denied  { open } for  pid=9131 comm="syz.1.1119" path="/dev/usbmon0" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  261.276871][ T9132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  261.291078][ T9132] Call Trace:
[  261.292514][ T9132]  <TASK>
[  261.293841][ T9132]  dump_stack_lvl+0x16c/0x1f0
[  261.295961][ T9132]  should_fail_ex+0x497/0x5b0
[  261.298108][ T9132]  _copy_to_user+0x30/0xc0
[  261.300157][ T9132]  simple_read_from_buffer+0xd0/0x160
[  261.302537][ T9132]  proc_fail_nth_read+0x1b0/0x290
[  261.304580][ T9132]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.306795][ T9132]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.309365][ T9132]  vfs_read+0x1d4/0xbd0
[  261.311185][ T9132]  ? __fdget_pos+0xeb/0x180
[  261.313150][ T9132]  ? __pfx_vfs_read+0x10/0x10
[  261.315192][ T9132]  ? __pfx___mutex_lock+0x10/0x10
[  261.317518][ T9132]  ? __fget_files+0x256/0x400
[  261.319760][ T9132]  ksys_read+0x12f/0x260
[  261.321762][ T9132]  ? __pfx_ksys_read+0x10/0x10
[  261.323922][ T9132]  do_syscall_64+0xcd/0x250
[  261.326105][ T9132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.328816][ T9132] RIP: 0033:0x7fe431b75d7c
[  261.330959][ T9132] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  261.339646][ T9132] RSP: 002b:00007fe43299d040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  261.343397][ T9132] RAX: ffffffffffffffda RBX: 00007fe431d05f80 RCX: 00007fe431b75d7c
[  261.347719][ T9132] RDX: 000000000000000f RSI: 00007fe43299d0b0 RDI: 0000000000000005
[  261.352320][ T9132] RBP: 00007fe43299d0a0 R08: 0000000000000000 R09: 0000000000000000
[  261.356548][ T9132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.360297][ T9132] R13: 000000000000000b R14: 00007fe431d05f80 R15: 00007ffdc7141f58
[  261.363911][ T9132]  </TASK>
[  261.542481][ T1381] ieee802154 phy0 wpan0: encryption failed: -22
[  261.545472][ T1381] ieee802154 phy1 wpan1: encryption failed: -22
[  261.975671][ T9141] __nla_validate_parse: 5 callbacks suppressed
[  261.975687][ T9141] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1122'.
[  261.982137][ T9141] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1122'.
[  261.993920][ T9141] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1122'.
[  262.063678][ T9147] netlink: 'syz.0.1125': attribute type 3 has an invalid length.
[  262.070096][ T9147] netlink: 196520 bytes leftover after parsing attributes in process `syz.0.1125'.
[  262.145463][ T9151] FAULT_INJECTION: forcing a failure.
[  262.145463][ T9151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.150971][ T9151] CPU: 3 UID: 0 PID: 9151 Comm: syz.0.1127 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  262.155382][ T9151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  262.159990][ T9151] Call Trace:
[  262.161447][ T9151]  <TASK>
[  262.162740][ T9151]  dump_stack_lvl+0x16c/0x1f0
[  262.164829][ T9151]  should_fail_ex+0x497/0x5b0
[  262.166892][ T9151]  _copy_from_user+0x30/0xf0
[  262.168939][ T9151]  copy_msghdr_from_user+0x99/0x160
[  262.171202][ T9151]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  262.173484][ T9151]  ? find_held_lock+0x2d/0x110
[  262.175344][ T9151]  ? __pfx___lock_acquire+0x10/0x10
[  262.177445][ T9151]  ___sys_sendmsg+0xff/0x1e0
[  262.179219][ T9151]  ? __pfx____sys_sendmsg+0x10/0x10
[  262.181063][ T9151]  ? ksys_write+0x21c/0x260
[  262.182858][ T9151]  ? __fget_light+0x173/0x210
[  262.184718][ T9151]  __sys_sendmsg+0x117/0x1f0
[  262.186651][ T9151]  ? __pfx___sys_sendmsg+0x10/0x10
[  262.188849][ T9151]  do_syscall_64+0xcd/0x250
[  262.190997][ T9151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.193973][ T9151] RIP: 0033:0x7f0f45b77299
[  262.195908][ T9151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.218463][ T9151] RSP: 002b:00007f0f468a3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  262.222111][ T9151] RAX: ffffffffffffffda RBX: 00007f0f45d05f80 RCX: 00007f0f45b77299
[  262.225717][ T9151] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  262.229125][ T9151] RBP: 00007f0f468a30a0 R08: 0000000000000000 R09: 0000000000000000
[  262.232355][ T9151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.235661][ T9151] R13: 000000000000000b R14: 00007f0f45d05f80 R15: 00007ffc92603f58
[  262.239578][ T9151]  </TASK>
[  262.390931][   T39] audit: type=1326 audit(1722139581.506:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9148 comm="syz.2.1126" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1707377299 code=0x0
[  263.037954][ T9166] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.1131' sets config #6
[  263.191784][    C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  263.201065][ T9172] FAULT_INJECTION: forcing a failure.
[  263.201065][ T9172] name failslab, interval 1, probability 0, space 0, times 0
[  263.217125][ T9172] CPU: 2 UID: 0 PID: 9172 Comm: syz.0.1134 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  263.221364][ T9172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  263.226913][ T9172] Call Trace:
[  263.228598][ T9172]  <TASK>
[  263.230077][ T9172]  dump_stack_lvl+0x16c/0x1f0
[  263.232970][ T9172]  should_fail_ex+0x497/0x5b0
[  263.235102][ T9172]  ? fs_reclaim_acquire+0xae/0x160
[  263.237235][ T9172]  should_failslab+0xc2/0x120
[  263.238937][ T9172]  kmem_cache_alloc_lru_noprof+0x72/0x2f0
[  263.241243][ T9172]  ? __d_alloc+0x31/0xaa0
[  263.243097][ T9172]  __d_alloc+0x31/0xaa0
[  263.244952][ T9172]  d_alloc_pseudo+0x1c/0xc0
[  263.246918][ T9172]  alloc_file_pseudo+0xdc/0x210
[  263.249016][ T9172]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  263.251216][ T9172]  ? security_inode_alloc+0x19e/0x240
[  263.253656][ T9172]  ? inode_init_always+0xc77/0xf80
[  263.255912][ T9172]  sock_alloc_file+0x50/0x1d0
[  263.257871][ T9172]  do_accept+0x2a8/0x540
[  263.259673][ T9172]  ? __pfx_do_accept+0x10/0x10
[  263.261571][ T9172]  __sys_accept4+0x102/0x1c0
[  263.263383][ T9172]  ? __pfx___sys_accept4+0x10/0x10
[  263.265450][ T9172]  ? __pfx_ksys_write+0x10/0x10
[  263.267412][ T9172]  __x64_sys_accept4+0x96/0x100
[  263.269689][ T9172]  ? lockdep_hardirqs_on+0x7c/0x110
[  263.271770][ T9172]  do_syscall_64+0xcd/0x250
[  263.273554][ T9172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.276019][ T9172] RIP: 0033:0x7f0f45b77299
[  263.277862][ T9172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.285999][ T9172] RSP: 002b:00007f0f468a3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  263.289286][ T9172] RAX: ffffffffffffffda RBX: 00007f0f45d05f80 RCX: 00007f0f45b77299
[  263.292598][ T9172] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  263.295000][ T9172] RBP: 00007f0f468a30a0 R08: 0000000000000000 R09: 0000000000000000
[  263.297725][ T9172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.300708][ T9172] R13: 000000000000000b R14: 00007f0f45d05f80 R15: 00007ffc92603f58
[  263.304018][ T9172]  </TASK>
[  263.305297][    C2] vkms_vblank_simulate: vblank timer overrun
[  263.449370][ T9176] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1136'.
[  263.453292][ T9176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1136'.
[  263.467965][ T9176] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1136'.
[  263.610235][   T39] audit: type=1400 audit(1722139582.726:628): avc:  denied  { append } for  pid=9169 comm="syz.3.1132" name="userio" dev="devtmpfs" ino=860 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  264.696384][ T9192] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.1141' sets config #6
[  265.348323][   T10] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  265.404187][ T9206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1146'.
[  265.409968][ T9206] netlink: 'syz.0.1146': attribute type 3 has an invalid length.
[  265.413411][ T9206] netlink: 196520 bytes leftover after parsing attributes in process `syz.0.1146'.
[  265.476439][ T9208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1147'.
[  265.548282][   T10] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  265.553132][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.558191][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  265.563955][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  265.573392][   T10] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  265.580190][   T10] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  265.587361][   T10] usb 6-1: Manufacturer: syz
[  265.593759][   T10] usb 6-1: config 0 descriptor??
[  266.109028][   T10] appleir 0003:05AC:8243.0003: unknown main item tag 0x0
[  266.113712][   T10] appleir 0003:05AC:8243.0003: No inputs registered, leaving
[  266.116259][ T9219] FAULT_INJECTION: forcing a failure.
[  266.116259][ T9219] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.122750][ T9219] CPU: 1 UID: 0 PID: 9219 Comm: syz.3.1150 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  266.128631][ T9219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  266.133239][ T9219] Call Trace:
[  266.134640][ T9219]  <TASK>
[  266.135837][ T9219]  dump_stack_lvl+0x16c/0x1f0
[  266.138171][ T9219]  should_fail_ex+0x497/0x5b0
[  266.140361][ T9219]  _copy_from_user+0x30/0xf0
[  266.142457][ T9219]  __sys_bpf+0x21c/0x4a20
[  266.144456][ T9219]  ? ksys_write+0x21c/0x260
[  266.146698][ T9219]  ? reacquire_held_locks+0x410/0x4c0
[  266.149278][ T9219]  ? __pfx___sys_bpf+0x10/0x10
[  266.151792][ T9219]  ? vfs_write+0x14d/0x1140
[  266.153905][ T9219]  ? __mutex_unlock_slowpath+0x164/0x650
[  266.156521][ T9219]  ? fput+0x32/0x390
[  266.158195][ T9219]  ? ksys_write+0x1ab/0x260
[  266.160171][ T9219]  ? __pfx_ksys_write+0x10/0x10
[  266.162284][ T9219]  __x64_sys_bpf+0x78/0xc0
[  266.164581][ T9219]  ? lockdep_hardirqs_on+0x7c/0x110
[  266.166916][ T9219]  do_syscall_64+0xcd/0x250
[  266.169215][ T9219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.172050][ T9219] RIP: 0033:0x7f75b9977299
[  266.174260][ T9219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.183227][ T9219] RSP: 002b:00007f75ba7b6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  266.187014][ T9219] RAX: ffffffffffffffda RBX: 00007f75b9b06130 RCX: 00007f75b9977299
[  266.190651][ T9219] RDX: 0000000000000048 RSI: 0000000020000100 RDI: 0000000000000000
[  266.194574][ T9219] RBP: 00007f75ba7b60a0 R08: 0000000000000000 R09: 0000000000000000
[  266.198642][ T9219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.203003][ T9219] R13: 000000000000006e R14: 00007f75b9b06130 R15: 00007ffc733350a8
[  266.207519][ T9219]  </TASK>
[  266.518502][   T10] appleir 0003:05AC:8243.0003: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  266.604076][    C2] vkms_vblank_simulate: vblank timer overrun
[  267.035881][ T9238] __nla_validate_parse: 2 callbacks suppressed
[  267.035900][ T9238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1156'.
[  267.042211][ T9238] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1156'.
[  267.045982][ T9238] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1156'.
[  267.327808][ T9245] mkiss: ax0: crc mode is auto.
[  267.786311][ T9257] FAULT_INJECTION: forcing a failure.
[  267.786311][ T9257] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.792895][ T9257] CPU: 3 UID: 0 PID: 9257 Comm: syz.0.1160 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  267.798348][ T9257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  267.804535][ T9257] Call Trace:
[  267.806029][ T9257]  <TASK>
[  267.807579][ T9257]  dump_stack_lvl+0x16c/0x1f0
[  267.810272][ T9257]  should_fail_ex+0x497/0x5b0
[  267.812600][ T9257]  _copy_from_user+0x30/0xf0
[  267.814773][ T9257]  __sys_bpf+0x21c/0x4a20
[  267.817646][ T9257]  ? ksys_write+0x21c/0x260
[  267.820363][ T9257]  ? reacquire_held_locks+0x410/0x4c0
[  267.822424][ T9257]  ? __pfx___sys_bpf+0x10/0x10
[  267.824537][ T9257]  ? vfs_write+0x14d/0x1140
[  267.827033][ T9257]  ? __mutex_unlock_slowpath+0x164/0x650
[  267.829734][ T9257]  ? fput+0x32/0x390
[  267.831744][ T9257]  ? ksys_write+0x1ab/0x260
[  267.834476][ T9257]  ? __pfx_ksys_write+0x10/0x10
[  267.837171][ T9257]  __x64_sys_bpf+0x78/0xc0
[  267.839749][ T9257]  ? lockdep_hardirqs_on+0x7c/0x110
[  267.842163][ T9257]  do_syscall_64+0xcd/0x250
[  267.844129][ T9257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.846667][ T9257] RIP: 0033:0x7f0f45b77299
[  267.849061][ T9257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.857746][ T9257] RSP: 002b:00007f0f468a3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  267.861595][ T9257] RAX: ffffffffffffffda RBX: 00007f0f45d05f80 RCX: 00007f0f45b77299
[  267.864741][ T9257] RDX: 0000000000000040 RSI: 00000000200005c0 RDI: 000000000000001c
[  267.867639][ T9257] RBP: 00007f0f468a30a0 R08: 0000000000000000 R09: 0000000000000000
[  267.871179][ T9257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.874700][ T9257] R13: 000000000000000b R14: 00007f0f45d05f80 R15: 00007ffc92603f58
[  267.878206][ T9257]  </TASK>
[  268.078528][  T832] usb 6-1: USB disconnect, device number 7
[  270.065954][ T9285] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  270.083121][ T9285] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1167'.
[  270.263486][ T9287] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1168'.
[  270.267013][ T9287] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1168'.
[  270.270440][ T9287] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1168'.
[  270.500247][    C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  270.555328][ T9295] netlink: 'syz.3.1172': attribute type 3 has an invalid length.
[  270.567076][ T9295] netlink: 196520 bytes leftover after parsing attributes in process `syz.3.1172'.
[  270.623150][   T39] audit: type=1400 audit(1722139589.736:629): avc:  denied  { ioctl } for  pid=9292 comm="syz.2.1171" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3313 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  270.899596][ T9306] serio: Serial port ptm0
[  271.133296][   T39] audit: type=1400 audit(1722139590.246:630): avc:  denied  { create } for  pid=9311 comm="syz.2.1177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  271.146771][   T39] audit: type=1400 audit(1722139590.256:631): avc:  denied  { setopt } for  pid=9311 comm="syz.2.1177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  271.147247][ T9312] FAULT_INJECTION: forcing a failure.
[  271.147247][ T9312] name failslab, interval 1, probability 0, space 0, times 0
[  271.156272][ T9312] CPU: 3 UID: 0 PID: 9312 Comm: syz.2.1177 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  271.165301][ T9312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  271.169755][ T9312] Call Trace:
[  271.171163][ T9312]  <TASK>
[  271.172437][ T9312]  dump_stack_lvl+0x16c/0x1f0
[  271.174307][ T9312]  should_fail_ex+0x497/0x5b0
[  271.176278][ T9312]  ? fs_reclaim_acquire+0xae/0x160
[  271.178360][ T9312]  should_failslab+0xc2/0x120
[  271.180243][ T9312]  __kmalloc_noprof+0xcb/0x400
[  271.182085][ T9312]  kernfs_fop_write_iter+0x229/0x500
[  271.184343][ T9312]  vfs_write+0x6b6/0x1140
[  271.186743][ T9312]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  271.189465][ T9312]  ? __pfx_vfs_write+0x10/0x10
[  271.191737][ T9312]  ? __pfx___mutex_lock+0x10/0x10
[  271.193988][ T9312]  ? __fget_files+0x256/0x400
[  271.196121][ T9312]  ksys_write+0x12f/0x260
[  271.198065][ T9312]  ? __pfx_ksys_write+0x10/0x10
[  271.200245][ T9312]  do_syscall_64+0xcd/0x250
[  271.202268][ T9312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.204902][ T9312] RIP: 0033:0x7f1707377299
[  271.206867][ T9312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.215126][ T9312] RSP: 002b:00007f1708084048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  271.218789][ T9312] RAX: ffffffffffffffda RBX: 00007f1707505f80 RCX: 00007f1707377299
[  271.222353][ T9312] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000006
[  271.225349][ T9312] RBP: 00007f17080840a0 R08: 0000000000000000 R09: 0000000000000000
[  271.228398][ T9312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.231587][ T9312] R13: 000000000000000b R14: 00007f1707505f80 R15: 00007fff7da13d38
[  271.235292][ T9312]  </TASK>
[  271.410441][ T9317] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1179'.
[  271.414461][ T9317] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1179'.
[  271.658292][ T9326] netlink: 'syz.1.1182': attribute type 3 has an invalid length.
[  272.562395][ T9344] __nla_validate_parse: 2 callbacks suppressed
[  272.562412][ T9344] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1186'.
[  272.569218][ T9344] netlink: 'syz.2.1186': attribute type 1 has an invalid length.
[  272.573205][ T9344] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1186'.
[  273.668461][ T9375] netlink: 'syz.0.1193': attribute type 3 has an invalid length.
[  273.671971][ T9375] netlink: 196520 bytes leftover after parsing attributes in process `syz.0.1193'.
[  273.688410][ T9372] serio: Serial port ptm0
[  273.858938][ T9378] FAULT_INJECTION: forcing a failure.
[  273.858938][ T9378] name failslab, interval 1, probability 0, space 0, times 0
[  273.872074][ T9378] CPU: 0 UID: 0 PID: 9378 Comm: syz.1.1194 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  273.876577][ T9378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  273.881490][ T9378] Call Trace:
[  273.882994][ T9378]  <TASK>
[  273.884342][ T9378]  dump_stack_lvl+0x16c/0x1f0
[  273.886473][ T9378]  should_fail_ex+0x497/0x5b0
[  273.888612][ T9378]  ? fs_reclaim_acquire+0xae/0x160
[  273.890920][ T9378]  should_failslab+0xc2/0x120
[  273.893089][ T9378]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  273.895504][ T9378]  ? getname_flags.part.0+0x4c/0x550
[  273.897894][ T9378]  getname_flags.part.0+0x4c/0x550
[  273.900224][ T9378]  getname+0x8d/0xe0
[  273.902013][ T9378]  do_sys_openat2+0x104/0x1e0
[  273.904125][ T9378]  ? __pfx_do_sys_openat2+0x10/0x10
[  273.906450][ T9378]  ? __pfx___schedule+0x10/0x10
[  273.908658][ T9378]  __x64_sys_openat+0x175/0x210
[  273.910849][ T9378]  ? __pfx___x64_sys_openat+0x10/0x10
[  273.913111][ T9378]  do_syscall_64+0xcd/0x250
[  273.914926][ T9378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.917277][ T9378] RIP: 0033:0x7fe431b77299
[  273.919051][ T9378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.927131][ T9378] RSP: 002b:00007fe43299d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  273.930956][ T9378] RAX: ffffffffffffffda RBX: 00007fe431d05f80 RCX: 00007fe431b77299
[  273.934617][ T9378] RDX: 0000000000000002 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  273.938218][ T9378] RBP: 00007fe43299d0a0 R08: 0000000000000000 R09: 0000000000000000
[  273.941803][ T9378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.945185][ T9378] R13: 000000000000000b R14: 00007fe431d05f80 R15: 00007ffdc7141f58
[  273.948654][ T9378]  </TASK>
[  274.278459][   T39] audit: type=1400 audit(1722139593.396:632): avc:  denied  { accept } for  pid=9388 comm="syz.3.1199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  274.287336][   T39] audit: type=1400 audit(1722139593.396:633): avc:  denied  { read } for  pid=9388 comm="syz.3.1199" dev="sockfs" ino=29213 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  274.289624][ T9389] 9pnet_fd: Insufficient options for proto=fd
[  276.115372][ T9400] FAULT_INJECTION: forcing a failure.
[  276.115372][ T9400] name failslab, interval 1, probability 0, space 0, times 0
[  276.126998][ T9400] CPU: 0 UID: 0 PID: 9400 Comm: syz.1.1201 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  276.131618][ T9400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.136602][ T9400] Call Trace:
[  276.138538][ T9400]  <TASK>
[  276.140135][ T9400]  dump_stack_lvl+0x16c/0x1f0
[  276.142194][ T9400]  should_fail_ex+0x497/0x5b0
[  276.144316][ T9400]  ? fs_reclaim_acquire+0xae/0x160
[  276.146182][ T9400]  should_failslab+0xc2/0x120
[  276.147945][ T9400]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  276.150080][ T9400]  ? taskstats_exit+0x656/0xbe0
[  276.152144][ T9400]  taskstats_exit+0x656/0xbe0
[  276.154322][ T9400]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  276.156868][ T9400]  ? __pfx_taskstats_exit+0x10/0x10
[  276.159340][ T9400]  ? _raw_spin_unlock_irq+0x23/0x50
[  276.161685][ T9400]  ? __seccomp_filter_orphan+0x18/0x140
[  276.164120][ T9400]  ? __put_seccomp_filter+0x16/0x100
[  276.166414][ T9400]  do_exit+0x84a/0x2bb0
[  276.168378][ T9400]  ? get_signal+0x8f2/0x2770
[  276.170450][ T9400]  ? __pfx_do_exit+0x10/0x10
[  276.172519][ T9400]  ? do_raw_spin_lock+0x12d/0x2c0
[  276.174752][ T9400]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  276.177125][ T9400]  do_group_exit+0xd3/0x2a0
[  276.179095][ T9400]  get_signal+0x25fd/0x2770
[  276.181123][ T9400]  ? __pfx_child_wait_callback+0x10/0x10
[  276.183690][ T9400]  ? __pfx_get_signal+0x10/0x10
[  276.185762][ T9400]  ? __do_sys_wait4+0xd2/0x170
[  276.188193][ T9400]  arch_do_signal_or_restart+0x90/0x7e0
[  276.190803][ T9400]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  276.193871][ T9400]  ? __pfx_ksys_write+0x10/0x10
[  276.196897][ T9400]  syscall_exit_to_user_mode+0x150/0x2a0
[  276.199452][ T9400]  do_syscall_64+0xda/0x250
[  276.201403][ T9400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.203698][ T9400] RIP: 0033:0x7fe431b77299
[  276.205598][ T9400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.213817][ T9400] RSP: 002b:00007fe43297c048 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[  276.217400][ T9400] RAX: fffffffffffffe00 RBX: 00007fe431d06058 RCX: 00007fe431b77299
[  276.220855][ T9400] RDX: 0000000040000000 RSI: 0000000000000000 RDI: 0000000000000000
[  276.224125][ T9400] RBP: 00007fe43297c0a0 R08: 0000000000000000 R09: 0000000000000000
[  276.226656][ T9400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.229896][ T9400] R13: 000000000000006e R14: 00007fe431d06058 R15: 00007ffdc7141f58
[  276.233464][ T9400]  </TASK>
[  276.795094][   T39] audit: type=1326 audit(1722139595.906:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9415 comm="syz.3.1209" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75b9977299 code=0x0
[  276.816040][   T39] audit: type=1326 audit(1722139595.936:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.0.1208" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0f45b77299 code=0x0
[  278.698498][   T64] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.853695][   T64] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.949520][   T64] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.073296][   T64] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.107353][ T5345] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  279.113670][ T5345] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  279.120749][ T5345] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  279.132379][ T5345] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  279.141931][ T5345] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  279.163740][ T5345] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  279.300960][ T9460] lo speed is unknown, defaulting to 1000
[  279.346727][   T64] bridge_slave_1: left allmulticast mode
[  279.349325][   T64] bridge_slave_1: left promiscuous mode
[  279.353312][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.366443][   T64] bridge_slave_0: left allmulticast mode
[  279.371718][   T64] bridge_slave_0: left promiscuous mode
[  279.379591][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.880761][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  279.906042][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  279.913833][   T64] bond0 (unregistering): Released all slaves
[  280.145316][ T9460] chnl_net:caif_netlink_parms(): no params data found
[  280.326470][  T834] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  280.350502][ T9460] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.353748][ T9460] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.358021][ T9460] bridge_slave_0: entered allmulticast mode
[  280.361887][ T9460] bridge_slave_0: entered promiscuous mode
[  280.397267][ T9460] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.400150][ T9460] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.403373][ T9460] bridge_slave_1: entered allmulticast mode
[  280.410265][ T9460] bridge_slave_1: entered promiscuous mode
[  280.516405][  T834] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  280.521280][  T834] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  280.526568][  T834] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  280.532254][  T834] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  280.537532][  T834] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.550602][ T9460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  280.558206][  T834] usb 8-1: config 0 descriptor??
[  280.574561][ T9466] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  280.586752][ T9460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  280.780078][ T9460] team0: Port device team_slave_0 added
[  280.786395][ T9460] team0: Port device team_slave_1 added
[  280.901737][   T64] hsr_slave_0: left promiscuous mode
[  280.909043][   T64] hsr_slave_1: left promiscuous mode
[  280.913599][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.918294][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.924854][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.929855][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.976466][   T64] veth1_macvtap: left promiscuous mode
[  280.980015][   T64] veth0_macvtap: left promiscuous mode
[  280.982209][   T64] veth1_vlan: left promiscuous mode
[  280.984674][   T64] veth0_vlan: left promiscuous mode
[  281.225498][ T5343] Bluetooth: hci0: command tx timeout
[  281.399488][ T9488] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  281.903573][ T9500] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1226'.
[  281.922263][ T9500] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1226'.
[  281.928377][ T9500] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1226'.
[  281.939832][  T834] usbhid 8-1:0.0: can't add hid device: -71
[  281.943190][  T834] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  281.960173][  T834] usb 8-1: USB disconnect, device number 4
[  282.392082][   T64] team0 (unregistering): Port device team_slave_1 removed
[  282.529418][   T64] team0 (unregistering): Port device team_slave_0 removed
[  282.735477][ T9504] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1227'.
[  283.294938][ T5343] Bluetooth: hci0: command tx timeout
[  283.518575][ T9460] batman_adv: batadv0: Adding interface: batadv_slave_0
[  283.521820][ T9460] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.532458][ T9460] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  283.538735][ T9460] batman_adv: batadv0: Adding interface: batadv_slave_1
[  283.541434][ T9460] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.550768][ T9460] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  283.806758][ T9519] FAULT_INJECTION: forcing a failure.
[  283.806758][ T9519] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.812344][ T9519] CPU: 2 UID: 0 PID: 9519 Comm: syz.3.1231 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  283.816801][ T9519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  283.821193][ T9519] Call Trace:
[  283.822685][ T9519]  <TASK>
[  283.823996][ T9519]  dump_stack_lvl+0x16c/0x1f0
[  283.826051][ T9519]  should_fail_ex+0x497/0x5b0
[  283.828069][ T9519]  _copy_from_user+0x30/0xf0
[  283.830075][ T9519]  __sys_bpf+0x21c/0x4a20
[  283.832040][ T9519]  ? ksys_write+0x21c/0x260
[  283.834202][ T9519]  ? reacquire_held_locks+0x410/0x4c0
[  283.836428][ T9519]  ? __pfx___sys_bpf+0x10/0x10
[  283.838332][ T9519]  ? vfs_write+0x14d/0x1140
[  283.840184][ T9519]  ? __mutex_unlock_slowpath+0x164/0x650
[  283.842601][ T9519]  ? fput+0x32/0x390
[  283.844312][ T9519]  ? ksys_write+0x1ab/0x260
[  283.846296][ T9519]  ? __pfx_ksys_write+0x10/0x10
[  283.848394][ T9519]  __x64_sys_bpf+0x78/0xc0
[  283.850324][ T9519]  ? lockdep_hardirqs_on+0x7c/0x110
[  283.852603][ T9519]  do_syscall_64+0xcd/0x250
[  283.854593][ T9519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.857103][ T9519] RIP: 0033:0x7f75b9977299
[  283.859030][ T9519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.867095][ T9519] RSP: 002b:00007f75ba7f8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  283.870623][ T9519] RAX: ffffffffffffffda RBX: 00007f75b9b05f80 RCX: 00007f75b9977299
[  283.873957][ T9519] RDX: 0000000000000040 RSI: 00000000200005c0 RDI: 000000000000001c
[  283.877289][ T9519] RBP: 00007f75ba7f80a0 R08: 0000000000000000 R09: 0000000000000000
[  283.880456][ T9519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.883901][ T9519] R13: 000000000000000b R14: 00007f75b9b05f80 R15: 00007ffc733350a8
[  283.887313][ T9519]  </TASK>
[  284.039703][ T9460] hsr_slave_0: entered promiscuous mode
[  284.080026][ T9460] hsr_slave_1: entered promiscuous mode
[  284.086599][ T9460] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  284.089868][ T9460] Cannot create hsr debugfs directory
[  284.311115][ T9534] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  284.642614][    C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  284.858092][ T9553] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1239'.
[  284.864570][ T9553] netlink: 'syz.2.1239': attribute type 3 has an invalid length.
[  284.868633][ T9553] netlink: 196520 bytes leftover after parsing attributes in process `syz.2.1239'.
[  285.053509][ T9460] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  285.063171][ T9570] netlink: 'syz.2.1241': attribute type 10 has an invalid length.
[  285.084158][ T9570] batman_adv: batadv0: Adding interface: team0
[  285.087429][ T9570] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.099444][ T9570] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  285.104463][ T9460] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  285.118881][ T9460] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  285.125322][ T9570] netlink: 'syz.2.1241': attribute type 10 has an invalid length.
[  285.128360][ T9570] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1241'.
[  285.132282][ T9570] team0: entered promiscuous mode
[  285.134637][ T9570] team_slave_0: entered promiscuous mode
[  285.137837][ T9570] team_slave_1: entered promiscuous mode
[  285.142524][ T9570] 8021q: adding VLAN 0 to HW filter on device team0
[  285.145411][ T9570] batman_adv: batadv0: Interface activated: team0
[  285.147906][ T9570] batman_adv: batadv0: Interface deactivated: team0
[  285.150385][ T9570] batman_adv: batadv0: Removing interface: team0
[  285.173163][ T9570] bridge0: port 3(team0) entered blocking state
[  285.175843][ T9570] bridge0: port 3(team0) entered disabled state
[  285.178573][ T9570] team0: entered allmulticast mode
[  285.180750][ T9570] team_slave_0: entered allmulticast mode
[  285.183332][ T9570] team_slave_1: entered allmulticast mode
[  285.191411][ T9570] bridge0: port 3(team0) entered blocking state
[  285.194355][ T9570] bridge0: port 3(team0) entered listening state
[  285.204948][ T9460] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  285.332332][ T9460] 8021q: adding VLAN 0 to HW filter on device bond0
[  285.353138][ T9460] 8021q: adding VLAN 0 to HW filter on device team0
[  285.363752][  T832] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.366848][  T832] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.375049][ T5343] Bluetooth: hci0: command tx timeout
[  285.382422][ T5379] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.385191][ T5379] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.691655][ T9460] 8021q: adding VLAN 0 to HW filter on device batadv0
[  285.735760][ T9460] veth0_vlan: entered promiscuous mode
[  285.746122][ T9460] veth1_vlan: entered promiscuous mode
[  285.769005][ T9460] veth0_macvtap: entered promiscuous mode
[  285.779921][ T9460] veth1_macvtap: entered promiscuous mode
[  285.825350][ T9460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  285.830752][ T9460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.836556][ T9460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  285.840965][ T9460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.865566][ T9460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  285.870102][ T9460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.874378][ T9460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  285.879407][ T9460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.887323][ T9460] batman_adv: batadv0: Interface activated: batadv_slave_0
[  285.900128][ T9460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  285.905164][ T9460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.909468][ T9460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  285.914143][ T9460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.919098][ T9460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  285.923374][ T9460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.929542][ T9460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  285.930111][   T39] audit: type=1400 audit(1722139605.046:636): avc:  denied  { map } for  pid=9595 comm="syz.3.1244" path="/dev/usbmon0" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  285.933925][ T9460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  285.937310][ T9460] batman_adv: batadv0: Interface activated: batadv_slave_1
[  285.958119][ T9460] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  285.961743][ T9460] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.970211][ T9460] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.973968][ T9460] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  286.018664][ T9600] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  286.035797][ T9600] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1245'.
[  286.046323][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.055050][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.084096][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.087660][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.150907][ T9606] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  286.157728][ T9606] qnx6: wrong signature (magic) in superblock #1.
[  286.160470][ T9606] qnx6: unable to read the first superblock
[  286.207552][ T9609] Bluetooth: MGMT ver 1.23
[  286.210286][   T39] audit: type=1326 audit(1722139605.326:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.0.1248" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe13c977299 code=0x0
[  286.498566][ T9614] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=9614 comm=syz.2.1249
[  286.814455][   T39] audit: type=1400 audit(1722139605.926:638): avc:  denied  { read } for  pid=9621 comm="syz.2.1251" dev="sockfs" ino=31347 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  286.820769][ T9622] 9pnet_fd: Insufficient options for proto=fd
[  287.324642][ T9635] netlink: 'syz.0.1253': attribute type 10 has an invalid length.
[  287.358901][   T39] audit: type=1326 audit(1722139606.476:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9636 comm="syz.2.1255" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1707377299 code=0x0
[  287.374645][ T9635] batman_adv: batadv0: Adding interface: team0
[  287.377804][ T9635] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.390753][ T9635] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  287.399146][ T9629] netlink: 'syz.0.1253': attribute type 10 has an invalid length.
[  287.402471][ T9629] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1253'.
[  287.406163][ T9629] team0: entered promiscuous mode
[  287.407950][ T9629] team_slave_0: entered promiscuous mode
[  287.411045][ T9629] team_slave_1: entered promiscuous mode
[  287.414617][ T9638] FAULT_INJECTION: forcing a failure.
[  287.414617][ T9638] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.418823][ T9629] 8021q: adding VLAN 0 to HW filter on device team0
[  287.422294][ T9638] CPU: 3 UID: 0 PID: 9638 Comm: syz.2.1255 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  287.425980][ T9629] batman_adv: batadv0: Interface activated: team0
[  287.429802][ T9638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  287.429815][ T9638] Call Trace:
[  287.429821][ T9638]  <TASK>
[  287.429827][ T9638]  dump_stack_lvl+0x16c/0x1f0
[  287.429851][ T9638]  should_fail_ex+0x497/0x5b0
[  287.432861][ T9629] batman_adv: batadv0: Interface deactivated: team0
[  287.437529][ T9638]  _copy_to_user+0x30/0xc0
[  287.437553][ T9638]  simple_read_from_buffer+0xd0/0x160
[  287.437573][ T9638]  proc_fail_nth_read+0x1b0/0x290
[  287.437590][ T9638]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  287.439090][ T9629] batman_adv: batadv0: Removing interface: team0
[  287.440491][ T9638]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  287.440510][ T9638]  vfs_read+0x1d4/0xbd0
[  287.466145][ T9638]  ? __fdget_pos+0xeb/0x180
[  287.468053][ T9638]  ? kasan_quarantine_put+0x10a/0x240
[  287.470656][ T9638]  ? __pfx_vfs_read+0x10/0x10
[  287.472744][ T9638]  ? __pfx___mutex_lock+0x10/0x10
[  287.475226][ T9638]  ? __fget_files+0x256/0x400
[  287.477453][ T9638]  ksys_read+0x12f/0x260
[  287.479731][ T9638]  ? __pfx_ksys_read+0x10/0x10
[  287.482156][ T9638]  do_syscall_64+0xcd/0x250
[  287.484538][ T9638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.487742][ T9638] RIP: 0033:0x7f1707375d7c
[  287.490913][ T9638] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  287.499236][ T9638] RSP: 002b:00007f1708063040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  287.502824][ T9638] RAX: ffffffffffffffda RBX: 00007f1707506058 RCX: 00007f1707375d7c
[  287.506845][ T9638] RDX: 000000000000000f RSI: 00007f17080630b0 RDI: 0000000000000004
[  287.510839][ T9638] RBP: 00007f17080630a0 R08: 0000000000000000 R09: 0000000000000000
[  287.514656][ T9638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.518366][ T9638] R13: 000000000000006e R14: 00007f1707506058 R15: 00007fff7da13d38
[  287.521737][ T9638]  </TASK>
[  287.534871][ T5345] Bluetooth: hci0: command tx timeout
[  287.554011][ T9629] bridge0: port 3(team0) entered blocking state
[  287.557376][ T9629] bridge0: port 3(team0) entered disabled state
[  287.560157][ T9629] team0: entered allmulticast mode
[  287.563961][ T9629] team_slave_0: entered allmulticast mode
[  287.566614][ T9629] team_slave_1: entered allmulticast mode
[  287.571375][ T9629] bridge0: port 3(team0) entered blocking state
[  287.574356][ T9629] bridge0: port 3(team0) entered forwarding state
[  288.126066][ T9666] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  288.177466][ T9665] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  288.200209][ T9665] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1264'.
[  288.361778][ T9674] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  288.373816][ T9674] qnx6: wrong signature (magic) in superblock #1.
[  288.377981][ T9674] qnx6: unable to read the first superblock
[  288.380566][   T39] audit: type=1400 audit(1722139607.496:640): avc:  denied  { write } for  pid=9670 comm="syz.1.1266" name="nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  288.671939][ T9678] FAULT_INJECTION: forcing a failure.
[  288.671939][ T9678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.677748][ T9678] CPU: 2 UID: 0 PID: 9678 Comm: syz.3.1269 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  288.682435][ T9678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  288.686972][ T9678] Call Trace:
[  288.688450][ T9678]  <TASK>
[  288.689847][ T9678]  dump_stack_lvl+0x16c/0x1f0
[  288.692001][ T9678]  should_fail_ex+0x497/0x5b0
[  288.694502][ T9678]  _copy_to_user+0x30/0xc0
[  288.696540][ T9678]  simple_read_from_buffer+0xd0/0x160
[  288.699151][ T9678]  proc_fail_nth_read+0x1b0/0x290
[  288.701348][ T9678]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.703699][ T9678]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.706026][ T9678]  vfs_read+0x1d4/0xbd0
[  288.707820][ T9678]  ? __fdget_pos+0xeb/0x180
[  288.709869][ T9678]  ? __pfx_vfs_read+0x10/0x10
[  288.712299][ T9678]  ? __pfx___mutex_lock+0x10/0x10
[  288.714584][ T9678]  ? __fget_files+0x256/0x400
[  288.716562][ T9678]  ksys_read+0x12f/0x260
[  288.718387][ T9678]  ? __pfx_ksys_read+0x10/0x10
[  288.720524][ T9678]  do_syscall_64+0xcd/0x250
[  288.722479][ T9678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.725531][ T9678] RIP: 0033:0x7f75b9975d7c
[  288.727827][ T9678] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  288.737826][ T9678] RSP: 002b:00007f75ba7f8040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  288.742050][ T9678] RAX: ffffffffffffffda RBX: 00007f75b9b05f80 RCX: 00007f75b9975d7c
[  288.745732][ T9678] RDX: 000000000000000f RSI: 00007f75ba7f80b0 RDI: 0000000000000003
[  288.749727][ T9678] RBP: 00007f75ba7f80a0 R08: 0000000000000000 R09: 0000000000000000
[  288.753510][ T9678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.757096][ T9678] R13: 000000000000000b R14: 00007f75b9b05f80 R15: 00007ffc733350a8
[  288.760711][ T9678]  </TASK>
[  288.820658][   T39] audit: type=1326 audit(1722139607.936:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9672 comm="syz.0.1267" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe13c977299 code=0x0
[  289.225830][ T5345] Bluetooth: hci4: command 0x0406 tx timeout
[  289.329835][ T9694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1274'.
[  289.335866][ T9694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1274'.
[  289.340738][ T9694] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1274'.
[  289.605092][ T9697] process 'syz.0.1275' launched './file1' with NULL argv: empty string added
[  289.609051][   T39] audit: type=1400 audit(1722139608.716:642): avc:  denied  { execute } for  pid=9695 comm="syz.0.1275" name="file1" dev="ramfs" ino=29596 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  289.628806][   T39] audit: type=1400 audit(1722139608.746:643): avc:  denied  { execute_no_trans } for  pid=9695 comm="syz.0.1275" path="/9/file0/file1" dev="ramfs" ino=29596 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  289.708489][ T9701] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  289.726515][ T9701] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1276'.
[  289.834336][ T9704] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  289.848716][ T9704] qnx6: wrong signature (magic) in superblock #1.
[  289.855541][ T9704] qnx6: unable to read the first superblock
[  290.310744][   T39] audit: type=1326 audit(1722139609.426:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9717 comm="syz.1.1282" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe431b77299 code=0x0
[  290.475035][  T834] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  290.668158][  T834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  290.673608][  T834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  290.679739][  T834] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  290.687220][  T834] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  290.691770][  T834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.700602][  T834] usb 5-1: config 0 descriptor??
[  290.703764][ T9720] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  290.879052][   T39] audit: type=1400 audit(1722139609.996:645): avc:  denied  { write } for  pid=9726 comm="syz.3.1285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  291.042124][ T9729] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  291.052994][ T9729] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1286'.
[  291.082217][ T9731] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=9731 comm=syz.3.1287
[  291.101722][ T9734] FAULT_INJECTION: forcing a failure.
[  291.101722][ T9734] name failslab, interval 1, probability 0, space 0, times 0
[  291.109711][ T9734] CPU: 0 UID: 0 PID: 9734 Comm: syz.1.1288 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  291.114803][ T9734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  291.119417][ T9734] Call Trace:
[  291.120572][ T9734]  <TASK>
[  291.121654][ T9734]  dump_stack_lvl+0x16c/0x1f0
[  291.123712][ T9734]  should_fail_ex+0x497/0x5b0
[  291.126050][ T9734]  should_failslab+0xc2/0x120
[  291.128097][ T9734]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  291.130587][ T9734]  ? __build_skb+0x3f/0x90
[  291.132744][ T9734]  __build_skb+0x3f/0x90
[  291.134287][ T9734]  netlink_alloc_large_skb+0xb5/0x130
[  291.136440][ T9734]  netlink_sendmsg+0x689/0xd70
[  291.138474][ T9734]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.140709][ T9734]  sock_sendmsg+0x3cb/0x470
[  291.142664][ T9734]  ? pipe_lock+0x64/0x80
[  291.144696][ T9734]  ? __pfx_sock_sendmsg+0x10/0x10
[  291.146895][ T9734]  ? __pfx_lock_release+0x10/0x10
[  291.149072][ T9734]  splice_to_socket+0xab2/0x1040
[  291.150749][ T9734]  ? __pfx_splice_to_socket+0x10/0x10
[  291.152985][ T9734]  ? mark_lock+0xb5/0xc60
[  291.154914][ T9734]  ? inode_has_perm+0x16f/0x1d0
[  291.156915][ T9734]  ? security_file_permission+0x98/0xc0
[  291.159210][ T9734]  ? __pfx_splice_to_socket+0x10/0x10
[  291.161468][ T9734]  do_splice+0x148c/0x1f90
[  291.163327][ T9734]  ? find_held_lock+0x2d/0x110
[  291.164968][ T9734]  ? __pfx_do_splice+0x10/0x10
[  291.167312][ T9734]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  291.170159][ T9734]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  291.172758][ T9734]  __do_splice+0x327/0x360
[  291.174695][ T9734]  ? __pfx___do_splice+0x10/0x10
[  291.176840][ T9734]  __x64_sys_splice+0x1d2/0x260
[  291.178988][ T9734]  do_syscall_64+0xcd/0x250
[  291.181202][ T9734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.184252][ T9734] RIP: 0033:0x7fe431b77299
[  291.186217][ T9734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.194273][ T9734] RSP: 002b:00007fe43299d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  291.197418][ T9734] RAX: ffffffffffffffda RBX: 00007fe431d05f80 RCX: 00007fe431b77299
[  291.200375][ T9734] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003
[  291.203117][ T9734] RBP: 00007fe43299d0a0 R08: 0000000000010500 R09: 0000000000000000
[  291.206893][ T9734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.210145][ T9734] R13: 000000000000000b R14: 00007fe431d05f80 R15: 00007ffdc7141f58
[  291.213353][ T9734]  </TASK>
[  291.441073][ T9744] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1292'.
[  291.446160][ T9744] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1292'.
[  291.450130][ T9744] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1292'.
[  291.717644][ T9754] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  291.885367][   T39] audit: type=1326 audit(1722139611.006:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.3.1294" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75b9977299 code=0x0
[  292.223973][  T834] usbhid 5-1:0.0: can't add hid device: -71
[  292.226564][  T834] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  292.232329][  T834] usb 5-1: USB disconnect, device number 4
[  292.687644][ T9774] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1300'.
[  292.694252][ T9774] netlink: 'syz.1.1300': attribute type 3 has an invalid length.
[  292.698625][ T9774] netlink: 196520 bytes leftover after parsing attributes in process `syz.1.1300'.
[  292.872805][   T39] audit: type=1400 audit(1722139611.986:647): avc:  denied  { ioctl } for  pid=9777 comm="syz.3.1302" path="/dev/vhost-net" dev="devtmpfs" ino=1117 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  293.041390][   T39] audit: type=1400 audit(1722139612.146:648): avc:  denied  { ioctl } for  pid=9781 comm="syz.0.1303" path="socket:[29656]" dev="sockfs" ino=29656 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  293.088561][   T39] audit: type=1400 audit(1722139612.206:649): avc:  denied  { getopt } for  pid=9781 comm="syz.0.1303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  293.146641][ T9788] input: syz0 as /devices/virtual/input/input14
[  293.324271][ T9795] FAULT_INJECTION: forcing a failure.
[  293.324271][ T9795] name failslab, interval 1, probability 0, space 0, times 0
[  293.349975][ T9795] CPU: 0 UID: 0 PID: 9795 Comm: syz.0.1308 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  293.354891][ T9795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  293.360033][ T9795] Call Trace:
[  293.361674][ T9795]  <TASK>
[  293.363015][ T9795]  dump_stack_lvl+0x16c/0x1f0
[  293.365887][ T9795]  should_fail_ex+0x497/0x5b0
[  293.368342][ T9795]  should_failslab+0xc2/0x120
[  293.370502][ T9795]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  293.372880][ T9795]  ? __build_skb+0x3f/0x90
[  293.374597][ T9795]  __build_skb+0x3f/0x90
[  293.376707][ T9795]  build_skb+0x22/0x280
[  293.378546][ T9795]  __tun_build_skb+0x2c/0x340
[  293.380364][ T9795]  tun_build_skb.constprop.0+0x8bf/0x1390
[  293.383497][ T9795]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  293.392066][ T9795]  ? __pfx___lock_acquire+0x10/0x10
[  293.394402][ T9795]  ? __pfx_mark_lock+0x10/0x10
[  293.400601][ T9795]  tun_get_user+0x888/0x3c30
[  293.402547][ T9795]  ? __pfx_tun_get_user+0x10/0x10
[  293.404664][ T9795]  ? find_held_lock+0x2d/0x110
[  293.406871][ T9795]  ? __pfx_lock_release+0x10/0x10
[  293.408831][ T9795]  tun_chr_write_iter+0xe8/0x210
[  293.410693][ T9795]  vfs_write+0x6b6/0x1140
[  293.412550][ T9795]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  293.414875][ T9795]  ? __pfx_vfs_write+0x10/0x10
[  293.416961][ T9795]  ? __fget_files+0x256/0x400
[  293.419215][ T9795]  ? __fget_light+0x173/0x210
[  293.421264][ T9795]  ksys_write+0x12f/0x260
[  293.423112][ T9795]  ? __pfx_ksys_write+0x10/0x10
[  293.425212][ T9795]  do_syscall_64+0xcd/0x250
[  293.427107][ T9795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.429634][ T9795] RIP: 0033:0x7fe13c975e1f
[  293.431520][ T9795] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  293.440434][ T9795] RSP: 002b:00007fe13d741010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  293.443334][ T9795] RAX: ffffffffffffffda RBX: 00007fe13cb05f80 RCX: 00007fe13c975e1f
[  293.446644][ T9795] RDX: 0000000000000012 RSI: 0000000020000000 RDI: 00000000000000c8
[  293.449908][ T9795] RBP: 00007fe13d7410a0 R08: 0000000000000000 R09: 0000000000000000
[  293.452994][ T9795] R10: 0000000000000012 R11: 0000000000000293 R12: 0000000000000001
[  293.456709][ T9795] R13: 000000000000000b R14: 00007fe13cb05f80 R15: 00007fffbecaf0f8
[  293.459479][ T9795]  </TASK>
[  293.460937][    C0] vkms_vblank_simulate: vblank timer overrun
[  293.644950][   T39] audit: type=1400 audit(1722139612.756:650): avc:  denied  { mounton } for  pid=9797 comm="syz.0.1309" path="/14/file0/file0" dev="9p" ino=36701659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  294.204581][ T9810] lo speed is unknown, defaulting to 1000
[  294.354890][ T5160] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  294.568432][ T5160] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  294.579947][ T9819] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1316'.
[  294.584702][ T5160] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  294.590754][ T5160] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  294.624854][ T5160] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  294.628832][ T5160] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.639889][ T9819] netlink: 'syz.3.1316': attribute type 3 has an invalid length.
[  294.643372][ T5160] usb 7-1: config 0 descriptor??
[  294.643376][ T9819] netlink: 196520 bytes leftover after parsing attributes in process `syz.3.1316'.
[  294.645930][ T9808] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  295.201068][ T5345] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  295.212098][ T5345] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  295.216473][ T5345] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  295.227435][ T5345] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  295.232118][ T5345] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  295.239975][ T5345] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  295.269769][   T40] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.356175][ T9823] lo speed is unknown, defaulting to 1000
[  295.436234][   T40] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.550609][   T40] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.672123][   T40] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.808135][ T5160] usbhid 7-1:0.0: can't add hid device: -71
[  295.810827][ T5160] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  295.818804][ T9823] chnl_net:caif_netlink_parms(): no params data found
[  295.826191][ T5160] usb 7-1: USB disconnect, device number 10
[  295.974683][ T9841] FAULT_INJECTION: forcing a failure.
[  295.974683][ T9841] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.981045][ T9841] CPU: 2 UID: 0 PID: 9841 Comm: syz.3.1322 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  295.986082][ T9841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.990502][ T9841] Call Trace:
[  295.991794][ T9841]  <TASK>
[  295.993103][ T9841]  dump_stack_lvl+0x16c/0x1f0
[  295.995210][ T9841]  should_fail_ex+0x497/0x5b0
[  295.997323][ T9841]  _copy_to_user+0x30/0xc0
[  295.999305][ T9841]  simple_read_from_buffer+0xd0/0x160
[  296.001669][ T9841]  proc_fail_nth_read+0x1b0/0x290
[  296.003771][ T9841]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  296.006138][ T9841]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  296.008490][ T9841]  vfs_read+0x1d4/0xbd0
[  296.010260][ T9841]  ? __fdget_pos+0xeb/0x180
[  296.012198][ T9841]  ? __pfx_vfs_read+0x10/0x10
[  296.014342][ T9841]  ? __pfx___mutex_lock+0x10/0x10
[  296.016588][ T9841]  ? __fget_files+0x256/0x400
[  296.018640][ T9841]  ksys_read+0x12f/0x260
[  296.020497][ T9841]  ? __pfx_ksys_read+0x10/0x10
[  296.022600][ T9841]  do_syscall_64+0xcd/0x250
[  296.024569][ T9841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.026826][ T9841] RIP: 0033:0x7f75b9975d7c
[  296.028559][ T9841] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  296.035551][ T9841] RSP: 002b:00007f75ba7f8040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  296.038584][ T9841] RAX: ffffffffffffffda RBX: 00007f75b9b05f80 RCX: 00007f75b9975d7c
[  296.042063][ T9841] RDX: 000000000000000f RSI: 00007f75ba7f80b0 RDI: 0000000000000004
[  296.045591][ T9841] RBP: 00007f75ba7f80a0 R08: 0000000000000000 R09: 0000000000000000
[  296.049056][ T9841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.052303][ T9841] R13: 000000000000000b R14: 00007f75b9b05f80 R15: 00007ffc733350a8
[  296.055606][ T9841]  </TASK>
[  296.071089][ T9823] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.074257][ T9823] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.082996][ T9823] bridge_slave_0: entered allmulticast mode
[  296.092641][ T9823] bridge_slave_0: entered promiscuous mode
[  296.099103][ T9823] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.103846][ T9823] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.107781][ T9823] bridge_slave_1: entered allmulticast mode
[  296.113429][ T9823] bridge_slave_1: entered promiscuous mode
[  296.157305][   T39] audit: type=1400 audit(1722139615.276:651): avc:  denied  { read } for  pid=9847 comm="syz.3.1325" name="/" dev="configfs" ino=2151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  296.159480][ T5345] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  296.167938][   T39] audit: type=1400 audit(1722139615.276:652): avc:  denied  { open } for  pid=9847 comm="syz.3.1325" path="/216/file0" dev="configfs" ino=2151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  296.244507][ T9823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.256213][ T9823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.359761][ T9823] team0: Port device team_slave_0 added
[  296.371032][ T9823] team0: Port device team_slave_1 added
[  296.463832][   T40] team0: left allmulticast mode
[  296.466039][   T40] team_slave_0: left allmulticast mode
[  296.468867][   T40] team_slave_1: left allmulticast mode
[  296.472245][   T40] bridge0: port 3(team0) entered disabled state
[  296.479652][   T40] bridge_slave_1: left allmulticast mode
[  296.482174][   T40] bridge_slave_1: left promiscuous mode
[  296.485392][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.491435][   T40] bridge_slave_0: left allmulticast mode
[  296.493869][   T40] bridge_slave_0: left promiscuous mode
[  296.497392][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.634532][   T39] audit: type=1326 audit(1722139615.746:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9870 comm="syz.3.1326" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75b9977299 code=0x0
[  296.760459][   T39] audit: type=1400 audit(1722139615.876:654): avc:  denied  { mount } for  pid=9877 comm="syz.2.1329" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  296.772760][   T39] audit: type=1400 audit(1722139615.886:655): avc:  denied  { unmount } for  pid=9877 comm="syz.2.1329" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  296.871868][   T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  296.878824][   T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  296.894158][   T40] bond0 (unregistering): Released all slaves
[  296.903371][ T9823] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.907904][ T9823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.920366][ T9823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.927248][ T9823] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.931947][ T9823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.957582][ T9823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  297.124394][ T9883] afs: Unknown parameter ''
[  297.202531][ T9823] hsr_slave_0: entered promiscuous mode
[  297.206330][ T9823] hsr_slave_1: entered promiscuous mode
[  297.209619][ T9823] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  297.214313][ T9823] Cannot create hsr debugfs directory
[  297.296087][ T5345] Bluetooth: hci0: command tx timeout
[  297.628808][   T39] audit: type=1326 audit(1722139616.746:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9899 comm="syz.3.1333" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75b9977299 code=0x0
[  297.702380][   T40] hsr_slave_0: left promiscuous mode
[  297.712320][   T40] hsr_slave_1: left promiscuous mode
[  297.716563][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  297.719863][   T40] batman_adv: batadv0: Removing interface: batadv_slave_0
[  297.723740][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.727017][   T40] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.777423][   T40] veth1_macvtap: left promiscuous mode
[  297.779876][   T40] veth0_macvtap: left promiscuous mode
[  297.782640][   T40] veth1_vlan: left promiscuous mode
[  297.789871][   T40] veth0_vlan: left promiscuous mode
[  298.217060][ T9919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1336'.
[  298.282133][ T9920] netlink: 'syz.1.1336': attribute type 3 has an invalid length.
[  298.288303][ T9920] netlink: 196520 bytes leftover after parsing attributes in process `syz.1.1336'.
[  298.633915][   T39] audit: type=1400 audit(1722139617.746:657): avc:  denied  { bind } for  pid=9924 comm="syz.2.1338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  298.645108][   T39] audit: type=1400 audit(1722139617.756:658): avc:  denied  { write } for  pid=9924 comm="syz.2.1338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  299.282117][   T40] team_slave_1 (unregistering): left promiscuous mode
[  299.300094][   T40] team0 (unregistering): Port device team_slave_1 removed
[  299.375070][ T5345] Bluetooth: hci0: command tx timeout
[  299.435919][   T40] team_slave_0 (unregistering): left promiscuous mode
[  299.440455][   T40] team0 (unregistering): Port device team_slave_0 removed
[  300.578280][    C0] bridge0: port 3(team0) entered learning state
[  301.080748][ T9823] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  301.099647][ T9823] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  301.115235][ T9823] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  301.125917][ T9823] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  301.325391][ T9823] 8021q: adding VLAN 0 to HW filter on device bond0
[  301.353606][ T9823] 8021q: adding VLAN 0 to HW filter on device team0
[  301.366669][   T30] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.369856][   T30] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.383488][   T30] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.386404][   T30] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.466899][ T5345] Bluetooth: hci0: command tx timeout
[  301.644870][   T39] audit: type=1400 audit(1722139620.756:659): avc:  denied  { sqpoll } for  pid=9993 comm="syz.2.1347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  301.649399][ T9823] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.761104][ T9823] veth0_vlan: entered promiscuous mode
[  301.776587][ T9823] veth1_vlan: entered promiscuous mode
[  301.874261][ T9823] veth0_macvtap: entered promiscuous mode
[  301.926366][ T9823] veth1_macvtap: entered promiscuous mode
[  301.958988][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.963056][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.973402][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.978480][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.984155][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.988957][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.993090][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.001041][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.007077][ T9823] batman_adv: batadv0: Interface activated: batadv_slave_0
[  302.017748][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.022217][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.029111][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.033657][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.039428][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.044844][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.049337][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.054989][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.060779][ T9823] batman_adv: batadv0: Interface activated: batadv_slave_1
[  302.069166][ T9823] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  302.072920][ T9823] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  302.076510][ T9823] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  302.080115][ T9823] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  302.103766][T10011] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1350'.
[  302.111298][T10011] netlink: 'syz.3.1350': attribute type 3 has an invalid length.
[  302.114757][T10011] netlink: 196520 bytes leftover after parsing attributes in process `syz.3.1350'.
[  302.237913][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.241530][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.315801][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.319759][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.418904][T10018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1319'.
[  302.427033][T10018] netlink: 'syz.0.1319': attribute type 3 has an invalid length.
[  302.430516][T10018] netlink: 196520 bytes leftover after parsing attributes in process `syz.0.1319'.
[  303.196018][T10025] netlink: 'syz.1.1354': attribute type 10 has an invalid length.
[  303.201590][T10025] netlink: 'syz.1.1354': attribute type 10 has an invalid length.
[  303.207231][T10025] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1354'.
[  303.211154][T10025] team0: entered promiscuous mode
[  303.217155][T10025] team_slave_0: entered promiscuous mode
[  303.225162][T10025] team_slave_1: entered promiscuous mode
[  303.232217][T10025] 8021q: adding VLAN 0 to HW filter on device team0
[  303.239936][T10025] batman_adv: batadv0: Interface activated: team0
[  303.271245][T10025] batman_adv: batadv0: Interface deactivated: team0
[  303.282225][T10025] batman_adv: batadv0: Removing interface: team0
[  303.317070][T10025] bridge0: port 3(team0) entered blocking state
[  303.331974][T10025] bridge0: port 3(team0) entered disabled state
[  303.336849][T10025] team0: entered allmulticast mode
[  303.339698][T10025] team_slave_0: entered allmulticast mode
[  303.345471][T10025] team_slave_1: entered allmulticast mode
[  303.359931][T10025] bridge0: port 3(team0) entered blocking state
[  303.362958][T10025] bridge0: port 3(team0) entered listening state
[  303.535136][ T5345] Bluetooth: hci0: command tx timeout
[  304.054687][   T39] audit: type=1400 audit(1722139623.166:660): avc:  denied  { listen } for  pid=10035 comm="syz.1.1357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  304.066846][   T39] audit: type=1400 audit(1722139623.186:661): avc:  denied  { accept } for  pid=10035 comm="syz.1.1357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  304.251720][T10039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1358'.
[  304.263934][T10039] netlink: 'syz.2.1358': attribute type 3 has an invalid length.
[  304.268885][T10039] netlink: 196520 bytes leftover after parsing attributes in process `syz.2.1358'.
[  304.385723][T10043] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  304.460975][T10045] FAULT_INJECTION: forcing a failure.
[  304.460975][T10045] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.467492][T10045] CPU: 0 UID: 0 PID: 10045 Comm: syz.0.1361 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  304.472061][T10045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  304.476763][T10045] Call Trace:
[  304.478256][T10045]  <TASK>
[  304.479569][T10045]  dump_stack_lvl+0x16c/0x1f0
[  304.481644][T10045]  should_fail_ex+0x497/0x5b0
[  304.483750][T10045]  _copy_to_user+0x30/0xc0
[  304.485853][T10045]  simple_read_from_buffer+0xd0/0x160
[  304.488242][T10045]  proc_fail_nth_read+0x1b0/0x290
[  304.490466][T10045]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  304.492837][T10045]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  304.495263][T10045]  vfs_read+0x1d4/0xbd0
[  304.497150][T10045]  ? __fdget_pos+0xeb/0x180
[  304.499186][T10045]  ? __pfx_vfs_read+0x10/0x10
[  304.501361][T10045]  ? __pfx___mutex_lock+0x10/0x10
[  304.504215][T10045]  ? __fget_files+0x256/0x400
[  304.506038][T10045]  ksys_read+0x12f/0x260
[  304.507854][T10045]  ? __pfx_ksys_read+0x10/0x10
[  304.509873][T10045]  do_syscall_64+0xcd/0x250
[  304.511444][T10045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.513454][T10045] RIP: 0033:0x7f98b4375d7c
[  304.515077][T10045] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  304.522087][T10045] RSP: 002b:00007f98b519a040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  304.525563][T10045] RAX: ffffffffffffffda RBX: 00007f98b4505f80 RCX: 00007f98b4375d7c
[  304.528722][T10045] RDX: 000000000000000f RSI: 00007f98b519a0b0 RDI: 0000000000000004
[  304.531822][T10045] RBP: 00007f98b519a0a0 R08: 0000000000000000 R09: 0000000000000000
[  304.534676][T10045] R10: 0000000020001c80 R11: 0000000000000246 R12: 0000000000000001
[  304.537923][T10045] R13: 000000000000000b R14: 00007f98b4505f80 R15: 00007ffd219ac3e8
[  304.541244][T10045]  </TASK>
[  304.675317][   T35] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  304.730820][T10051] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1364'.
[  304.741707][T10051] netlink: 'syz.0.1364': attribute type 3 has an invalid length.
[  304.745386][T10051] netlink: 196520 bytes leftover after parsing attributes in process `syz.0.1364'.
[  304.858659][   T35] usb 7-1: Using ep0 maxpacket: 16
[  304.863051][   T35] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA5, changing to 0x85
[  304.868328][   T35] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 104
[  304.874836][   T35] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  304.878954][   T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.882683][   T35] usb 7-1: Product: syz
[  304.884570][   T35] usb 7-1: Manufacturer: syz
[  304.886920][   T35] usb 7-1: SerialNumber: syz
[  304.893679][   T35] usb 7-1: config 0 descriptor??
[  304.897989][T10042] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  304.904344][   T35] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input15
[  304.920231][    C3] usbtouchscreen 7-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -1
[  304.932999][    C2] usbtouchscreen 7-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -1
[  304.934263][T10054] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1365'.
[  304.958292][T10054] netlink: 'syz.1.1365': attribute type 3 has an invalid length.
[  304.964146][T10054] netlink: 196520 bytes leftover after parsing attributes in process `syz.1.1365'.
[  305.101806][T10042] FAULT_INJECTION: forcing a failure.
[  305.101806][T10042] name failslab, interval 1, probability 0, space 0, times 0
[  305.107112][T10042] CPU: 3 UID: 0 PID: 10042 Comm: syz.2.1360 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  305.110990][T10042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  305.115338][T10042] Call Trace:
[  305.116595][T10042]  <TASK>
[  305.117683][T10042]  dump_stack_lvl+0x16c/0x1f0
[  305.119527][T10042]  should_fail_ex+0x497/0x5b0
[  305.121551][T10042]  ? fs_reclaim_acquire+0xae/0x160
[  305.123919][T10042]  should_failslab+0xc2/0x120
[  305.125818][T10042]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  305.127825][T10042]  ? alloc_empty_file+0x73/0x1e0
[  305.129659][T10042]  ? __lock_acquire+0xbdd/0x3cb0
[  305.131717][T10042]  alloc_empty_file+0x73/0x1e0
[  305.133966][T10042]  path_openat+0xe0/0x2d20
[  305.137085][T10042]  ? hlock_class+0x4e/0x130
[  305.139918][T10042]  ? __lock_acquire+0x1620/0x3cb0
[  305.143268][T10042]  ? __pfx_path_openat+0x10/0x10
[  305.146922][T10042]  ? __pfx___lock_acquire+0x10/0x10
[  305.150073][T10042]  ? find_held_lock+0x2d/0x110
[  305.153082][T10042]  do_filp_open+0x1dc/0x430
[  305.156960][T10042]  ? __pfx_do_filp_open+0x10/0x10
[  305.159681][T10042]  ? find_held_lock+0x2d/0x110
[  305.162290][T10042]  ? _raw_spin_unlock+0x28/0x50
[  305.165336][T10042]  ? alloc_fd+0x2d7/0x6c0
[  305.169037][T10042]  do_sys_openat2+0x17a/0x1e0
[  305.171900][T10042]  ? __pfx_do_sys_openat2+0x10/0x10
[  305.175844][T10042]  __x64_sys_openat+0x175/0x210
[  305.178862][T10042]  ? __pfx___x64_sys_openat+0x10/0x10
[  305.182806][T10042]  ? ksys_write+0x1ab/0x260
[  305.186499][T10042]  do_syscall_64+0xcd/0x250
[  305.188643][T10042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.191149][T10042] RIP: 0033:0x7f1707375cd0
[  305.193229][T10042] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 79 8d 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 cc 8d 02 00 8b 44
[  305.201659][T10042] RSP: 002b:00007f1708083b80 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  305.205361][T10042] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1707375cd0
[  305.208923][T10042] RDX: 0000000000000000 RSI: 00007f1708083c20 RDI: 00000000ffffff9c
[  305.212327][T10042] RBP: 00007f1708083c20 R08: 0000000000000000 R09: 0000000000000000
[  305.215796][T10042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  305.218951][T10042] R13: 000000000000000b R14: 00007f1707505f80 R15: 00007fff7da13d38
[  305.222155][T10042]  </TASK>
[  305.277255][ T5379] usb 7-1: USB disconnect, device number 11
[  305.570447][T10059] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  305.589275][   T40] Bluetooth: hci3: Frame reassembly failed (-84)
[  306.823445][T10076] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  306.830076][   T39] audit: type=1400 audit(1722139625.946:662): avc:  denied  { shutdown } for  pid=10072 comm="syz.0.1372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  307.535380][    C3] ==================================================================
[  307.538919][    C3] BUG: KASAN: stack-out-of-bounds in xdp_do_check_flushed+0x41c/0x4e0
[  307.542154][    C3] Read of size 4 at addr ffffc900033dfa50 by task syz.0.1372/10077
[  307.548868][    C3] 
[  307.549924][    C3] CPU: 3 UID: 0 PID: 10077 Comm: syz.0.1372 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  307.554019][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  307.558530][    C3] Call Trace:
[  307.559987][    C3]  <IRQ>
[  307.561226][    C3]  dump_stack_lvl+0x116/0x1f0
[  307.563031][    C3]  print_report+0xc3/0x620
[  307.564961][    C3]  ? __virt_addr_valid+0x5e/0x590
[  307.566950][    C3]  kasan_report+0xd9/0x110
[  307.568851][    C3]  ? xdp_do_check_flushed+0x41c/0x4e0
[  307.571224][    C3]  ? xdp_do_check_flushed+0x41c/0x4e0
[  307.573238][    C3]  xdp_do_check_flushed+0x41c/0x4e0
[  307.575264][    C3]  __napi_poll.constprop.0+0xd1/0x550
[  307.577577][    C3]  net_rx_action+0xa92/0x1010
[  307.579347][    C3]  ? __pfx_net_rx_action+0x10/0x10
[  307.581194][    C3]  ? __pfx_mark_lock+0x10/0x10
[  307.583304][    C3]  ? sched_balance_domains+0x285/0xec0
[  307.585526][    C3]  ? mark_held_locks+0x9f/0xe0
[  307.587452][    C3]  handle_softirqs+0x216/0x8f0
[  307.589650][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[  307.592147][    C3]  irq_exit_rcu+0xbb/0x120
[  307.594309][    C3]  sysvec_apic_timer_interrupt+0x95/0xb0
[  307.596922][    C3]  </IRQ>
[  307.598012][    C3]  <TASK>
[  307.599135][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.601698][    C3] RIP: 0010:write_comp_data+0x11/0x90
[  307.604081][    C3] Code: cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 49 89 d2 49 89 f8 49 89 f1 65 48 8b 15 3f 52 79 7e <65> 8b 05 40 52 79 7e a9 00 01 ff 00 74 0f f6 c4 01 74 59 8b 82 1c
[  307.611032][    C3] RSP: 0018:ffffc900033deeb0 EFLAGS: 00000202
[  307.613327][    C3] RAX: 0000000000000000 RBX: ffffc900033def38 RCX: ffffffff813ce4f2
[  307.616340][    C3] RDX: ffff888021820000 RSI: 0000000000000000 RDI: 0000000000000001
[  307.619000][    C3] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  307.622045][    C3] R10: 0000000000000002 R11: 0000000000000000 R12: ffffffff90aed7b4
[  307.625102][    C3] R13: ffffffff90aed7b9 R14: 0000000000000002 R15: ffffc900033def6d
[  307.628011][    C3]  ? unwind_next_frame+0x5f2/0x23a0
[  307.629781][    C3]  unwind_next_frame+0x5f2/0x23a0
[  307.631505][    C3]  ? exit_mmap+0x1b8/0xb20
[  307.633035][    C3]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  307.635121][    C3]  arch_stack_walk+0x100/0x170
[  307.637676][    C3]  ? exit_mmap+0x1b8/0xb20
[  307.639713][    C3]  stack_trace_save+0x95/0xd0
[  307.642146][    C3]  ? __pfx_stack_trace_save+0x10/0x10
[  307.644342][    C3]  save_stack+0x162/0x1f0
[  307.646029][    C3]  ? __pfx_save_stack+0x10/0x10
[  307.648057][    C3]  ? __pfx_lock_acquire+0x10/0x10
[  307.649991][    C3]  ? free_unref_folios+0x9e9/0x1390
[  307.652026][    C3]  ? folios_put_refs+0x560/0x760
[  307.653985][    C3]  ? free_pages_and_swap_cache+0x36d/0x510
[  307.656529][    C3]  ? __tlb_batch_free_encoded_pages+0xf9/0x290
[  307.659352][    C3]  ? tlb_flush_mmu+0xe9/0x590
[  307.661244][    C3]  ? unmap_page_range+0x1c88/0x3c10
[  307.663258][    C3]  ? unmap_single_vma+0x194/0x2b0
[  307.665282][    C3]  ? unmap_vmas+0x22f/0x490
[  307.666959][    C3]  ? exit_mmap+0x1b8/0xb20
[  307.668689][    C3]  __reset_page_owner+0x8d/0x400
[  307.670620][    C3]  free_unref_folios+0x9e9/0x1390
[  307.672594][    C3]  folios_put_refs+0x560/0x760
[  307.674469][    C3]  ? __pfx_folios_put_refs+0x10/0x10
[  307.676637][    C3]  ? lru_add_drain_cpu+0x454/0x860
[  307.677446][ T5343] Bluetooth: hci3: command 0x1003 tx timeout
[  307.678641][    C3]  ? prepare_alloc_pages.constprop.0+0x412/0x560
[  307.678661][    C3]  free_pages_and_swap_cache+0x36d/0x510
[  307.686032][    C3]  ? __pfx_free_pages_and_swap_cache+0x10/0x10
[  307.688424][    C3]  ? __pfx_tlb_is_not_lazy+0x10/0x10
[  307.690506][    C3]  ? __pfx___might_resched+0x10/0x10
[  307.692236][ T5345] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  307.692556][    C3]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  307.692581][    C3]  tlb_flush_mmu+0xe9/0x590
[  307.692594][    C3]  unmap_page_range+0x1c88/0x3c10
[  307.701272][    C3]  ? __pfx_unmap_page_range+0x10/0x10
[  307.703335][    C3]  ? uprobe_munmap+0x20/0x5d0
[  307.705046][    C3]  unmap_single_vma+0x194/0x2b0
[  307.706705][    C3]  unmap_vmas+0x22f/0x490
[  307.708570][    C3]  ? __pfx_unmap_vmas+0x10/0x10
[  307.710461][    C3]  ? __pfx_lock_release+0x10/0x10
[  307.712430][    C3]  ? lru_add_drain_cpu+0x454/0x860
[  307.714541][    C3]  exit_mmap+0x1b8/0xb20
[  307.716207][    C3]  ? __pfx_exit_mmap+0x10/0x10
[  307.718113][    C3]  __mmput+0x12a/0x480
[  307.719695][    C3]  mmput+0x62/0x70
[  307.721162][    C3]  do_exit+0x9bf/0x2bb0
[  307.722701][    C3]  ? get_signal+0x8f2/0x2770
[  307.724466][    C3]  ? __pfx_do_exit+0x10/0x10
[  307.726071][    C3]  ? do_raw_spin_lock+0x12d/0x2c0
[  307.727795][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  307.729612][    C3]  do_group_exit+0xd3/0x2a0
[  307.731166][    C3]  get_signal+0x25fd/0x2770
[  307.733082][    C3]  ? __pfx_get_signal+0x10/0x10
[  307.735045][    C3]  ? __pfx_do_futex+0x10/0x10
[  307.737040][    C3]  arch_do_signal_or_restart+0x90/0x7e0
[  307.739491][    C3]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  307.741879][    C3]  syscall_exit_to_user_mode+0x150/0x2a0
[  307.744118][    C3]  do_syscall_64+0xda/0x250
[  307.745970][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.748263][    C3] RIP: 0033:0x7f98b4377299
[  307.750009][    C3] Code: Unable to access opcode bytes at 0x7f98b437726f.
[  307.752694][    C3] RSP: 002b:00007f98b51580f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  307.756911][    C3] RAX: fffffffffffffe00 RBX: 00007f98b4506138 RCX: 00007f98b4377299
[  307.759999][    C3] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f98b4506138
[  307.762923][    C3] RBP: 00007f98b4506130 R08: 00007f98b51586c0 R09: 00007f98b51586c0
[  307.765646][    C3] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f98b450613c
[  307.768813][    C3] R13: 000000000000006e R14: 00007ffd219ac300 R15: 00007ffd219ac3e8
[  307.772181][    C3]  </TASK>
[  307.773392][    C3] 
[  307.774333][    C3] The buggy address belongs to stack of task syz.0.1372/10077
[  307.777193][    C3]  and is located at offset 24 in frame:
[  307.779502][    C3]  exit_mmap+0x0/0xb20
[  307.781097][    C3] 
[  307.782042][    C3] This frame has 2 objects:
[  307.783782][    C3]  [32, 96) 'vmi'
[  307.783791][    C3]  [128, 256) 'tlb'
[  307.785048][    C3] 
[  307.787207][    C3] The buggy address belongs to the virtual mapping at
[  307.787207][    C3]  [ffffc900033d8000, ffffc900033e1000) created by:
[  307.787207][    C3]  kernel_clone+0xfd/0x980
[  307.793969][    C3] 
[  307.794928][    C3] The buggy address belongs to the physical page:
[  307.797418][    C3] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88801dc4b000 pfn:0x1dc4b
[  307.801286][    C3] memcg:ffff88802bfaaf02
[  307.802823][    C3] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  307.805787][    C3] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  307.809601][    C3] raw: ffff88801dc4b000 0000000000000000 00000001ffffffff ffff88802bfaaf02
[  307.813008][    C3] page dumped because: kasan: bad access detected
[  307.815758][    C3] page_owner tracks the page as allocated
[  307.817948][    C3] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 10072, tgid 10072 (syz.0.1372), ts 306803794888, free_ts 306711889128
[  307.825202][    C3]  post_alloc_hook+0x2d1/0x350
[  307.827065][    C3]  get_page_from_freelist+0x1351/0x2e50
[  307.829477][    C3]  __alloc_pages_noprof+0x22b/0x2460
[  307.831664][    C3]  alloc_pages_mpol_noprof+0x275/0x610
[  307.833795][    C3]  __vmalloc_node_range_noprof+0xa6a/0x1520
[  307.836395][    C3]  copy_process+0x2f3b/0x8de0
[  307.838387][    C3]  kernel_clone+0xfd/0x980
[  307.840092][    C3]  __do_sys_clone3+0x1f5/0x270
[  307.842270][    C3]  do_syscall_64+0xcd/0x250
[  307.844002][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.846440][    C3] page last free pid 0 tgid 0 stack trace:
[  307.849073][    C3]  free_unref_page+0x64a/0xe40
[  307.850890][    C3]  __folio_put+0x31c/0x3e0
[  307.852660][    C3]  free_page_and_swap_cache+0x249/0x2c0
[  307.855015][    C3]  tlb_remove_table_rcu+0x89/0xe0
[  307.857344][    C3]  rcu_core+0x828/0x16b0
[  307.859219][    C3]  handle_softirqs+0x216/0x8f0
[  307.861267][    C3]  irq_exit_rcu+0xbb/0x120
[  307.863323][    C3]  sysvec_apic_timer_interrupt+0x95/0xb0
[  307.865796][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.868285][    C3] 
[  307.869224][    C3] Memory state around the buggy address:
[  307.871431][    C3]  ffffc900033df900: 00 f2 f2 f2 00 f2 f2 f2 00 00 f2 f2 00 00 00 00
[  307.874570][    C3]  ffffc900033df980: 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
[  307.877656][    C3] >ffffc900033dfa00: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00
[  307.880753][    C3]                                                  ^
[  307.883297][    C3]  ffffc900033dfa80: 00 00 00 f2 f2 f2 f2 00 00 00 00 00 00 00 00 00
[  307.886622][    C3]  ffffc900033dfb00: 00 00 00 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00
[  307.889917][    C3] ==================================================================
[  307.893121][    C3] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  307.896415][    C3] CPU: 3 UID: 0 PID: 10077 Comm: syz.0.1372 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  307.900566][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  307.904800][    C3] Call Trace:
[  307.906146][    C3]  <IRQ>
[  307.907276][    C3]  dump_stack_lvl+0x3d/0x1f0
[  307.909133][    C3]  panic+0x6f5/0x7a0
[  307.910653][    C3]  ? __pfx_panic+0x10/0x10
[  307.912405][    C3]  ? check_panic_on_warn+0x1f/0xb0
[  307.914387][    C3]  check_panic_on_warn+0xab/0xb0
[  307.916329][    C3]  end_report+0x117/0x180
[  307.917953][    C3]  kasan_report+0xe9/0x110
[  307.919503][    C3]  ? xdp_do_check_flushed+0x41c/0x4e0
[  307.921603][    C3]  ? xdp_do_check_flushed+0x41c/0x4e0
[  307.923821][    C3]  xdp_do_check_flushed+0x41c/0x4e0
[  307.927912][    C3]  __napi_poll.constprop.0+0xd1/0x550
[  307.930137][    C3]  net_rx_action+0xa92/0x1010
[  307.931998][    C3]  ? __pfx_net_rx_action+0x10/0x10
[  307.934122][    C3]  ? __pfx_mark_lock+0x10/0x10
[  307.936327][    C3]  ? sched_balance_domains+0x285/0xec0
[  307.938798][    C3]  ? mark_held_locks+0x9f/0xe0
[  307.940670][    C3]  handle_softirqs+0x216/0x8f0
[  307.942548][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[  307.944608][    C3]  irq_exit_rcu+0xbb/0x120
[  307.946360][    C3]  sysvec_apic_timer_interrupt+0x95/0xb0
[  307.948704][    C3]  </IRQ>
[  307.949869][    C3]  <TASK>
[  307.951031][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.953382][    C3] RIP: 0010:write_comp_data+0x11/0x90
[  307.955488][    C3] Code: cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 49 89 d2 49 89 f8 49 89 f1 65 48 8b 15 3f 52 79 7e <65> 8b 05 40 52 79 7e a9 00 01 ff 00 74 0f f6 c4 01 74 59 8b 82 1c
[  307.962921][    C3] RSP: 0018:ffffc900033deeb0 EFLAGS: 00000202
[  307.965325][    C3] RAX: 0000000000000000 RBX: ffffc900033def38 RCX: ffffffff813ce4f2
[  307.968424][    C3] RDX: ffff888021820000 RSI: 0000000000000000 RDI: 0000000000000001
[  307.971484][    C3] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  307.974537][    C3] R10: 0000000000000002 R11: 0000000000000000 R12: ffffffff90aed7b4
[  307.977518][    C3] R13: ffffffff90aed7b9 R14: 0000000000000002 R15: ffffc900033def6d
[  307.980202][    C3]  ? unwind_next_frame+0x5f2/0x23a0
[  307.981986][    C3]  unwind_next_frame+0x5f2/0x23a0
[  307.983717][    C3]  ? exit_mmap+0x1b8/0xb20
[  307.985259][    C3]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  307.987376][    C3]  arch_stack_walk+0x100/0x170
[  307.989445][    C3]  ? exit_mmap+0x1b8/0xb20
[  307.991191][    C3]  stack_trace_save+0x95/0xd0
[  307.993034][    C3]  ? __pfx_stack_trace_save+0x10/0x10
[  307.995271][    C3]  save_stack+0x162/0x1f0
[  307.997153][    C3]  ? __pfx_save_stack+0x10/0x10
[  307.999236][    C3]  ? __pfx_lock_acquire+0x10/0x10
[  308.001593][    C3]  ? free_unref_folios+0x9e9/0x1390
[  308.004040][    C3]  ? folios_put_refs+0x560/0x760
[  308.005970][    C3]  ? free_pages_and_swap_cache+0x36d/0x510
[  308.008225][    C3]  ? __tlb_batch_free_encoded_pages+0xf9/0x290
[  308.010555][    C3]  ? tlb_flush_mmu+0xe9/0x590
[  308.012399][    C3]  ? unmap_page_range+0x1c88/0x3c10
[  308.014416][    C3]  ? unmap_single_vma+0x194/0x2b0
[  308.016386][    C3]  ? unmap_vmas+0x22f/0x490
[  308.018153][    C3]  ? exit_mmap+0x1b8/0xb20
[  308.019905][    C3]  __reset_page_owner+0x8d/0x400
[  308.021881][    C3]  free_unref_folios+0x9e9/0x1390
[  308.023843][    C3]  folios_put_refs+0x560/0x760
[  308.025719][    C3]  ? __pfx_folios_put_refs+0x10/0x10
[  308.027695][    C3]  ? lru_add_drain_cpu+0x454/0x860
[  308.029579][    C3]  ? prepare_alloc_pages.constprop.0+0x412/0x560
[  308.031737][    C3]  free_pages_and_swap_cache+0x36d/0x510
[  308.033647][    C3]  ? __pfx_free_pages_and_swap_cache+0x10/0x10
[  308.035753][    C3]  ? __pfx_tlb_is_not_lazy+0x10/0x10
[  308.037545][    C3]  ? __pfx___might_resched+0x10/0x10
[  308.039345][    C3]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  308.041897][    C3]  tlb_flush_mmu+0xe9/0x590
[  308.043827][    C3]  unmap_page_range+0x1c88/0x3c10
[  308.045757][    C3]  ? __pfx_unmap_page_range+0x10/0x10
[  308.047835][    C3]  ? uprobe_munmap+0x20/0x5d0
[  308.049616][    C3]  unmap_single_vma+0x194/0x2b0
[  308.051514][    C3]  unmap_vmas+0x22f/0x490
[  308.053224][    C3]  ? __pfx_unmap_vmas+0x10/0x10
[  308.054995][    C3]  ? __pfx_lock_release+0x10/0x10
[  308.056967][    C3]  ? lru_add_drain_cpu+0x454/0x860
[  308.058959][    C3]  exit_mmap+0x1b8/0xb20
[  308.060609][    C3]  ? __pfx_exit_mmap+0x10/0x10
[  308.062486][    C3]  __mmput+0x12a/0x480
[  308.064149][    C3]  mmput+0x62/0x70
[  308.065616][    C3]  do_exit+0x9bf/0x2bb0
[  308.067283][    C3]  ? get_signal+0x8f2/0x2770
[  308.069213][    C3]  ? __pfx_do_exit+0x10/0x10
[  308.071078][    C3]  ? do_raw_spin_lock+0x12d/0x2c0
[  308.073049][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  308.075143][    C3]  do_group_exit+0xd3/0x2a0
[  308.076924][    C3]  get_signal+0x25fd/0x2770
[  308.078696][    C3]  ? __pfx_get_signal+0x10/0x10
[  308.080611][    C3]  ? __pfx_do_futex+0x10/0x10
[  308.082439][    C3]  arch_do_signal_or_restart+0x90/0x7e0
[  308.084605][    C3]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  308.086987][    C3]  syscall_exit_to_user_mode+0x150/0x2a0
[  308.089179][    C3]  do_syscall_64+0xda/0x250
[  308.090961][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.093121][    C3] RIP: 0033:0x7f98b4377299
[  308.094646][    C3] Code: Unable to access opcode bytes at 0x7f98b437726f.
[  308.097014][    C3] RSP: 002b:00007f98b51580f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  308.099834][    C3] RAX: fffffffffffffe00 RBX: 00007f98b4506138 RCX: 00007f98b4377299
[  308.102531][    C3] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f98b4506138
[  308.105595][    C3] RBP: 00007f98b4506130 R08: 00007f98b51586c0 R09: 00007f98b51586c0
[  308.108681][    C3] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f98b450613c
[  308.111727][    C3] R13: 000000000000006e R14: 00007ffd219ac300 R15: 00007ffd219ac3e8
[  308.114764][    C3]  </TASK>
[  308.116551][    C3] Kernel Offset: disabled
[  308.118368][    C3] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:07:06  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080000000 RBX=0000000000000000 RCX=ffffffff81e0cffa RDX=ffff88804868a440
RSI=ffffffff81e0d00c RDI=0000000000000005 RBP=ffff88803a793970 RSP=ffffc9000325ec60
R8 =0000000000000005 R9 =00000000000001ff R10=000000000000012e R11=0000000000000000
R12=000000000000012e R13=0000000000000000 R14=0000000000000001 R15=00000000000003c1
RIP=ffffffff818a8fdd RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f17080636c0 ffffffff 00c00000
GS =0000 ffff88806b000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000203ff000 CR3=000000001df68000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8132d795 ffffffff8132d763
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8200409b ffffffff8132d795
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff820045ab
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe431be56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe431be56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe431be56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe431be56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe431be5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe431be5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe431cd5488 00007fe431cd5480 00007fe431cd5478 00007fe431cd5450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe43283d100 00007fe431cd5440 00007fe400040008 000c00130014000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe431cd5498 00007fe431cd5490 00007fe431cd5488 00007fe431cd5480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000664d7d RBX=0000000000000001 RCX=ffffffff8b115529 RDX=0000000000000000
RSI=ffffffff8b4cc500 RDI=ffffffff8bb08b40 RBP=ffffed1003058910 RSP=ffffc90000187e08
R8 =0000000000000001 R9 =ffffed100d626fe1 R10=ffff88806b137f0b R11=0000000000000000
R12=0000000000000001 R13=ffff8880182c4880 R14=ffffffff901293d8 R15=0000000000000000
RIP=ffffffff8b11691f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000561518d948e8 CR3=00000000122a6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555724fe25e 00005555724fde00
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555724846c4 00005555724846c0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555572482490
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557248d5b8
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555724f6168
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555572484900
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 04800304800406a0 0300000500000067 0000006d00000085 ecff644b00000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d5f0030190800401 d5e00303ce100001 d5d003018c800401 00080007000c0008
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d6b0030195800401 d6a00301bc100001 d690030193800401 d68003028a100001
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00080001e0030010 0001d00303ffffff ff0401c0030c1000 01b0034080100001
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010880c410000180 0401000002080606 012fd200080001e0 0300100001d00303
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff0401c003 0c100001b0034080 100001d6b0030195 800401d6a00301bc
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 100001d690030193 800401d68003028a 100001d5f0030190 800401d5e00303ce
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 100001d5d003018c 800401d5c00301ba 100001d5b003018a 800401d5a00302b6
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000003494e1 RBX=0000000000000002 RCX=ffffffff8b115529 RDX=0000000000000000
RSI=ffffffff8b4cc500 RDI=ffffffff8bb08b40 RBP=ffffed100305b000 RSP=ffffc90000197e08
R8 =0000000000000001 R9 =ffffed100d646fe1 R10=ffff88806b237f0b R11=0000000000000000
R12=0000000000000002 R13=ffff8880182d8000 R14=ffffffff901293d8 R15=0000000000000000
RIP=ffffffff8b11691f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b32001ff8 CR3=0000000046dce000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff7da140c0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f17073e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f17073e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f17073e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f17073e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f17073e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f17073e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000340
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000000000000000 0000000000000000 0000000000000340
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fdd905 RDI=ffffffff95198720 RBP=ffffffff951986e0 RSP=ffffc90000908778
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303963666666
R12=0000000000000000 R13=0000000000000033 R14=ffffffff84fdd8a0 R15=0000000000000000
RIP=ffffffff84fdd92f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f0c9608efa2 CR3=00000000554ac000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc73335430 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75b99e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75b99e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75b99e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75b99e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75b99e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75b99e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000048
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000048
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000