last executing test programs:

5.891897843s ago: executing program 1 (id=1207):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB])
socket(0x2c, 0x6, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0xfffffe5d)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xd0)
r3 = inotify_init1(0x0)
fcntl$setown(r3, 0x8, 0xffffffffffffffff)
fcntl$getownex(r3, 0x10, &(0x7f0000000380)={0x0, <r4=>0x0})
move_pages(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$getsig(0x4202, r4, 0x10, &(0x7f0000000600))
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r6 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
fcntl$setstatus(r6, 0x4, 0x4000)
io_setup(0x202, &(0x7f0000000200)=<r7=>0x0)
io_submit(r7, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x8, 0x1, 0x0, r6, &(0x7f0000000000), 0x100000}])
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x22004002, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @dev={0xfe, 0x80, '\x00', 0x24}}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x39, 0x0, "b0fd7b07ff8a216915a8d3215a3225178096acf74c85ad01ba95fd9d0543750fb5a62a045888e8febca073f1f821abb8083f4d192383c47b3800abd4d841e2d4b56039653b95d0cd0a00a6ea35bdfaf6"}, 0xd8)
sendto$inet6(r5, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a54049f0c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x0, 0x0, 0x32)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x7}, 0x0)

5.119128314s ago: executing program 1 (id=1213):
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
getpgid(0xffffffffffffffff)
socket$inet6(0xa, 0x3, 0xff)
socket$packet(0x11, 0x2, 0x300)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000180)={r1})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000002780))
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000140)='rxrpc_client\x00', r2}, 0x10)
socket$kcm(0x21, 0x2, 0x2)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200))
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="34010c", @ANYRES16=r4, @ANYBLOB="0100000000000000000014000000", @ANYRES32, @ANYBLOB="0c0006000100000001000000"], 0x34}}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000500)={'wpan1\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r5, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x2c, r6, 0x229, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}, @NL802154_ATTR_PAGE={0x5}]}, 0x2c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan0\x00'})

4.134027808s ago: executing program 1 (id=1221):
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
getpgid(0xffffffffffffffff)
socket$inet6(0xa, 0x3, 0xff)
socket$packet(0x11, 0x2, 0x300)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000002780))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000140)='rxrpc_client\x00', r1}, 0x10)
socket$kcm(0x21, 0x2, 0x2)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200))
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="34010c", @ANYRES16=r3, @ANYBLOB="0100000000000000000014000000", @ANYRES32, @ANYBLOB="0c0006000100000001000000"], 0x34}}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000500)={'wpan1\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x2c, r5, 0x229, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x9}, @NL802154_ATTR_PAGE={0x5}]}, 0x2c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan0\x00'})

3.203624859s ago: executing program 1 (id=1229):
socket$kcm(0x10, 0x3, 0x10)
syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x29aa}, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r4, &(0x7f0000000080)="b3019c28", 0x4, 0x0, 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000002540)={'filter\x00', 0x5, "42de391533"}, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x8, &(0x7f0000000380)=0x3f, 0x4)
recvmmsg(r4, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000000c0)=@nl, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)=""/186}, {0xffffffffffffffff}], 0x0, &(0x7f0000000280)=""/239, 0x13}}, {{&(0x7f0000000e80)=@vsock={0x28, 0x0, 0x0, @host}, 0x0, &(0x7f0000000680)=[{&(0x7f0000000400)=""/18}, {&(0x7f0000000440)=""/110}, {&(0x7f00000004c0)=""/165}, {&(0x7f0000001540)=""/4096}, {&(0x7f0000000580)=""/245}], 0x0, &(0x7f0000000700)=""/27}}, {{&(0x7f0000000740)=@nfc, 0x0, &(0x7f0000000c00), 0x0, &(0x7f0000000cc0)=""/180}}], 0x4000000000001f1, 0x10162, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
read$msr(r2, &(0x7f0000000240)=""/45, 0x2d)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="1b0b00000000000000001fffffff200001801c0002006261746164765f736c6176655f31"], 0x34}}, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001500)=ANY=[], 0x1c}}, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4096})
chdir(&(0x7f00000002c0)='\x00')

2.770848778s ago: executing program 0 (id=1230):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x2000000, 0x0)

2.770426081s ago: executing program 0 (id=1231):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0xfffe, @remote}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
lstat(0x0, 0x0)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b400000000000000791090000000000061000000000000009500000000000000a45c8b106d45385a1964b904e462de529745a4cd61a7a0d25ddfd38b8b9a36c14ae1ee5ae29051b28b53a4182deb5ae03bc2644f3f168925ab06dcde9fe4ee40405e10326cb901765f30c1d039e73af80f39ba982e44fe40c17211db9c82e6da61712f41775115599d65c29cfcd0bffdff01000000000000d375c71938d9faa1df3117a99ecbddbfee7f7abeba22c29a9cb001001079a87ed5790000000b8fc3b5fd11e6ca750a6dc5dba2b8b8cd1d9fed1fb63bafef7d7bdd5bad81e40379623de90000000000"], &(0x7f0000000080)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000001c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2}, 0x49)
socket$packet(0x11, 0x2, 0x300)
write$binfmt_elf64(r1, &(0x7f00000028c0)=ANY=[@ANYBLOB="7f454c46f9c0940e08000000000000000300000006000000c40300000000000040000000000000002a00000000000000060000005b0038000100f200ff7f040005000000ffffffff0a5b000000000000010000000100000005000000000000000500000000000000080000000000000000000080000000000000007007000000ff0f00000000000000000000010000000100000000000000eede7739000000000900000000000000dfef0000000000005e7b2c12959dd422641fb63cfec7319cb9d2f3edc08e494719f3e0ff0ed6a816d8d6c026f69f29b49fe3f5e467490b12323ab581569f21ee30be8669bc93c25230f86c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d051b08cd07f3841a6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffa76b7a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000085c473af50917b3490b9679d8f5006c9d050b46bcd5c0d080653791d5a5c5d593bbb783dc83a10d9611781c1cd420700308a6acb763b245ed53ef842b2c940a48f180d0bd543624dd86b518eb35139a32db77d3cca7b2e5439009f53fa312ebc1b1faacc14e8fe1bb70dd639e9f8c4968f0ab9a769d68cc2cd8eb5810e5ba9c000c82e55697dd25f41abfb3e8dafb741e51ad70b590895f5b0a78890dfb1fd4e7ff3c880d7278f4c3dfbd445487a3041"], 0x9f3)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={0x1}, 0x4)
syz_emit_ethernet(0x126e, &(0x7f0000001640)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000081002a0086dd658f240312342ffffc000000000000000000000000000000fe8000000000000000000000000000bb6c0c040601180000fe8000000000000000000000000000aafe800000000000000000000000000014fe880000000000000000000000000101ff020000000000000000000000000001fe8000000000000000000000000000bbfc0100000000000000000000000000010421880b005100020fd62bb7ee76e187b5b002de6dd1bf3d565fe4513683e41cd56e51ddcfe7f47df405524657086baa5af5888045bd70292d08fb6e195fc5b655f6d30d60e4b1c9d0f4059d63cfb658de0e0ce9840a9dfbf1e14608000800870eb7a5f7deed8ec3fff75a7e4f80eb6b8b476f1f19cf7a3d2e561568e0c6b6a24dc47a898d53e58343f1da180550d97f7bed2a53ad91c2507b85e2f2c4463690874b6b73cedb6dc2e4de80972e1215a7e7906bd8f3acf4a3314137ad21ec1b8acf6e7c9bac081363c451961c95baada1facb898a3c84994b32426b776b9c4c2d9849a410ed7d9c5ae728372985ccb2b2b782f6a3128d4d8d6857851543f67055f9c93bd0db5e02eff6d40c221f3b02650ff437e7c3992f11f393a7db60430a43ebca9d856afa921a44ebf279cf3ae0cd8ead21e43df303b02ff18e79a54ceaf7e5112d5ab726aee4c66e33b951ffaf346c628e96298addc00cf028cb067d22f5765a0225f12231df3488b549d55d9c12a94508661d28405ac24297a431ad44d668ff3260405934803ca42a2d82fbeb97631b9a589ca16e15a61b77994880c551b896e667a8ecba2127619e50ae1166d1743ef1776565929f7f2136dc56f8e5a16d37abe24f173222bf01e508018d690dec640656d0517d803552f833c97ea8c695b782378a107069c8407c58ddfc1eb0f34aa53434f0812b64add0213ba2ae686d11baebb0fc3b54c9b8a30ee73849a3fbdff2a03d5db72d46259b5b7781c2361ee461f8acdac747ec1aa2009fdba0535d6134dfecf0cebc9bcd6b9a7ef7e3cb7cbb0132f7b6ce86fb0b0b651903b074adc1a9f1d6f17e8be8a3bf5f713f7691bb21139075965b9cfe62500c1c3c0107124bc85402c10a255c298e078f2d6508bd043b90e663e6b083f04a93134b0d0a8dbef5066da13ee6490d9930cbe6caa1ef4229a74221ab0c1098fcbd4431487faf8f99656caffc8783882002279c9974891935cf65f4299296daa0855c416470e8dc56c4b1c9546178d46ac6ceb730b7d266ed94a9b5d5c172106afe83a3fd24b4c00b30c84c60eceeaa33409e148ca6fb5fbe740fa2b26509e544ff34504995f9d9e9ad98a59f6c960066c5fa03c21811777b9fa950c17c7edd4131152523bc02a86e9e7c4625fa8a58910e9cec09399c0272215d894ab536dd80204f5c8958a93ee991854fd9e17560f5c6df9a73a58585f209d629a4a84f30a53db0502780ecd2b0d0324e94db4e114fa25d426ffaf4b5dee87884ea1416a1126aefe0fd42f31bba18ad2c1c8504547dc6ea307a1a36047dd8523120e2b8fc3963023b6627bed9b1b48a879d8e301038d2f65fc4af42ba917f53f8a54eecd42e7fd133a118cd6f1a3d971ee6499106a302ecc1ba4f94d36dbf893518cb7bdce9aab37f49f4b5ba9b27b41c836e884d8dfbe15205e500e4edd724daa141328740c19af719f1b7cca4bc38c5cbc85e6d7b0967536411ae7d17ce4bf126d1f6ce77100aafbdecb87485dff9aeedafee3b06b16e0bba9cfd834236a611deb5af62b5f43193149917ac085f0f10fb9a0def818e0887a52c5389308acee30706279afb503e605daac46ae7ebb6b0f1ec9569d3a5dd8cf17ade4e0690bd221c51761b7de92055253a77afb711e02e53700f21ad7783f29072efb4c5acee9faba76ea814dd382aa60bd557170e4ee98dbce01a4c46803f3c6e3a0aa205b64b91c3eb5a9e406223c5cd6c47f52266b6df56d2dc1fc1921c41aba58b6520aa385ccc939e9fd3cdd28b5b3ed6fc1401aae124dc13d9a7eee4c7c8a34554009463180af2116e8f237deb7a6f1a19bc3c180333d80d27c51ddc5b89d99423696d02192d4033d741d71f841be4156aac7701c6e74307397594aeace2a0797fb5a8460fd99e986e4750839761985c42b64548c443bf94a7b42981dda992f195b5f8b5af67300e5546880c4abe3ecb04d0331fa4848504db2c6663841aac6cd98567fcd6ec76eefae142c9952a17e0c028ed476dd2354a116e5051ffc088eb0ecbd125728a4d9042fdd40c4b3ab0d9464bfcc8802007646ef378abd02c91c860ed38f392dced8558fd97a7bf2940eadbd4544b27dfd53bfcfc82d11eb9834b2f6da750caf5f8e4460ea2905e34c760a3124cc7be612111658a0348ecc260bbaf4f45218c99211677dbe3550c86a255f9df8732f2491a2ae365efe82d2e3401996cb5e267ef08068cf9f9bff528f9f3d1bb87534cab33e335c402916e18ee51d4f4e28fcc42c42db1edf5dda3629d3ca133d22bb497272b944f995668984585346690e78af7cbff5542ac4272957637adce7bc37d0ed5ab17bd9aec1ef93b55994fc159f19b53fd15e6db234f3d8f314cd23455abc4277d9f69ecfd6593ae5917673acbfd1c35eb3e420264ea176c904b1ddbccbf7f79cf1e4b8579399fc3e163142e04cfa7ba03b5ad54d655949678b3179e29df2745c02b358a89229d77477b99f7719c9dfb52241d52a70c95693a5c109cfac0da16a55cca0132024ee88c0d92b2f86f2c0936ee9db5aa54c21a78cafe39d3de6cb46d5cf71a20c44690445bb02b19f6dea4b96a4688b5b599752923ff23943839cb27c81e163a6a9bb45e137cf3e420df4ad3b603978eedadefeb65d59ec3b4a8559dd5a0d1bca647a8f13c3596eb35a6a996bbb7cd84d0d7b25e42707f941b6204f2c4731f08cc4b299aa01bd194f1bd42adedeedd1e08020ea5021150874134a38d73aa948806f0b60ee7f418432e4a5d95c5f0ec845efdf0f0105cafff0fbcb0dda068c4e00e7c09024643d38b34f08ecf16a757cf38776ac7b19634d38954ac962f1b10d9f001016ffe1b137515561540a26dff1fb3397e387068e16544d2e80cc1746e5268948177062d350e850e6a59a330d74d6cb2282ed70a5b32187790782a664985d6e58a7b6602f1cbafcbf20c6bf49fda4a05316c19affc52f9cb19a0b6ed17a76e39e4a597cb50ee89301e12366aae756e31fc57716043b14542f1af5eba4b84514e689f3babf72b5dd5becd79b9f5de43499ca2d0c467893550d18dfbab9ffab204"], &(0x7f0000000940)={0x1, 0x3, [0x8f2, 0xf1f, 0x794, 0xb36]})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000440)={'syztnl1\x00', 0x0, 0x2f, 0xf5, 0x7f, 0x7, 0x29, @private0, @private0, 0x10, 0x1}})
mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x0, 0x0, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/tcp_cdg', 0x0, 0x0)
mknodat$loop(r2, &(0x7f0000000100)='./file2\x00', 0x6000, 0x0)
mknodat$loop(r2, &(0x7f00000001c0)='./file2\x00', 0x2000, 0x0)
syz_io_uring_setup(0x3a6b, &(0x7f0000000280), &(0x7f0000000040), &(0x7f00000005c0))
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="0700a3fcf070d1ff"], 0xffdd)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001300)=[{{0x0, 0xe, 0x0}}], 0x300, 0x0)

2.175526438s ago: executing program 3 (id=1234):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) (async)
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) (async)
r1 = socket(0x10, 0x803, 0x0)
write(r1, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1f00c0e90101c7bb0000b00000000000", 0x26) (async)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000400), 0x4)
sendto(r1, &(0x7f00000005c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) (async)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r2, &(0x7f0000000100)={&(0x7f0000000000), 0x14, &(0x7f00000000c0)={&(0x7f0000000080)="f8ab02cfcadfde9192e0c1fa9db6", 0xe}}, 0x0) (async)
ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f00000002c0)) (async)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) (async)
recvmmsg(r1, &(0x7f0000000f40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f00000004c0)='cifs.spnego\x00', &(0x7f00000002c0)=@chain) (async)
io_setup(0x80, &(0x7f0000000440)=<r3=>0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000040)) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
setsockopt$bt_hci_HCI_FILTER(r6, 0x0, 0x2, &(0x7f0000000040), 0x10) (async)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a08010000140a0300000000000000002c7d0900030000000c00064000000000000000030800034000000001de0008006e02ee83c7d6c9060b4ac5cbd8a46a01b2a878cd996341fd3dd326e13472a34e791a01d935c050c25e79d7719fe59cbce0cbbd3c7b81bfa436d6b8457c3895539615ebd7c29fcd6172d3e6da769d9fb84cf1206ca6b8cec5c9259d5f6dcf04008225d0eaea19a76493193abb80631e23635cf11aa268cc2474d2783f619d07a156b9484d98679353edde401425ddf0acef5f33f4ffa8551a717df670e5f4594b413c80d9238160b6e626988eee7f6f182ffe0223246fcb303f0fc714e25885a9d2c5f2e1a48cc7102c1085c008217a179cf4cd6b195fc96000021400000011000100"/304], 0x130}}, 0x4000000) (async)
io_submit(r3, 0x3, &(0x7f0000001a40)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, r4, &(0x7f00000002c0)="8d752202f50c2c7d191d2f7db4406c23c448e4768d9f948e2a9156e6a080fb48", 0x20}]) (async)
syz_io_uring_setup(0x3b67, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=<r7=>0x0)
r8 = syz_io_uring_setup(0x25d2, &(0x7f0000000280)={0x0, 0x879d, 0x0, 0x3, 0x37f}, &(0x7f0000000080)=<r9=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r9, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) (async)
io_uring_enter(r8, 0xb15, 0x0, 0x0, 0x0, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001340)=@newtaction={0x14, 0x30, 0x12f}, 0x14}}, 0x0) (async)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r11 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$cgroup_procs(r11, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)

2.16141166s ago: executing program 2 (id=1235):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000ac0)=ANY=[@ANYRES32=0x0, @ANYBLOB="880002804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e67000000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0], 0xa4}, 0x1, 0x0, 0x0, 0x8000}, 0x40090)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', <r2=>0x0})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000180)={'gretap0\x00', &(0x7f0000000100)={'syztnl2\x00', <r3=>0x0, 0x10, 0x10, 0x2, 0x5, {{0xf, 0x4, 0x3, 0xa, 0x3c, 0x66, 0x0, 0x5, 0x2f, 0x0, @loopback, @broadcast, {[@end, @rr={0x7, 0x7, 0x75, [@multicast1]}, @ssrr={0x89, 0x1b, 0x82, [@multicast2, @initdev={0xac, 0x1e, 0x4, 0x0}, @multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @private=0xa010100, @rand_addr=0x64010102]}, @ra={0x94, 0x4}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000200)={'wg1\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r9=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_etf={{0x8}, {0xfffffe3c, 0x2, @TCA_ETF_PARMS={0x10}}}]}, 0x40}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'team0\x00', <r10=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000300)={'erspan0\x00', <r11=>0x0, 0x700, 0x8000, 0xdacb0e46, 0x9, {{0x8, 0x4, 0x0, 0x6, 0x20, 0x66, 0x0, 0x5, 0x2f, 0x0, @remote, @private=0xa010100, {[@ra={0x94, 0x4, 0x1}, @rr={0x7, 0x7, 0x43, [@empty]}, @noop]}}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000400)={'syztnl1\x00', &(0x7f00000003c0)={'syztnl0\x00', <r12=>0x0, 0x1, 0x80, 0x200, 0x0, {{0x7, 0x4, 0x2, 0x7, 0x1c, 0x64, 0x0, 0x1, 0x29, 0x0, @multicast2, @loopback, {[@end, @ra={0x94, 0x4, 0x1}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000440)={'team0\x00', <r13=>0x0})
r14 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r14, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r15=>0x0})
bind$can_j1939(r14, &(0x7f0000001200)={0x1d, r15}, 0x18)
connect$can_j1939(r14, &(0x7f0000000100)={0x1d, r15, 0x2}, 0x18)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000480)={&(0x7f0000000c40)=ANY=[@ANYBLOB="5c050000", @ANYRES16=r1, @ANYBLOB="358125bd7000ffdbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="6802028038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000036e30140000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000101000008000700000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e67000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000200000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000004000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004008000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000100000008000600", @ANYRES32=r3, @ANYBLOB="400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400f0ffffff08000600", @ANYRES32=r4, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="b80002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000100010008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000200000008000100", @ANYRES32=r10, @ANYBLOB="c80002804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e67000000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r11, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000200000008000600", @ANYRES32=r12, @ANYBLOB="08000100", @ANYRES32=r13, @ANYBLOB="400102803c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000000c0004007f0003080700000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b0000000800040001f0ffc1bdd9cdfa129c962d5b67dd9a0e40a8ff08000600", @ANYRES32=r15, @ANYBLOB="4c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e67000000003c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400d02d0000"], 0x55c}, 0x1, 0x0, 0x0, 0x1}, 0x24008890)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r16=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r16, 0x8933, &(0x7f0000000500)={'lo\x00', <r17=>0x0})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r17}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_FLAGS={0x8, 0x8, 0x798}]}, 0x34}}, 0x0)

2.157491754s ago: executing program 1 (id=1236):
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xcb, &(0x7f0000000100)={0x1}, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socket$packet(0x11, 0x0, 0x300)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9b}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[], 0x0, 0xffffffffffffffcb}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000180)={0x0, 0x8000, {<r2=>0x0}, {0xffffffffffffffff}})
prlimit64(r2, 0xa, 0x0, 0x0)
sched_setaffinity(0x0, 0x5e, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000001000010700000000004000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)
socket(0x0, 0x0, 0x20000)
syz_io_uring_setup(0x1b6f, 0x0, &(0x7f0000000400), 0x0)
r5 = syz_open_procfs(0x0, 0x0)
fchdir(r5)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
renameat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0)

2.012738062s ago: executing program 2 (id=1237):
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_script(r1, 0x0, 0xb)
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
splice(r0, 0x0, r4, 0x0, 0x80, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x4b564d01, 0x0, 0xaf}]})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000300)={'#! ', '', [{0x20, 'cpuacct.usage_sys\x00'}, {}], 0xa, "744519e0e6740369edd4a809d950b12ede8a542ead518a987fc43b316baa1bbdfb1da1d666e8a30739c51b4674e5031b4eb38c3ac756e07e10ab72db35ed8ea5384f2001667906f378117868f9fd8d7615a957559f1dc89a61ccec671ee697eac5f40b34a1d35a3c2aeed0b34ca793511973f98236a02797e0b5765ba70b24de28a2923c5442614968b24b89da231b987a6f45f5fc9849"}, 0xaf)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r8, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
fcntl$setpipe(r4, 0x407, 0x0)
write(r2, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f00000001c0)={0x2})
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x1475, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x359, &(0x7f00000003c0)=ANY=[], 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$fb(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000004, 0x4010, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil)

2.01236115s ago: executing program 3 (id=1238):
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_script(r1, 0x0, 0xb)
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x4b564d01, 0x0, 0xaf}]})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000300)={'#! ', '', [{0x20, 'cpuacct.usage_sys\x00'}, {}], 0xa, "744519e0e6740369edd4a809d950b12ede8a542ead518a987fc43b316baa1bbdfb1da1d666e8a30739c51b4674e5031b4eb38c3ac756e07e10ab72db35ed8ea5384f2001667906f378117868f9fd8d7615a957559f1dc89a61ccec671ee697eac5f40b34a1d35a3c2aeed0b34ca793511973f98236a02797e0b5765ba70b24de28a2923c5442614968b24b89da231b987a6f45f5fc9849"}, 0xaf)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r8, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
fcntl$setpipe(r4, 0x407, 0x0)
write(r2, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f00000001c0)={0x2})
r9 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_msfilter(r9, 0x0, 0x8, 0x0, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x1475, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x359, &(0x7f00000003c0)=ANY=[], 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$fb(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000004, 0x4010, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil)
accept$inet6(0xffffffffffffffff, 0x0, 0x0)

1.652751661s ago: executing program 2 (id=1239):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x1c)
r1 = syz_open_dev$video(&(0x7f0000000000), 0x100000001, 0x6a0000)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r1, 0xc034564b, &(0x7f0000000080)={0x0, 0x35315258, 0xf00, 0x870, 0x0, @stepwise})
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x43, 0x0, 0x0, 0x5}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000080)={0x443}, 0x10)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e20, @multicast2}, @in6={0xa, 0x4e24, 0x164, @mcast1, 0x2}], 0x2c)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet(0x2, 0x800, 0x9)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r6, 0x84, 0x83, &(0x7f0000000440)={r8}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000a00)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae840904551bd06c724f6e27b74196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874", @ANYRES64=r8], &(0x7f0000000080)='GPL\x00', 0x7, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x22, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x6}, 0x90)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
r9 = syz_init_net_socket$ax25(0x3, 0x3, 0x1)
ioctl$sock_ax25_SIOCADDRT(r9, 0x89e3, &(0x7f0000000080)={@null, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null]})
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x66, 0x0, &(0x7f0000000140))
r10 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r10, &(0x7f0000000300)={{0x6, @rose, 0x7}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendto$netrom(r10, 0x0, 0x0, 0x0, &(0x7f0000000000)={{0x6, @rose}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x48)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000000c0)=0xa0000)
r11 = openat$vmci(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r11, 0x7a7, &(0x7f0000000200)=0xa0000)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000001c0)={0x2, 0x8002, 0x389b, 0x3}, 0x10)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r11, 0x7a8, &(0x7f0000000040)={{@local, 0xfffffffe}, @hyper, 0x5, 0xfffffffffffffffc, 0x8001, 0x0, 0x0, 0x4, 0x5})
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000040)={@local})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, &(0x7f0000000000)={&(0x7f0000000540)={{@local}, {@host=0x10}, 0x400, "d49e0b1f09a3e05cb898141464441748655937bb34d22f02362479246bb6372d891a3b5dafa58a6abc5a678d6874fc8fb5f8a529c6e30103484f2667c174fb6cda19ea0a9301bc3238eb816e9c3882f243bcd4bd7115b26dacf5923f060498d471cb4f789562fcda119739dd1a5b0e4e1a4a64dbd7b398bd4e7a247d81f968f2e945f293fc3860bf11f0424193fce743067d27f0ac187b44b128a4999547f73d8c35d3c2bd8b51bbc9a31123f773be89e109cc71b8ec29a539083c0cba15b0899c7181ba154c28b3c4e2ebe360ac44f942a703b9a3a37fbbefe9ae0de04a32336a6eba07b2fb6ad426d56e17291bb1a9d1fcdaa939378bab6dd2eac37b369ef163c9e0fc8039352c24d8147fcc2e2559b47066abd21a3a5f83f239a2227d17d4ca90f60ed9acc243ed38818e3883a985106b54dc157b67022525a74e8f9cb99852760359278d5d22294a70433ba4cec5147fbb09b1d0008ba76257f1c5af6b8d6bf3bcfd5a468a566a4e98fe5f264f2663b72cb421c90d8b7883ddfb5749b27a3e146f9d8538706fea61b07c6e064446337439b9d5a5dc82f6c63c57d6ba0e709b7c1b15fa8367f8e6df2cf59b0b30740ef47c5cccffce5911569591ce4ab62275964cd147e87a30cc6e71f7e40e161997cdbadcfbfb6c54e0289ac137508b7b5339414e4ab7afcc420148e37d49b664cc07c8178a3b50f566c5bdd3aa9217ef909805972bd63ee1d729b282cd866c183744b20da3227f9d43843236b571c8d3237408c266e08d0699ebd30e0820362664ab323b15d3ae9896d6120aae6ef9085f53a2b39cc31238b031476c86e6b16d7703fcbacc7269ce8622eab1cfdf82a364209ec4ac912db924bb76bc35ddf8d0e7a3aff0d08a48c07be47303b59653d9409f14dc59ac33cae5e010466f54d86772e43e3680863bb9bf10c971f16a731e601d7fcdbb91d7146e7834d89059ad522d70398c2bacf113ed791e32f933dfa23f5d6d11bfc9d9e0f04a34b0eddd99d16cd9712485e0a5c9aaf1ebf3f14d00005f8960b6145cbb7d4522692ebe1f9491f87a29ed67c5fb60f5e69bde2a758742999fc986a2dbf6199977e9b446691bf9f95d0abd84557c77ea13356c977d0f098ab9fec85acbd6447f2e6893e2fa6a0a7b272dab66e69b7def48f8b3583a53a0941fb3e4367fa8d56e05ee3b265f17ca0439fcdcea276f7f0a9bf4c2a324d7143658007cf4019e8da69ba1b7dff4383714cbcb71dfe6f1b1ac5d5e99394cb2c360ddb1889d92cd36f8fc72ac865f1c6445957b2a57c1af59ef8d2e9fe328ec2bde763d65c4dea965042f540515bf2f879d1b26309ebc1d7f76c569fa88fbe61845e96e93d3b6025b6285777e59495943596c128fdacc545263ce458bf99f57d7e5dc77f65cf650902b5b6d5af9359334759843365bf0dfb244817a40e8cc9030"}, 0x418})

1.636631342s ago: executing program 0 (id=1240):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="17090000000000000000010000000500070000000000080009000000800008000a0000000000060002000000000014001f00ff0000000000000000000000000000001400200000000000000000000000ffffe0000001"], 0x64}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=@newtaction={0x90, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_ctinfo={0x48, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_mirred={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet_opts(r5, 0x0, 0x6, &(0x7f0000000380)='\a', 0x1)
sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x60, r3, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7f}, @L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x30}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'netdevsim0\x00'}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0xd}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp6=r5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @dev={0xac, 0x14, 0x14, 0x26}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004000}, 0x4004011)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r8, 0xc014563b, &(0x7f00000003c0)={0x3, {0x1, 0x1d, 0x7, 0x7}})
sendmsg$MPTCP_PM_CMD_GET_ADDR(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x20, r7, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x20}}, 0x0) (fail_nth: 11)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@getqdisc={0x38, 0x26, 0x800, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r9, {0xffff, 0xa}, {0x0, 0xf}, {0x9, 0xfff3}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004102}, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001680)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}]}}}]}, 0x3c}}, 0x0)

1.550475453s ago: executing program 0 (id=1241):
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r1}, 0x10)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x10001}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
getpid()
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)={0x24, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)={0x30, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x13, 0x5b, "f376071686bdab131968b9688d7b56"}]}, 0x30}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000080)={0x6c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xc}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x148c}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x22}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x32}]]}, 0x6c}}, 0x0)
openat$incfs(0xffffffffffffffff, 0x0, 0x8000, 0xa2)
getpid()
r9 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000010c0)=0x15)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)

1.536312664s ago: executing program 3 (id=1242):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000180)={0x0, 0x8000, {<r0=>0x0}, {0xffffffffffffffff}, 0x0, 0x200})
prlimit64(r0, 0xa, &(0x7f00000001c0)={0x4, 0x7c}, &(0x7f0000000200))
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000007300010700000000004000000a0000000c0002006e6c383032313100"], 0x20}}, 0x0)
recvmmsg(r2, &(0x7f00000039c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/51, 0x33}, {&(0x7f0000003a80)=""/4090, 0xffa}, {&(0x7f0000000480)=""/201, 0xc9}], 0x3}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000000)=""/97, 0x61}, {&(0x7f00000025c0)=""/4073, 0xfe9}], 0x2}}], 0x3, 0x0, 0x0)
socket(0x0, 0x0, 0x20000)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000000380), &(0x7f0000000280)=<r3=>0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = inotify_init1(0x0)
fcntl$setown(r5, 0x8, 0xffffffffffffffff)
fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
r7 = syz_open_procfs(r6, &(0x7f0000000600)='fd/4\x00')
ioctl$EXT4_IOC_GROUP_EXTEND(r7, 0x40305839, &(0x7f0000000240))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
r8 = io_uring_setup(0x0, 0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x11, 0x20000000, r9)
clock_nanosleep(0x2, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x20480, 0x0)

1.36334215s ago: executing program 2 (id=1243):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'sit0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000006800010000000000000000000a000000000000000600070008000000140006000000000000000000000000000000040108000500", @ANYRES32=r5, @ANYBLOB="28000880240001"], 0x64}}, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="17090000000000000000010000000500070000000000080009000000800008000a0000000000060002000000000014001f00ff0000000000000000000000000000001400200000000000000000000000ffffe0000001"], 0x64}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=@newtaction={0x90, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_ctinfo={0x48, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_mirred={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)
r7 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet_opts(r7, 0x0, 0x6, &(0x7f0000000380)='\a', 0x1)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x48, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x34, 0x1, [@m_ctinfo={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x2}}}]}]}, 0x48}}, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x60, r3, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7f}, @L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x30}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'netdevsim0\x00'}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0xd}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp6=r7}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @dev={0xac, 0x14, 0x14, 0x26}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004000}, 0x4004011)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r11 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r11, 0xc014563b, &(0x7f00000003c0)={0x3, {0x1, 0x1d, 0x7, 0x7}})
sendmsg$MPTCP_PM_CMD_GET_ADDR(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x20, r10, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@getqdisc={0x38, 0x26, 0x800, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r12, {0xffff, 0xa}, {0x0, 0xf}, {0x9, 0xfff3}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004102}, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001680)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r12}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}]}}}]}, 0x3c}}, 0x0)

1.192555654s ago: executing program 2 (id=1244):
socket$kcm(0x10, 0x3, 0x10)
syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x29aa}, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r4, &(0x7f0000000080)="b3019c28", 0x4, 0x0, 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000002540)={'filter\x00', 0x5, "42de391533"}, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x8, &(0x7f0000000380)=0x3f, 0x4)
recvmmsg(r4, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000000c0)=@nl, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)=""/186}, {0xffffffffffffffff}], 0x0, &(0x7f0000000280)=""/239, 0x13}}, {{&(0x7f0000000e80)=@vsock={0x28, 0x0, 0x0, @host}, 0x0, &(0x7f0000000680)=[{&(0x7f0000000400)=""/18}, {&(0x7f0000000440)=""/110}, {&(0x7f00000004c0)=""/165}, {&(0x7f0000001540)=""/4096}, {&(0x7f0000000580)=""/245}], 0x0, &(0x7f0000000700)=""/27}}, {{&(0x7f0000000740)=@nfc, 0x0, &(0x7f0000000c00), 0x0, &(0x7f0000000cc0)=""/180}}], 0x4000000000001f1, 0x10162, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
read$msr(r2, &(0x7f0000000240)=""/45, 0x2d)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="1b0b00000000000000001fffffff200001801c0002006261746164765f736c6176655f31"], 0x34}}, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001500)=ANY=[], 0x1c}}, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4096})
chdir(&(0x7f00000002c0)='\x00')

1.191975727s ago: executing program 1 (id=1245):
syz_io_uring_setup(0xeec, &(0x7f0000000780)={0x0, 0xe023, 0x400}, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0)=0x1aa, 0x1)
sendto$unix(r0, &(0x7f0000000800)="a4309941f6767ac00382783c11f20577c36c63ac4d8f9444e0fa2735a34c55100aaae429cd869b4a6ab607cc8520e2ab09dce713ec51433a4733204fa8230cef2818e49cf6e354c6b00a07a87a86c90235e51bcb544eea47fe9270f7ca97592189d90eee294d39bd5ef0fabab970fec1bb08255dc5f8553d460d491f7059c45ea8fb968c2a5030563c6571010a83b5f5b89bfd05339001c22d480e267f3f251769cda57c547aee3f60c0879f95619084d30055519a9ccb65aa1481cde34d0df52687640ff7c90b3921431e1241194092c5c162b7f39b59f0aad078f3f1ab43c8e2a6ba77f29629c45f3351d30fe224662d37106ade084e428aed98e0bf35d99300bc5ad848f8f817bb10b53a16de5108aaf48bf17115f7793da71b5e22e1e5310f09acbba900de6aed2cb494a492bb8c5d8d2284386d69e4942349f40d63cba1b55941f479e45bea34f347058a5928e30d7e2f10ae5e21c4b3d9095e9925d368c5f4a0e0436e18f940fe4d612267c0fd43e0eb337e16458bda3aaaa78fd09ad34697d633e07b55e3225755c9387b31e059322105254b15dc3e3047f27e4978a0c933394044b203ad0c33cf9b83b4ee", 0x1af, 0x40448c1, 0x0, 0x0)
recvfrom$unix(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_io_uring_setup(0x24b3, &(0x7f0000000100)={0x0, 0xfe1b, 0x80}, &(0x7f0000000040), &(0x7f0000000640))
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000080)={0x2a, 0xffffffff}, 0xc)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000040)={'batadv0\x00', 0x48})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x3}, {0x6, 0x0, 0xf6}]})
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_tables_matches\x00')
ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, &(0x7f0000000000)={0x0, 0x80000009, 0xfffffffe, 0xc3, 0x10000000})
socket$l2tp6(0xa, 0x2, 0x73)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x3)
r4 = socket(0x10, 0x3, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000380)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000180)={r6, 0x9, 0x2})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000300)={<r7=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000080)={r7, 0x3, r5, 0x5})
ioperm(0x2, 0x2, 0xfffffffffffffffc)
futex(0x0, 0xc, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0, 0x1)
write(r4, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24)

597.956908ms ago: executing program 3 (id=1246):
r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x1f00, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x3f0}) (fail_nth: 25)

471.089058ms ago: executing program 0 (id=1247):
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_script(r1, 0x0, 0xb)
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
splice(r0, 0x0, r4, 0x0, 0x80, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x4b564d01, 0x0, 0xaf}]})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000300)={'#! ', '', [{0x20, 'cpuacct.usage_sys\x00'}, {}], 0xa, "744519e0e6740369edd4a809d950b12ede8a542ead518a987fc43b316baa1bbdfb1da1d666e8a30739c51b4674e5031b4eb38c3ac756e07e10ab72db35ed8ea5384f2001667906f378117868f9fd8d7615a957559f1dc89a61ccec671ee697eac5f40b34a1d35a3c2aeed0b34ca793511973f98236a02797e0b5765ba70b24de28a2923c5442614968b24b89da231b987a6f45f5fc9849"}, 0xaf)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r8, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
fcntl$setpipe(r4, 0x407, 0x0)
write(r2, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f00000001c0)={0x2})
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x1475, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x359, &(0x7f00000003c0)=ANY=[], 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$fb(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000004, 0x4010, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil)

291.285076ms ago: executing program 3 (id=1248):
signalfd(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='highspeed\x00', 0xa)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCFLSH(r0, 0x40045431, 0x20000000)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = fcntl$dupfd(r1, 0x0, r2)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000400)={0x0, r3})
syz_io_uring_setup(0x44169, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0xfffffffe}, &(0x7f0000000480), &(0x7f0000000000))
syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xc0}, &(0x7f0000000340), &(0x7f00000005c0))
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f000001b640)=[@mask_cswp={0x58, 0x114, 0x9, {{}, 0x0, 0x0}}], 0x58}, 0x4000000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
r7 = socket$l2tp(0x2, 0x2, 0x73)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000003506b63ccd056e8b42a63c6039e651a3490d45f7e756a41babdd913a6841638ea9e64357a364753ec528ccd5873b2f2ce881c7e116a13cd53ccb4e8e6eae77cea11f6817db7510cfc289db0dddc11d46aa6f6c40ce3e1f992b1d25f0ce52fe389b073f5e19ba", @ANYRES16=r6, @ANYBLOB="230900000000000000000100000005000700000000000800090000000000060002000100000008000a000000000008001700", @ANYRES32=r7, @ANYBLOB], 0x3c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000c40)="c10e020022003505d25a806f8c6394f90435fc60040011000a740100053582c137153e370248018000f0", 0x2a}], 0x1}, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90324fc60100c024002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x90044802, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)

183.462304ms ago: executing program 3 (id=1249):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0xfffe, @remote}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
lstat(0x0, 0x0)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b400000000000000791090000000000061000000000000009500000000000000a45c8b106d45385a1964b904e462de529745a4cd61a7a0d25ddfd38b8b9a36c14ae1ee5ae29051b28b53a4182deb5ae03bc2644f3f168925ab06dcde9fe4ee40405e10326cb901765f30c1d039e73af80f39ba982e44fe40c17211db9c82e6da61712f41775115599d65c29cfcd0bffdff01000000000000d375c71938d9faa1df3117a99ecbddbfee7f7abeba22c29a9cb001001079a87ed5790000000b8fc3b5fd11e6ca750a6dc5dba2b8b8cd1d9fed1fb63bafef7d7bdd5bad81e40379623de90000000000"], &(0x7f0000000080)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000001c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2}, 0x49)
socket$packet(0x11, 0x2, 0x300)
write$binfmt_elf64(r1, &(0x7f00000028c0)=ANY=[@ANYBLOB="7f454c46f9c0940e08000000000000000300000006000000c40300000000000040000000000000002a00000000000000060000005b0038000100f200ff7f040005000000ffffffff0a5b000000000000010000000100000005000000000000000500000000000000080000000000000000000080000000000000007007000000ff0f00000000000000000000010000000100000000000000eede7739000000000900000000000000dfef0000000000005e7b2c12959dd422641fb63cfec7319cb9d2f3edc08e494719f3e0ff0ed6a816d8d6c026f69f29b49fe3f5e467490b12323ab581569f21ee30be8669bc93c25230f86c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d051b08cd07f3841a6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffa76b7a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000085c473af50917b3490b9679d8f5006c9d050b46bcd5c0d080653791d5a5c5d593bbb783dc83a10d9611781c1cd420700308a6acb763b245ed53ef842b2c940a48f180d0bd543624dd86b518eb35139a32db77d3cca7b2e5439009f53fa312ebc1b1faacc14e8fe1bb70dd639e9f8c4968f0ab9a769d68cc2cd8eb5810e5ba9c000c82e55697dd25f41abfb3e8dafb741e51ad70b590895f5b0a78890dfb1fd4e7ff3c880d7278f4c3dfbd445487a3041"], 0x9f3)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={0x1}, 0x4)
syz_emit_ethernet(0x126e, &(0x7f0000001640)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000081002a0086dd658f240312342ffffc000000000000000000000000000000fe8000000000000000000000000000bb6c0c040601180000fe8000000000000000000000000000aafe800000000000000000000000000014fe880000000000000000000000000101ff020000000000000000000000000001fe8000000000000000000000000000bbfc0100000000000000000000000000010421880b005100020fd62bb7ee76e187b5b002de6dd1bf3d565fe4513683e41cd56e51ddcfe7f47df405524657086baa5af5888045bd70292d08fb6e195fc5b655f6d30d60e4b1c9d0f4059d63cfb658de0e0ce9840a9dfbf1e14608000800870eb7a5f7deed8ec3fff75a7e4f80eb6b8b476f1f19cf7a3d2e561568e0c6b6a24dc47a898d53e58343f1da180550d97f7bed2a53ad91c2507b85e2f2c4463690874b6b73cedb6dc2e4de80972e1215a7e7906bd8f3acf4a3314137ad21ec1b8acf6e7c9bac081363c451961c95baada1facb898a3c84994b32426b776b9c4c2d9849a410ed7d9c5ae728372985ccb2b2b782f6a3128d4d8d6857851543f67055f9c93bd0db5e02eff6d40c221f3b02650ff437e7c3992f11f393a7db60430a43ebca9d856afa921a44ebf279cf3ae0cd8ead21e43df303b02ff18e79a54ceaf7e5112d5ab726aee4c66e33b951ffaf346c628e96298addc00cf028cb067d22f5765a0225f12231df3488b549d55d9c12a94508661d28405ac24297a431ad44d668ff3260405934803ca42a2d82fbeb97631b9a589ca16e15a61b77994880c551b896e667a8ecba2127619e50ae1166d1743ef1776565929f7f2136dc56f8e5a16d37abe24f173222bf01e508018d690dec640656d0517d803552f833c97ea8c695b782378a107069c8407c58ddfc1eb0f34aa53434f0812b64add0213ba2ae686d11baebb0fc3b54c9b8a30ee73849a3fbdff2a03d5db72d46259b5b7781c2361ee461f8acdac747ec1aa2009fdba0535d6134dfecf0cebc9bcd6b9a7ef7e3cb7cbb0132f7b6ce86fb0b0b651903b074adc1a9f1d6f17e8be8a3bf5f713f7691bb21139075965b9cfe62500c1c3c0107124bc85402c10a255c298e078f2d6508bd043b90e663e6b083f04a93134b0d0a8dbef5066da13ee6490d9930cbe6caa1ef4229a74221ab0c1098fcbd4431487faf8f99656caffc8783882002279c9974891935cf65f4299296daa0855c416470e8dc56c4b1c9546178d46ac6ceb730b7d266ed94a9b5d5c172106afe83a3fd24b4c00b30c84c60eceeaa33409e148ca6fb5fbe740fa2b26509e544ff34504995f9d9e9ad98a59f6c960066c5fa03c21811777b9fa950c17c7edd4131152523bc02a86e9e7c4625fa8a58910e9cec09399c0272215d894ab536dd80204f5c8958a93ee991854fd9e17560f5c6df9a73a58585f209d629a4a84f30a53db0502780ecd2b0d0324e94db4e114fa25d426ffaf4b5dee87884ea1416a1126aefe0fd42f31bba18ad2c1c8504547dc6ea307a1a36047dd8523120e2b8fc3963023b6627bed9b1b48a879d8e301038d2f65fc4af42ba917f53f8a54eecd42e7fd133a118cd6f1a3d971ee6499106a302ecc1ba4f94d36dbf893518cb7bdce9aab37f49f4b5ba9b27b41c836e884d8dfbe15205e500e4edd724daa141328740c19af719f1b7cca4bc38c5cbc85e6d7b0967536411ae7d17ce4bf126d1f6ce77100aafbdecb87485dff9aeedafee3b06b16e0bba9cfd834236a611deb5af62b5f43193149917ac085f0f10fb9a0def818e0887a52c5389308acee30706279afb503e605daac46ae7ebb6b0f1ec9569d3a5dd8cf17ade4e0690bd221c51761b7de92055253a77afb711e02e53700f21ad7783f29072efb4c5acee9faba76ea814dd382aa60bd557170e4ee98dbce01a4c46803f3c6e3a0aa205b64b91c3eb5a9e406223c5cd6c47f52266b6df56d2dc1fc1921c41aba58b6520aa385ccc939e9fd3cdd28b5b3ed6fc1401aae124dc13d9a7eee4c7c8a34554009463180af2116e8f237deb7a6f1a19bc3c180333d80d27c51ddc5b89d99423696d02192d4033d741d71f841be4156aac7701c6e74307397594aeace2a0797fb5a8460fd99e986e4750839761985c42b64548c443bf94a7b42981dda992f195b5f8b5af67300e5546880c4abe3ecb04d0331fa4848504db2c6663841aac6cd98567fcd6ec76eefae142c9952a17e0c028ed476dd2354a116e5051ffc088eb0ecbd125728a4d9042fdd40c4b3ab0d9464bfcc8802007646ef378abd02c91c860ed38f392dced8558fd97a7bf2940eadbd4544b27dfd53bfcfc82d11eb9834b2f6da750caf5f8e4460ea2905e34c760a3124cc7be612111658a0348ecc260bbaf4f45218c99211677dbe3550c86a255f9df8732f2491a2ae365efe82d2e3401996cb5e267ef08068cf9f9bff528f9f3d1bb87534cab33e335c402916e18ee51d4f4e28fcc42c42db1edf5dda3629d3ca133d22bb497272b944f995668984585346690e78af7cbff5542ac4272957637adce7bc37d0ed5ab17bd9aec1ef93b55994fc159f19b53fd15e6db234f3d8f314cd23455abc4277d9f69ecfd6593ae5917673acbfd1c35eb3e420264ea176c904b1ddbccbf7f79cf1e4b8579399fc3e163142e04cfa7ba03b5ad54d655949678b3179e29df2745c02b358a89229d77477b99f7719c9dfb52241d52a70c95693a5c109cfac0da16a55cca0132024ee88c0d92b2f86f2c0936ee9db5aa54c21a78cafe39d3de6cb46d5cf71a20c44690445bb02b19f6dea4b96a4688b5b599752923ff23943839cb27c81e163a6a9bb45e137cf3e420df4ad3b603978eedadefeb65d59ec3b4a8559dd5a0d1bca647a8f13c3596eb35a6a996bbb7cd84d0d7b25e42707f941b6204f2c4731f08cc4b299aa01bd194f1bd42adedeedd1e08020ea5021150874134a38d73aa948806f0b60ee7f418432e4a5d95c5f0ec845efdf0f0105cafff0fbcb0dda068c4e00e7c09024643d38b34f08ecf16a757cf38776ac7b19634d38954ac962f1b10d9f001016ffe1b137515561540a26dff1fb3397e387068e16544d2e80cc1746e5268948177062d350e850e6a59a330d74d6cb2282ed70a5b32187790782a664985d6e58a7b6602f1cbafcbf20c6bf49fda4a05316c19affc52f9cb19a0b6ed17a76e39e4a597cb50ee89301e12366aae756e31fc57716043b14542f1af5eba4b84514e689f3babf72b5dd5becd79b9f5de43499ca2d0c467893550d18dfbab9ffab204"], &(0x7f0000000940)={0x1, 0x3, [0x8f2, 0xf1f, 0x794, 0xb36]})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000440)={'syztnl1\x00', 0x0, 0x2f, 0xf5, 0x7f, 0x7, 0x29, @private0, @private0, 0x10, 0x1}})
mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x0, 0x0, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/tcp_cdg', 0x0, 0x0)
mknodat$loop(r2, &(0x7f0000000100)='./file2\x00', 0x6000, 0x0)
mknodat$loop(r2, &(0x7f00000001c0)='./file2\x00', 0x2000, 0x0)
syz_io_uring_setup(0x3a6b, &(0x7f0000000280), &(0x7f0000000040), &(0x7f00000005c0))
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="0700a3fcf070d1ff"], 0xffdd)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001300)=[{{0x0, 0xe, 0x0}}], 0x300, 0x0)

180.035535ms ago: executing program 2 (id=1250):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$kcm(0x21, 0x2, 0x2)
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = syz_open_dev$video4linux(&(0x7f00000004c0), 0x0, 0x230880)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r3, 0xc0945662, &(0x7f0000000600)={0x0, 0x0, '\x00', {0x0, @reserved}})
r4 = dup(r2)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000540), 0x220000, 0x0)
write$P9_RLERRORu(r5, &(0x7f0000000580)=ANY=[@ANYRES32=r1, @ANYRES64=r1, @ANYRES8], 0xfffffe01)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r6, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000500)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f0000000340)=0x10)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="04060310c9001ca8345e1e83b7b3362f00b45782b0a13ac6e52c64d14068b978ef96f7460f8fa2e9aa194145d51f450b93f390187e1280dc6fbd7e0dc855a9a9523e21e9df808535ce9409365107c9d593328f20625f9d46c84199cc422345bafc5590b6035597a8adfaffffffffffffff35730b98d08333f99769ec992df3dd12"], 0x6)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x208500, 0x0)
r7 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000400)={r8, @in={{0x2, 0x0, @empty}}, 0x0, 0x9, 0x0, 0x2, 0x414d6714bf78e135}, 0x9c)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90)
r10 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r11=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r9, r11}, 0x40)
syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

0s ago: executing program 0 (id=1251):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x1c)
r1 = syz_open_dev$video(&(0x7f0000000000), 0x100000001, 0x6a0000)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r1, 0xc034564b, &(0x7f0000000080)={0x0, 0x35315258, 0xf00, 0x870, 0x0, @stepwise})
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x43, 0x0, 0x0, 0x5}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000080)={0x443}, 0x10)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e20, @multicast2}, @in6={0xa, 0x4e24, 0x164, @mcast1, 0x2}], 0x2c)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet(0x2, 0x800, 0x9)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r6, 0x84, 0x83, &(0x7f0000000440)={r8}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000a00)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae840904551bd06c724f6e27b74196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874", @ANYRES64=r8], &(0x7f0000000080)='GPL\x00', 0x7, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x22, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x6}, 0x90)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
r9 = syz_init_net_socket$ax25(0x3, 0x3, 0x1)
ioctl$sock_ax25_SIOCADDRT(r9, 0x89e3, &(0x7f0000000080)={@null, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null]})
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x66, 0x0, &(0x7f0000000140))
r10 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r10, &(0x7f0000000300)={{0x6, @rose, 0x7}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendto$netrom(r10, 0x0, 0x0, 0x0, &(0x7f0000000000)={{0x6, @rose}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x48)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000000c0)=0xa0000)
r11 = openat$vmci(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r11, 0x7a7, &(0x7f0000000200)=0xa0000)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000001c0)={0x2, 0x8002, 0x389b, 0x3}, 0x10)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r11, 0x7a8, &(0x7f0000000040)={{@local, 0xfffffffe}, @hyper, 0x5, 0xfffffffffffffffc, 0x8001, 0x0, 0x0, 0x4, 0x5})
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000040)={@local})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, &(0x7f0000000000)={&(0x7f0000000540)={{@local}, {@host=0x10}, 0x400, "d49e0b1f09a3e05cb898141464441748655937bb34d22f02362479246bb6372d891a3b5dafa58a6abc5a678d6874fc8fb5f8a529c6e30103484f2667c174fb6cda19ea0a9301bc3238eb816e9c3882f243bcd4bd7115b26dacf5923f060498d471cb4f789562fcda119739dd1a5b0e4e1a4a64dbd7b398bd4e7a247d81f968f2e945f293fc3860bf11f0424193fce743067d27f0ac187b44b128a4999547f73d8c35d3c2bd8b51bbc9a31123f773be89e109cc71b8ec29a539083c0cba15b0899c7181ba154c28b3c4e2ebe360ac44f942a703b9a3a37fbbefe9ae0de04a32336a6eba07b2fb6ad426d56e17291bb1a9d1fcdaa939378bab6dd2eac37b369ef163c9e0fc8039352c24d8147fcc2e2559b47066abd21a3a5f83f239a2227d17d4ca90f60ed9acc243ed38818e3883a985106b54dc157b67022525a74e8f9cb99852760359278d5d22294a70433ba4cec5147fbb09b1d0008ba76257f1c5af6b8d6bf3bcfd5a468a566a4e98fe5f264f2663b72cb421c90d8b7883ddfb5749b27a3e146f9d8538706fea61b07c6e064446337439b9d5a5dc82f6c63c57d6ba0e709b7c1b15fa8367f8e6df2cf59b0b30740ef47c5cccffce5911569591ce4ab62275964cd147e87a30cc6e71f7e40e161997cdbadcfbfb6c54e0289ac137508b7b5339414e4ab7afcc420148e37d49b664cc07c8178a3b50f566c5bdd3aa9217ef909805972bd63ee1d729b282cd866c183744b20da3227f9d43843236b571c8d3237408c266e08d0699ebd30e0820362664ab323b15d3ae9896d6120aae6ef9085f53a2b39cc31238b031476c86e6b16d7703fcbacc7269ce8622eab1cfdf82a364209ec4ac912db924bb76bc35ddf8d0e7a3aff0d08a48c07be47303b59653d9409f14dc59ac33cae5e010466f54d86772e43e3680863bb9bf10c971f16a731e601d7fcdbb91d7146e7834d89059ad522d70398c2bacf113ed791e32f933dfa23f5d6d11bfc9d9e0f04a34b0eddd99d16cd9712485e0a5c9aaf1ebf3f14d00005f8960b6145cbb7d4522692ebe1f9491f87a29ed67c5fb60f5e69bde2a758742999fc986a2dbf6199977e9b446691bf9f95d0abd84557c77ea13356c977d0f098ab9fec85acbd6447f2e6893e2fa6a0a7b272dab66e69b7def48f8b3583a53a0941fb3e4367fa8d56e05ee3b265f17ca0439fcdcea276f7f0a9bf4c2a324d7143658007cf4019e8da69ba1b7dff4383714cbcb71dfe6f1b1ac5d5e99394cb2c360ddb1889d92cd36f8fc72ac865f1c6445957b2a57c1af59ef8d2e9fe328ec2bde763d65c4dea965042f540515bf2f879d1b26309ebc1d7f76c569fa88fbe61845e96e93d3b6025b6285777e59495943596c128fdacc545263ce458bf99f57d7e5dc77f65cf650902b5b6d5af9359334759843365bf0dfb244817a40e8cc9030"}, 0x418})

kernel console output (not intermixed with test programs):

are error 0x00
[  183.600154][ T8443] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  183.610822][   T39] audit: type=1400 audit(2125181575.614:366): avc:  denied  { setopt } for  pid=8441 comm="syz.3.670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  183.629194][   T39] audit: type=1400 audit(2125181575.614:367): avc:  denied  { create } for  pid=8441 comm="syz.3.670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  183.692639][ T8444] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  183.696556][ T8443] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  184.418984][ T8455] nbd0: detected capacity change from 0 to 22
[  184.837223][   T39] audit: type=1400 audit(2125181576.834:368): avc:  denied  { bind } for  pid=8466 comm="syz.3.676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  185.002613][ T8476] netlink: 4 bytes leftover after parsing attributes in process `syz.1.678'.
[  185.082959][ T5349] block nbd0: Receive control failed (result -104)
[  185.329088][ T5358] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  185.529140][  T832] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  185.732124][  T832] usb 7-1: Using ep0 maxpacket: 8
[  185.755683][  T832] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  185.759044][  T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  185.784344][  T832] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  185.791188][  T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  185.795823][  T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  185.803384][  T832] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  185.812884][  T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  185.818731][  T832] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  185.824707][  T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  185.829545][  T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  185.835546][  T832] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  185.842834][  T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  185.852940][  T832] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  185.858616][  T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  185.874490][  T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  185.888801][  T832] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  185.894095][  T832] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.900468][  T832] usb 7-1: Product: syz
[  185.902464][  T832] usb 7-1: Manufacturer: syz
[  185.904581][  T832] usb 7-1: SerialNumber: syz
[  186.148437][ T8485] 9pnet: p9_errstr2errno: server reported unknown error œæøýÓ®“Ö¤jê˜ÚUç7µÀúªÅƒ 7
[  186.181943][  T832] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  186.199664][  T832] usb 7-1: USB disconnect, device number 7
[  186.779451][   T39] audit: type=1400 audit(2125181578.784:369): avc:  denied  { read } for  pid=8501 comm="syz.2.685" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  186.790138][   T39] audit: type=1400 audit(2125181578.794:370): avc:  denied  { open } for  pid=8501 comm="syz.2.685" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  186.800953][   T39] audit: type=1400 audit(2125181578.794:371): avc:  denied  { ioctl } for  pid=8501 comm="syz.2.685" path="/dev/binderfs/binder0" dev="binder" ino=13 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  186.813059][   T39] audit: type=1400 audit(2125181578.794:372): avc:  denied  { set_context_mgr } for  pid=8501 comm="syz.2.685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  187.390130][   T39] audit: type=1400 audit(2125181579.394:373): avc:  denied  { checkpoint_restore } for  pid=8522 comm="syz.3.689" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  187.539048][   T57] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  187.689111][   T57] usb 7-1: device descriptor read/64, error -71
[  187.959233][   T57] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  188.109044][   T57] usb 7-1: device descriptor read/64, error -71
[  188.192764][ T8541] netlink: 28 bytes leftover after parsing attributes in process `syz.3.694'.
[  188.240230][   T57] usb usb7-port1: attempt power cycle
[  188.263301][ T8544] netlink: 28 bytes leftover after parsing attributes in process `syz.1.695'.
[  188.277280][ T8544] FAULT_INJECTION: forcing a failure.
[  188.277280][ T8544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.285027][ T8544] CPU: 3 UID: 0 PID: 8544 Comm: syz.1.695 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  188.289777][ T8544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.293897][ T8544] Call Trace:
[  188.295289][ T8544]  <TASK>
[  188.296575][ T8544]  dump_stack_lvl+0x16c/0x1f0
[  188.298397][ T8544]  should_fail_ex+0x497/0x5b0
[  188.300279][ T8544]  _copy_from_user+0x30/0xf0
[  188.302186][ T8544]  copy_msghdr_from_user+0x99/0x160
[  188.304429][ T8544]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  188.307163][ T8544]  ? find_held_lock+0x2d/0x110
[  188.309293][ T8544]  ? __pfx___lock_acquire+0x10/0x10
[  188.311684][ T8544]  ___sys_sendmsg+0xff/0x1e0
[  188.313749][ T8544]  ? __pfx____sys_sendmsg+0x10/0x10
[  188.316047][ T8544]  ? ksys_write+0x21c/0x260
[  188.318021][ T8544]  ? __fget_light+0x173/0x210
[  188.319929][ T8544]  __sys_sendmsg+0x117/0x1f0
[  188.321910][ T8544]  ? __pfx___sys_sendmsg+0x10/0x10
[  188.323780][ T8544]  do_syscall_64+0xcd/0x250
[  188.325644][ T8544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.328225][ T8544] RIP: 0033:0x7f4110f773b9
[  188.330191][ T8544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.338517][ T8544] RSP: 002b:00007f4111dbb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  188.342016][ T8544] RAX: ffffffffffffffda RBX: 00007f4111106058 RCX: 00007f4110f773b9
[  188.345329][ T8544] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000008
[  188.348689][ T8544] RBP: 00007f4111dbb0a0 R08: 0000000000000000 R09: 0000000000000000
[  188.351953][ T8544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.355502][ T8544] R13: 000000000000006e R14: 00007f4111106058 R15: 00007ffdf3d39308
[  188.358964][ T8544]  </TASK>
[  188.779071][   T57] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  188.810319][   T57] usb 7-1: device descriptor read/8, error -71
[  189.100749][   T57] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  189.140231][   T57] usb 7-1: device descriptor read/8, error -71
[  189.274048][   T57] usb usb7-port1: unable to enumerate USB device
[  189.817445][   T39] audit: type=1400 audit(2125181581.814:374): avc:  denied  { mounton } for  pid=8557 comm="syz.1.699" path="/proc/638/task" dev="proc" ino=22246 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  190.038213][ T8565] netlink: 'syz.1.701': attribute type 1 has an invalid length.
[  190.292592][ T8575] FAULT_INJECTION: forcing a failure.
[  190.292592][ T8575] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.298405][ T8575] CPU: 3 UID: 0 PID: 8575 Comm: syz.1.704 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  190.303018][ T8575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.307091][ T8575] Call Trace:
[  190.308343][ T8575]  <TASK>
[  190.309455][ T8575]  dump_stack_lvl+0x16c/0x1f0
[  190.311248][ T8575]  should_fail_ex+0x497/0x5b0
[  190.313022][ T8575]  _copy_to_user+0x30/0xc0
[  190.314714][ T8575]  simple_read_from_buffer+0xd0/0x160
[  190.316953][ T8575]  proc_fail_nth_read+0x1b0/0x290
[  190.319089][ T8575]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  190.321317][ T8575]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  190.323742][ T8575]  vfs_read+0x1d4/0xbd0
[  190.325600][ T8575]  ? __fdget_pos+0xeb/0x180
[  190.327572][ T8575]  ? __pfx_vfs_read+0x10/0x10
[  190.329652][ T8575]  ? __pfx___mutex_lock+0x10/0x10
[  190.331870][ T8575]  ? __fget_files+0x256/0x400
[  190.333976][ T8575]  ksys_read+0x12f/0x260
[  190.335842][ T8575]  ? __pfx_ksys_read+0x10/0x10
[  190.337919][ T8575]  do_syscall_64+0xcd/0x250
[  190.339973][ T8575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.342619][ T8575] RIP: 0033:0x7f4110f75dfc
[  190.344598][ T8575] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  190.351490][ T8575] RSP: 002b:00007f4111ddc040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  190.354358][ T8575] RAX: ffffffffffffffda RBX: 00007f4111105f80 RCX: 00007f4110f75dfc
[  190.357411][ T8575] RDX: 000000000000000f RSI: 00007f4111ddc0b0 RDI: 0000000000000004
[  190.360359][ T8575] RBP: 00007f4111ddc0a0 R08: 0000000000000000 R09: 0000000000000000
[  190.363479][ T8575] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001
[  190.366933][ T8575] R13: 000000000000000b R14: 00007f4111105f80 R15: 00007ffdf3d39308
[  190.370360][ T8575]  </TASK>
[  191.117540][ T8594] FAULT_INJECTION: forcing a failure.
[  191.117540][ T8594] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.124173][ T8594] CPU: 3 UID: 0 PID: 8594 Comm: syz.1.709 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  191.128965][ T8594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.133892][ T8594] Call Trace:
[  191.135608][ T8594]  <TASK>
[  191.137135][ T8594]  dump_stack_lvl+0x16c/0x1f0
[  191.139639][ T8594]  should_fail_ex+0x497/0x5b0
[  191.142244][ T8594]  _copy_from_user+0x30/0xf0
[  191.144986][ T8594]  copy_msghdr_from_user+0x99/0x160
[  191.148043][ T8594]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  191.150841][ T8594]  ? find_held_lock+0x2d/0x110
[  191.152963][ T8594]  ? __pfx___lock_acquire+0x10/0x10
[  191.155157][ T8594]  ___sys_sendmsg+0xff/0x1e0
[  191.157111][ T8594]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.159466][ T8594]  ? ksys_write+0x21c/0x260
[  191.161466][ T8594]  ? __fget_light+0x173/0x210
[  191.163730][ T8594]  __sys_sendmsg+0x117/0x1f0
[  191.166093][ T8594]  ? __pfx___sys_sendmsg+0x10/0x10
[  191.168766][ T8594]  do_syscall_64+0xcd/0x250
[  191.170995][ T8594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.173608][ T8594] RIP: 0033:0x7f4110f773b9
[  191.175429][ T8594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.183620][ T8594] RSP: 002b:00007f4111dbb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.187173][ T8594] RAX: ffffffffffffffda RBX: 00007f4111106058 RCX: 00007f4110f773b9
[  191.190615][ T8594] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  191.193357][ T8594] RBP: 00007f4111dbb0a0 R08: 0000000000000000 R09: 0000000000000000
[  191.196600][ T8594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.199908][ T8594] R13: 000000000000006e R14: 00007f4111106058 R15: 00007ffdf3d39308
[  191.203105][ T8594]  </TASK>
[  191.521212][ T8610] openvswitch: netlink: Flow actions attr not present in new flow.
[  191.528027][ T8606] netlink: 'syz.2.712': attribute type 1 has an invalid length.
[  191.528503][   T39] audit: type=1400 audit(2125181583.524:375): avc:  denied  { map } for  pid=8609 comm="syz.3.714" path="/dev/sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  191.639061][ T8615] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  191.639061][ T8615]    program syz.3.715 not setting count and/or reply_len properly
[  191.772063][ T8617] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.788841][ T8617] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  192.454771][ T8631] netlink: 24 bytes leftover after parsing attributes in process `syz.2.720'.
[  192.553440][ T8631] batadv_slave_0: entered promiscuous mode
[  192.560507][ T8630] batadv_slave_0: left promiscuous mode
[  193.154111][ T8641] netlink: 400 bytes leftover after parsing attributes in process `syz.2.722'.
[  193.331407][ T8648] netlink: 'syz.1.724': attribute type 1 has an invalid length.
[  193.383567][ T8662] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  193.383567][ T8662]    program syz.2.727 not setting count and/or reply_len properly
[  193.564683][ T8670] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  193.571179][ T8670] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  193.586021][ T8672] openvswitch: netlink: Flow actions attr not present in new flow.
[  194.241438][   T39] audit: type=1400 audit(2125181586.244:376): avc:  denied  { execute } for  pid=8685 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  194.252764][   T39] audit: type=1400 audit(2125181586.244:377): avc:  denied  { execute_no_trans } for  pid=8685 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  194.416383][   T39] audit: type=1400 audit(2125181586.414:378): avc:  denied  { read } for  pid=8686 comm="syz.1.734" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  194.426144][   T39] audit: type=1400 audit(2125181586.414:379): avc:  denied  { open } for  pid=8686 comm="syz.1.734" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  194.429083][ T8689] tmpfs: Bad value for 'nr_inodes'
[  194.447803][   T39] audit: type=1400 audit(2125181586.424:380): avc:  denied  { ioctl } for  pid=8686 comm="syz.1.734" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  194.452067][ T5349] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  194.464291][ T5349] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  194.471171][ T5349] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  194.484649][ T5349] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  194.490755][ T5349] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  194.495408][ T5349] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  194.782299][ T8690] chnl_net:caif_netlink_parms(): no params data found
[  195.008535][ T8690] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.013805][ T8690] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.017266][ T8690] bridge_slave_0: entered allmulticast mode
[  195.027132][ T8690] bridge_slave_0: entered promiscuous mode
[  195.045353][ T8690] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.054001][ T8690] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.059493][ T8690] bridge_slave_1: entered allmulticast mode
[  195.070531][ T8690] bridge_slave_1: entered promiscuous mode
[  195.154554][ T8690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  195.164617][ T8690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  195.190505][ T8706] netlink: 'syz.2.736': attribute type 1 has an invalid length.
[  195.267785][ T8690] team0: Port device team_slave_0 added
[  195.274672][ T8690] team0: Port device team_slave_1 added
[  195.346910][ T8690] batman_adv: batadv0: Adding interface: batadv_slave_0
[  195.350306][ T8690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.363660][ T8690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  195.372866][ T8690] batman_adv: batadv0: Adding interface: batadv_slave_1
[  195.375640][ T8690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.387885][ T8690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  195.471167][ T8690] hsr_slave_0: entered promiscuous mode
[  195.479934][ T8690] hsr_slave_1: entered promiscuous mode
[  195.484158][ T8690] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  195.487507][ T8690] Cannot create hsr debugfs directory
[  195.654256][ T8690] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.662841][ T8716] netlink: 'syz.1.737': attribute type 1 has an invalid length.
[  195.753631][ T8690] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.850318][ T8690] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.991659][ T8690] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.097313][ T8730] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  196.097557][ T8731] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  196.097557][ T8731]    program syz.1.740 not setting count and/or reply_len properly
[  196.112732][ T8730] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  196.155495][ T8690] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  196.161732][ T8690] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  196.168450][ T8690] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  196.182312][ T8690] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  196.257489][ T8690] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.267523][   T39] audit: type=1400 audit(2125181588.264:381): avc:  denied  { getopt } for  pid=8733 comm="syz.2.742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  196.277793][ T8690] 8021q: adding VLAN 0 to HW filter on device team0
[  196.286721][ T1418] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.290107][ T1418] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.300184][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.303777][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.488108][ T8690] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.539970][ T8690] veth0_vlan: entered promiscuous mode
[  196.555878][ T8690] veth1_vlan: entered promiscuous mode
[  196.579565][ T8690] veth0_macvtap: entered promiscuous mode
[  196.591467][ T8690] veth1_macvtap: entered promiscuous mode
[  196.613238][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.617648][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.619180][ T5358] Bluetooth: hci4: command tx timeout
[  196.623042][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.630083][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.634129][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.638767][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.643234][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.647595][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.654465][ T8690] batman_adv: batadv0: Interface activated: batadv_slave_0
[  196.666322][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.675868][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.680849][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.685294][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.690482][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.694518][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.698459][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.703187][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.709740][ T8690] batman_adv: batadv0: Interface activated: batadv_slave_1
[  196.719678][ T8690] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.723961][ T8690] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.727766][ T8690] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.731882][ T8690] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.806893][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.811344][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.863476][   T39] audit: type=1400 audit(2125181588.864:382): avc:  denied  { create } for  pid=8749 comm="syz.1.746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  196.881171][   T39] audit: type=1400 audit(2125181588.874:383): avc:  denied  { write } for  pid=8749 comm="syz.1.746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  196.926517][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.941279][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.188761][ T8750] infiniband syz1: set down
[  197.192115][ T8750] infiniband syz1: added ipvlan1
[  197.270597][ T8750] RDS/IB: syz1: added
[  197.273326][ T8750] smc: adding ib device syz1 with port count 1
[  197.276192][ T8750] smc:    ib device syz1 port 1 has pnetid 
[  198.516196][ T8773] netlink: 'syz.2.749': attribute type 1 has an invalid length.
[  198.608180][ T8786] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  198.608180][ T8786]    program syz.3.751 not setting count and/or reply_len properly
[  198.691080][ T5358] Bluetooth: hci4: command tx timeout
[  198.716720][ T8790] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  198.726197][ T8790] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  199.172995][ T8804] netlink: 'syz.1.756': attribute type 1 has an invalid length.
[  199.409321][   T39] audit: type=1400 audit(2125181591.414:384): avc:  denied  { ioctl } for  pid=8808 comm="syz.0.757" path="socket:[24951]" dev="sockfs" ino=24951 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  199.432887][ T8809] netlink: 12 bytes leftover after parsing attributes in process `syz.0.757'.
[  199.438006][ T8809] netlink: 12 bytes leftover after parsing attributes in process `syz.0.757'.
[  199.607198][ T8819] loop0: detected capacity change from 0 to 8
[  199.625178][ T8819] FAULT_INJECTION: forcing a failure.
[  199.625178][ T8819] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.632083][ T8819] CPU: 3 UID: 0 PID: 8819 Comm: syz.3.761 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  199.636773][ T8819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  199.641411][ T8819] Call Trace:
[  199.642905][ T8819]  <TASK>
[  199.644243][ T8819]  dump_stack_lvl+0x16c/0x1f0
[  199.646438][ T8819]  should_fail_ex+0x497/0x5b0
[  199.648552][ T8819]  _copy_to_user+0x30/0xc0
[  199.650550][ T8819]  simple_read_from_buffer+0xd0/0x160
[  199.652933][ T8819]  proc_fail_nth_read+0x1b0/0x290
[  199.655207][ T8819]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  199.657699][ T8819]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  199.660178][ T8819]  vfs_read+0x1d4/0xbd0
[  199.662091][ T8819]  ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470
[  199.664975][ T8819]  ? __fdget_pos+0xeb/0x180
[  199.666981][ T8819]  ? __pfx_vfs_read+0x10/0x10
[  199.669076][ T8819]  ? __pfx___mutex_lock+0x10/0x10
[  199.671338][ T8819]  ? __fget_files+0x256/0x400
[  199.673448][ T8819]  ksys_read+0x12f/0x260
[  199.675346][ T8819]  ? __pfx_ksys_read+0x10/0x10
[  199.677497][ T8819]  do_syscall_64+0xcd/0x250
[  199.679535][ T8819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.682142][ T8819] RIP: 0033:0x7fa388d75dfc
[  199.684137][ T8819] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  199.691922][ T8819] RSP: 002b:00007fa389af0040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  199.695561][ T8819] RAX: ffffffffffffffda RBX: 00007fa388f05f80 RCX: 00007fa388d75dfc
[  199.698829][ T8819] RDX: 000000000000000f RSI: 00007fa389af00b0 RDI: 0000000000000006
[  199.702072][ T8819] RBP: 00007fa389af00a0 R08: 0000000000000000 R09: 0000000000000000
[  199.705359][ T8819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.708746][ T8819] R13: 000000000000000b R14: 00007fa388f05f80 R15: 00007ffea42afbb8
[  199.712087][ T8819]  </TASK>
[  199.725825][   T39] audit: type=1400 audit(2125181591.724:385): avc:  denied  { write } for  pid=4809 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  199.746119][   T39] audit: type=1400 audit(2125181591.724:386): avc:  denied  { remove_name } for  pid=4809 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  199.766272][   T39] audit: type=1400 audit(2125181591.724:387): avc:  denied  { add_name } for  pid=4809 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  200.003439][ T8828] netlink: 'syz.3.762': attribute type 1 has an invalid length.
[  200.280982][ T8843] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  200.286927][ T8843] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  200.294020][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[  200.317895][ T1380] ieee802154 phy1 wpan1: encryption failed: -22
[  200.327815][ T8846] netlink: 'syz.1.763': attribute type 1 has an invalid length.
[  200.575003][ T8853] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  200.575003][ T8853]    program syz.3.766 not setting count and/or reply_len properly
[  200.751883][ T8863] netlink: 'syz.1.768': attribute type 1 has an invalid length.
[  200.769739][ T5358] Bluetooth: hci4: command tx timeout
[  200.864662][   T39] audit: type=1400 audit(2125181592.864:388): avc:  denied  { read } for  pid=8866 comm="syz.2.769" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  200.875788][ T8867] netlink: 'syz.2.769': attribute type 1 has an invalid length.
[  200.899098][   T39] audit: type=1400 audit(2125181592.864:389): avc:  denied  { open } for  pid=8866 comm="syz.2.769" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  200.914354][   T39] audit: type=1400 audit(2125181592.874:390): avc:  denied  { ioctl } for  pid=8866 comm="syz.2.769" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x64b7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  200.926035][   T39] audit: type=1400 audit(2125181592.874:391): avc:  denied  { accept } for  pid=8866 comm="syz.2.769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  200.976648][ T8868] 9pnet_fd: Insufficient options for proto=fd
[  201.731848][ T8892] netlink: 'syz.3.774': attribute type 1 has an invalid length.
[  202.724155][ T8917] netlink: 'syz.0.779': attribute type 1 has an invalid length.
[  202.849090][ T5358] Bluetooth: hci4: command tx timeout
[  202.957604][ T8929] 9pnet_fd: Insufficient options for proto=fd
[  203.973279][ T8953] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  203.980604][ T8953] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.111223][ T8989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.118397][ T8989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.708993][ T5411] usb 6-1: new low-speed USB device number 6 using dummy_hcd
[  205.919173][ T5411] usb 6-1: Invalid ep0 maxpacket: 64
[  206.069058][ T5411] usb 6-1: new low-speed USB device number 7 using dummy_hcd
[  206.132455][ T9013] 9pnet_fd: Insufficient options for proto=fd
[  206.249325][ T5411] usb 6-1: Invalid ep0 maxpacket: 64
[  206.252874][ T5411] usb usb6-port1: attempt power cycle
[  206.668996][ T5411] usb 6-1: new low-speed USB device number 8 using dummy_hcd
[  206.692530][ T5411] usb 6-1: Invalid ep0 maxpacket: 64
[  206.765569][ T9030] netlink: 'syz.0.804': attribute type 1 has an invalid length.
[  206.860917][ T5411] usb 6-1: new low-speed USB device number 9 using dummy_hcd
[  206.896323][ T5411] usb 6-1: Invalid ep0 maxpacket: 64
[  206.899055][ T5411] usb usb6-port1: unable to enumerate USB device
[  207.043109][   T39] audit: type=1400 audit(2125181599.044:392): avc:  denied  { map } for  pid=9034 comm="syz.2.806" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  207.053513][   T39] audit: type=1400 audit(2125181599.044:393): avc:  denied  { listen } for  pid=9034 comm="syz.2.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  207.062387][   T39] audit: type=1400 audit(2125181599.044:394): avc:  denied  { read } for  pid=9034 comm="syz.2.806" path="socket:[26335]" dev="sockfs" ino=26335 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  207.751705][ T9043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  207.771261][ T9043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  207.775452][   T39] audit: type=1400 audit(2125181599.774:395): avc:  denied  { create } for  pid=9046 comm="syz.3.810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  209.759022][ T9084] 9pnet_fd: Insufficient options for proto=fd
[  210.940366][   T39] audit: type=1400 audit(2125181602.944:396): avc:  denied  { create } for  pid=9136 comm="syz.1.830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  211.147550][ T9145] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  211.153536][ T9145] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  211.638984][ T9147] nbd2: detected capacity change from 0 to 22
[  211.650105][ T9154] block nbd2: shutting down sockets
[  211.651842][ T8500] blk_print_req_error: 40 callbacks suppressed
[  211.651857][ T8500] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.658402][ T8500] buffer_io_error: 40 callbacks suppressed
[  211.658412][ T8500] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.689618][ T1130] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.694743][ T1130] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.698304][ T8500] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.716423][ T8500] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.737115][ T8500] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.742102][ T8500] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.745585][ T8500] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.759245][ T8500] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.762286][ T8500] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.765863][ T8500] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.769018][ T8500] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.772596][ T8500] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.775977][ T8500] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.779603][ T8500] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.782945][ T8500] ldm_validate_partition_table(): Disk read failed.
[  211.785457][ T8500] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.789371][ T8500] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.792400][ T8500] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.796185][ T8500] Buffer I/O error on dev nbd2, logical block 0, async page read
[  211.799875][ T8500] Dev nbd2: unable to read RDB block 0
[  211.802033][ T8500]  nbd2: unable to read partition table
[  211.804353][ T8500] nbd2: partition table beyond EOD, truncated
[  211.809227][ T8500] ldm_validate_partition_table(): Disk read failed.
[  211.812457][ T8500] Dev nbd2: unable to read RDB block 0
[  211.815099][ T8500]  nbd2: unable to read partition table
[  211.817694][ T8500] nbd2: partition table beyond EOD, truncated
[  211.937624][   T39] audit: type=1400 audit(2125181603.934:397): avc:  denied  { setopt } for  pid=9159 comm="syz.2.837" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  212.763227][ T9182] 9pnet_fd: Insufficient options for proto=fd
[  213.299081][ T9197] nbd2: detected capacity change from 0 to 22
[  213.313543][ T9198] block nbd2: shutting down sockets
[  213.326900][ T8500] ldm_validate_partition_table(): Disk read failed.
[  213.332100][ T8500] Dev nbd2: unable to read RDB block 0
[  213.334695][ T8500]  nbd2: unable to read partition table
[  213.337584][ T8500] nbd2: partition table beyond EOD, truncated
[  213.359161][ T8500] ldm_validate_partition_table(): Disk read failed.
[  213.362877][ T8500] Dev nbd2: unable to read RDB block 0
[  213.365789][ T8500]  nbd2: unable to read partition table
[  213.368829][ T8500] nbd2: partition table beyond EOD, truncated
[  215.019152][   T53] block nbd0: Possible stuck request ffff88802124a000: control (read@0,4096B). Runtime 30 seconds
[  215.039904][ T9246] nbd1: detected capacity change from 0 to 22
[  215.047717][ T9240] block nbd1: shutting down sockets
[  215.059750][ T8500] ldm_validate_partition_table(): Disk read failed.
[  215.062809][ T8500] Dev nbd1: unable to read RDB block 0
[  215.065453][ T8500]  nbd1: unable to read partition table
[  215.068109][ T8500] nbd1: partition table beyond EOD, truncated
[  215.073189][ T8500] ldm_validate_partition_table(): Disk read failed.
[  215.076138][ T8500] Dev nbd1: unable to read RDB block 0
[  215.078787][ T8500]  nbd1: unable to read partition table
[  215.081549][ T8500] nbd1: partition table beyond EOD, truncated
[  216.193407][ T9270] 9pnet_fd: Insufficient options for proto=fd
[  216.952186][ T9279] 9pnet_fd: Insufficient options for proto=fd
[  219.005018][ T9342] FAULT_INJECTION: forcing a failure.
[  219.005018][ T9342] name failslab, interval 1, probability 0, space 0, times 0
[  219.010505][ T9342] CPU: 2 UID: 0 PID: 9342 Comm: syz.0.877 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  219.014817][ T9342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  219.019510][ T9342] Call Trace:
[  219.020995][ T9342]  <TASK>
[  219.022359][ T9342]  dump_stack_lvl+0x16c/0x1f0
[  219.024464][ T9342]  should_fail_ex+0x497/0x5b0
[  219.026564][ T9342]  ? fs_reclaim_acquire+0xae/0x160
[  219.028784][ T9342]  should_failslab+0xc2/0x120
[  219.030872][ T9342]  __kmalloc_cache_noprof+0x6b/0x300
[  219.033199][ T9342]  ? igmp6_group_dropped+0x4ab/0xe40
[  219.035184][ T9342]  igmp6_group_dropped+0x4ab/0xe40
[  219.037314][ T9342]  ? __pfx___mutex_lock+0x10/0x10
[  219.039373][ T9342]  ? __pfx_igmp6_group_dropped+0x10/0x10
[  219.041317][ T9342]  __ipv6_dev_mc_dec+0x281/0x360
[  219.043013][ T9342]  ? __ipv6_dev_ac_dec+0x398/0x650
[  219.044963][ T9342]  addrconf_leave_solict+0x11f/0x180
[  219.047273][ T9342]  ? __pfx_addrconf_leave_solict+0x10/0x10
[  219.049758][ T9342]  ? mark_held_locks+0x9f/0xe0
[  219.051803][ T9342]  __ipv6_dev_ac_dec+0x3a5/0x650
[  219.054027][ T9342]  ipv6_sock_ac_drop+0x368/0x550
[  219.055956][ T9342]  do_ipv6_setsockopt+0x2cdd/0x47b0
[  219.058117][ T9342]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  219.060518][ T9342]  ? avc_has_perm_noaudit+0x143/0x3a0
[  219.062951][ T9342]  ? avc_has_perm+0x11b/0x1c0
[  219.064904][ T9342]  ? __pfx_avc_has_perm+0x10/0x10
[  219.066963][ T9342]  ? __lock_acquire+0xbdd/0x3cb0
[  219.069119][ T9342]  ? sock_has_perm+0x25a/0x2f0
[  219.071044][ T9342]  ? __pfx_sock_has_perm+0x10/0x10
[  219.073061][ T9342]  ? selinux_netlbl_socket_setsockopt+0x142/0x440
[  219.075586][ T9342]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  219.078130][ T9342]  ? ipv6_setsockopt+0xe3/0x1a0
[  219.080046][ T9342]  ipv6_setsockopt+0xe3/0x1a0
[  219.081932][ T9342]  udpv6_setsockopt+0x7d/0xd0
[  219.083952][ T9342]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  219.086533][ T9342]  do_sock_setsockopt+0x222/0x480
[  219.088722][ T9342]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  219.091073][ T9342]  ? __fget_light+0x173/0x210
[  219.093108][ T9342]  __sys_setsockopt+0x1a4/0x270
[  219.095241][ T9342]  ? __pfx___sys_setsockopt+0x10/0x10
[  219.097522][ T9342]  ? fput+0x32/0x390
[  219.099119][ T9342]  ? ksys_write+0x1ab/0x260
[  219.100983][ T9342]  ? __pfx_ksys_write+0x10/0x10
[  219.103016][ T9342]  __x64_sys_setsockopt+0xbd/0x160
[  219.105143][ T9342]  ? do_syscall_64+0x91/0x250
[  219.107165][ T9342]  ? lockdep_hardirqs_on+0x7c/0x110
[  219.109433][ T9342]  do_syscall_64+0xcd/0x250
[  219.111371][ T9342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.113851][ T9342] RIP: 0033:0x7f5d789773b9
[  219.115741][ T9342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.123094][ T9342] RSP: 002b:00007f5d79708048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  219.126622][ T9342] RAX: ffffffffffffffda RBX: 00007f5d78b05f80 RCX: 00007f5d789773b9
[  219.129991][ T9342] RDX: 000000000000001c RSI: 0000000000000029 RDI: 0000000000000003
[  219.133388][ T9342] RBP: 00007f5d797080a0 R08: 0000000000000014 R09: 0000000000000000
[  219.136553][ T9342] R10: 0000000020000700 R11: 0000000000000246 R12: 0000000000000001
[  219.139715][ T9342] R13: 000000000000000b R14: 00007f5d78b05f80 R15: 00007fff817338c8
[  219.142996][ T9342]  </TASK>
[  219.491759][ T9362] 9pnet_fd: Insufficient options for proto=fd
[  220.157138][   T39] audit: type=1400 audit(2125181612.154:398): avc:  denied  { setopt } for  pid=9368 comm="syz.1.882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  221.225798][ T9370] syz.1.882 (9370): drop_caches: 1
[  222.514309][ T9425] trusted_key: encrypted_key: keyword 'wpdate' not recognized
[  222.920668][ T9435] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  222.920668][ T9435]    program syz.3.896 not setting count and/or reply_len properly
[  223.376359][ T9446] 9pnet_fd: Insufficient options for proto=fd
[  223.696582][ T9459] 9pnet_fd: Insufficient options for proto=fd
[  224.343248][ T9472] FAULT_INJECTION: forcing a failure.
[  224.343248][ T9472] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.349410][ T9472] CPU: 3 UID: 0 PID: 9472 Comm: syz.2.904 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  224.354082][ T9472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  224.358730][ T9472] Call Trace:
[  224.360255][ T9472]  <TASK>
[  224.361591][ T9472]  dump_stack_lvl+0x16c/0x1f0
[  224.363708][ T9472]  should_fail_ex+0x497/0x5b0
[  224.365832][ T9472]  _copy_to_user+0x30/0xc0
[  224.367805][ T9472]  simple_read_from_buffer+0xd0/0x160
[  224.370215][ T9472]  proc_fail_nth_read+0x1b0/0x290
[  224.372454][ T9472]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  224.374896][ T9472]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  224.377340][ T9472]  vfs_read+0x1d4/0xbd0
[  224.378971][ T9472]  ? __fdget_pos+0xeb/0x180
[  224.380923][ T9472]  ? __pfx_vfs_read+0x10/0x10
[  224.382885][ T9472]  ? __pfx___mutex_lock+0x10/0x10
[  224.384937][ T9472]  ? __fget_files+0x256/0x400
[  224.386998][ T9472]  ksys_read+0x12f/0x260
[  224.388854][ T9472]  ? __pfx_ksys_read+0x10/0x10
[  224.390986][ T9472]  do_syscall_64+0xcd/0x250
[  224.392969][ T9472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.395001][ T9472] RIP: 0033:0x7f55cd175dfc
[  224.396528][ T9472] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  224.403997][ T9472] RSP: 002b:00007f55cdea3040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  224.407126][ T9472] RAX: ffffffffffffffda RBX: 00007f55cd305f80 RCX: 00007f55cd175dfc
[  224.410562][ T9472] RDX: 000000000000000f RSI: 00007f55cdea30b0 RDI: 0000000000000004
[  224.414235][ T9472] RBP: 00007f55cdea30a0 R08: 0000000000000000 R09: 0000000000000000
[  224.417619][ T9472] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  224.420913][ T9472] R13: 000000000000000b R14: 00007f55cd305f80 R15: 00007ffc2108bae8
[  224.424063][ T9472]  </TASK>
[  225.577387][ T9491] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  225.577387][ T9491]    program syz.1.909 not setting count and/or reply_len properly
[  225.614963][   T39] audit: type=1400 audit(2125181617.614:399): avc:  denied  { bind } for  pid=9480 comm="syz.3.907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  225.696542][ T9498] netlink: 4 bytes leftover after parsing attributes in process `syz.0.912'.
[  225.923796][ T9511] syzkaller1: entered promiscuous mode
[  225.926301][ T9511] syzkaller1: entered allmulticast mode
[  226.110219][   T39] audit: type=1400 audit(2125181618.114:400): avc:  denied  { create } for  pid=9518 comm="syz.2.916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  226.120703][ T9519] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  226.124047][ T9519] audit: out of memory in audit_log_start
[  226.133563][   T39] audit: type=1400 audit(2125181618.114:401): avc:  denied  { ioctl } for  pid=9518 comm="syz.2.916" path="socket:[29409]" dev="sockfs" ino=29409 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  226.176349][   T39] audit: type=1400 audit(2125181618.174:402): avc:  denied  { setcheckreqprot } for  pid=9518 comm="syz.2.916" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  226.630131][ T9531] 9pnet_fd: Insufficient options for proto=fd
[  227.522106][ T9549] syzkaller0: entered promiscuous mode
[  227.524601][ T9549] syzkaller0: entered allmulticast mode
[  227.628560][   T39] audit: type=1400 audit(2125181619.624:403): avc:  denied  { read } for  pid=9547 comm="syz.2.923" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  228.505205][ T9562] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  228.505205][ T9562]    program syz.3.926 not setting count and/or reply_len properly
[  229.954302][ T9592] nvme_fabrics: unknown parameter or missing value '÷¡<:"FXIPUü‰D‹ Ý{Ä�ù¾*“¬1�&Fn`Òè�΢÷~ëëÁ®Ìú<“ø�þh’mÜgéWÌ' in ctrl creation request
[  230.017480][ T9595] 9pnet_fd: Insufficient options for proto=fd
[  230.098228][ T9597] FAULT_INJECTION: forcing a failure.
[  230.098228][ T9597] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.107201][ T9597] CPU: 0 UID: 0 PID: 9597 Comm: syz.1.934 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  230.112248][ T9597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  230.116972][ T9597] Call Trace:
[  230.118384][ T9597]  <TASK>
[  230.119657][ T9597]  dump_stack_lvl+0x16c/0x1f0
[  230.121846][ T9597]  should_fail_ex+0x497/0x5b0
[  230.123686][ T9597]  _copy_from_user+0x30/0xf0
[  230.125654][ T9597]  bpf_ctx_init+0x151/0x1d0
[  230.127620][ T9597]  bpf_prog_test_run_sk_lookup+0x2a1/0xd00
[  230.130070][ T9597]  ? __pfx_lock_release+0x10/0x10
[  230.132072][ T9597]  ? find_held_lock+0x2d/0x110
[  230.134083][ T9597]  ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10
[  230.136439][ T9597]  ? fput+0x32/0x390
[  230.138182][ T9597]  ? __bpf_prog_get+0xa0/0x2f0
[  230.140283][ T9597]  ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10
[  230.143598][ T9597]  __sys_bpf+0x10d2/0x4a20
[  230.145683][ T9597]  ? ksys_write+0x21c/0x260
[  230.147701][ T9597]  ? reacquire_held_locks+0x3f0/0x4c0
[  230.150269][ T9597]  ? __pfx___sys_bpf+0x10/0x10
[  230.152433][ T9597]  ? vfs_write+0x14d/0x1140
[  230.154422][ T9597]  ? __mutex_unlock_slowpath+0x164/0x650
[  230.156978][ T9597]  ? fput+0x32/0x390
[  230.158732][ T9597]  ? ksys_write+0x1ab/0x260
[  230.160749][ T9597]  ? __pfx_ksys_write+0x10/0x10
[  230.162909][ T9597]  __x64_sys_bpf+0x78/0xc0
[  230.164910][ T9597]  ? lockdep_hardirqs_on+0x7c/0x110
[  230.167199][ T9597]  do_syscall_64+0xcd/0x250
[  230.169501][ T9597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.172149][ T9597] RIP: 0033:0x7f4110f773b9
[  230.174182][ T9597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.183333][ T9597] RSP: 002b:00007f4111ddc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  230.187004][ T9597] RAX: ffffffffffffffda RBX: 00007f4111105f80 RCX: 00007f4110f773b9
[  230.190466][ T9597] RDX: 0000000000000050 RSI: 00000000200005c0 RDI: 000000000000000a
[  230.193783][ T9597] RBP: 00007f4111ddc0a0 R08: 0000000000000000 R09: 0000000000000000
[  230.197090][ T9597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.200342][ T9597] R13: 000000000000000b R14: 00007f4111105f80 R15: 00007ffdf3d39308
[  230.203406][ T9597]  </TASK>
[  230.580345][ T9611] veth0_vlan: left promiscuous mode
[  230.695051][ T9616] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  230.695051][ T9616]    program syz.2.937 not setting count and/or reply_len properly
[  232.608059][ T9652] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  232.608059][ T9652]    program syz.1.947 not setting count and/or reply_len properly
[  233.354664][ T9671] 9pnet_fd: Insufficient options for proto=fd
[  235.052376][ T9698] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  235.052376][ T9698]    program syz.1.959 not setting count and/or reply_len properly
[  235.487645][ T9711] FAULT_INJECTION: forcing a failure.
[  235.487645][ T9711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.493898][ T9711] CPU: 3 UID: 0 PID: 9711 Comm: syz.2.961 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  235.497922][ T9711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.501957][ T9711] Call Trace:
[  235.503257][ T9711]  <TASK>
[  235.504418][ T9711]  dump_stack_lvl+0x16c/0x1f0
[  235.506239][ T9711]  should_fail_ex+0x497/0x5b0
[  235.508054][ T9711]  _copy_to_iter+0x44f/0x1150
[  235.509871][ T9711]  ? __pfx__copy_to_iter+0x10/0x10
[  235.511840][ T9711]  ? __virt_addr_valid+0x5e/0x590
[  235.513777][ T9711]  ? __phys_addr_symbol+0x30/0x80
[  235.515710][ T9711]  ? __check_object_size+0x497/0x720
[  235.517729][ T9711]  seq_read_iter+0xd06/0x12c0
[  235.519507][ T9711]  seq_read+0x390/0x4d0
[  235.520921][ T9711]  ? __pfx_seq_read+0x10/0x10
[  235.522708][ T9711]  ? __pfx___might_resched+0x10/0x10
[  235.524758][ T9711]  ? selinux_file_permission+0x125/0x590
[  235.526946][ T9711]  ? __pfx_seq_read+0x10/0x10
[  235.528756][ T9711]  proc_reg_read+0x243/0x340
[  235.530572][ T9711]  ? __pfx_proc_reg_read+0x10/0x10
[  235.532537][ T9711]  vfs_read+0x1d4/0xbd0
[  235.534161][ T9711]  ? __fdget_pos+0xeb/0x180
[  235.535911][ T9711]  ? __pfx_vfs_read+0x10/0x10
[  235.537744][ T9711]  ? __pfx___mutex_lock+0x10/0x10
[  235.539673][ T9711]  ? __fget_files+0x256/0x400
[  235.541501][ T9711]  ksys_read+0x12f/0x260
[  235.543136][ T9711]  ? __pfx_ksys_read+0x10/0x10
[  235.544992][ T9711]  do_syscall_64+0xcd/0x250
[  235.546772][ T9711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.549041][ T9711] RIP: 0033:0x7f55cd1773b9
[  235.550766][ T9711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.558139][ T9711] RSP: 002b:00007f55cde82048 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  235.561310][ T9711] RAX: ffffffffffffffda RBX: 00007f55cd306058 RCX: 00007f55cd1773b9
[  235.564336][ T9711] RDX: 0000000000002020 RSI: 00000000200042c0 RDI: 000000000000000a
[  235.567353][ T9711] RBP: 00007f55cde820a0 R08: 0000000000000000 R09: 0000000000000000
[  235.570392][ T9711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.573396][ T9711] R13: 000000000000006e R14: 00007f55cd306058 R15: 00007ffc2108bae8
[  235.576417][ T9711]  </TASK>
[  235.711905][ T9715] netlink: 'syz.1.963': attribute type 1 has an invalid length.
[  235.715504][ T9715] netlink: 244 bytes leftover after parsing attributes in process `syz.1.963'.
[  235.722693][ T9715] trusted_key: encrypted_key: insufficient parameters specified
[  235.729361][   T39] audit: type=1400 audit(2125181627.724:404): avc:  denied  { read write } for  pid=9714 comm="syz.1.963" name="usbmon5" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  235.740249][   T39] audit: type=1400 audit(2125181627.734:405): avc:  denied  { open } for  pid=9714 comm="syz.1.963" path="/dev/usbmon5" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  235.841974][ T9721] FAULT_INJECTION: forcing a failure.
[  235.841974][ T9721] name failslab, interval 1, probability 0, space 0, times 0
[  235.847546][ T9721] CPU: 3 UID: 0 PID: 9721 Comm: syz.2.964 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  235.851509][ T9721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.855906][ T9721] Call Trace:
[  235.857394][ T9721]  <TASK>
[  235.858697][ T9721]  dump_stack_lvl+0x16c/0x1f0
[  235.860799][ T9721]  should_fail_ex+0x497/0x5b0
[  235.862907][ T9721]  ? fs_reclaim_acquire+0xae/0x160
[  235.865182][ T9721]  should_failslab+0xc2/0x120
[  235.867279][ T9721]  kmem_cache_alloc_node_noprof+0x71/0x310
[  235.869816][ T9721]  ? __alloc_skb+0x2b1/0x380
[  235.872119][ T9721]  __alloc_skb+0x2b1/0x380
[  235.874105][ T9721]  ? __pfx___alloc_skb+0x10/0x10
[  235.876300][ T9721]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  235.878952][ T9721]  netlink_alloc_large_skb+0x69/0x130
[  235.881331][ T9721]  netlink_sendmsg+0x689/0xd70
[  235.883484][ T9721]  ? __pfx_netlink_sendmsg+0x10/0x10
[  235.885837][ T9721]  ? __import_iovec+0x1fd/0x6e0
[  235.887526][ T9721]  ____sys_sendmsg+0xab5/0xc90
[  235.889234][ T9721]  ? copy_msghdr_from_user+0x10b/0x160
[  235.891563][ T9721]  ? __pfx_____sys_sendmsg+0x10/0x10
[  235.893781][ T9721]  ? find_held_lock+0x2d/0x110
[  235.895686][ T9721]  ? __pfx___lock_acquire+0x10/0x10
[  235.897718][ T9721]  ___sys_sendmsg+0x135/0x1e0
[  235.899370][ T9721]  ? __pfx____sys_sendmsg+0x10/0x10
[  235.901203][ T9721]  ? ksys_write+0x21c/0x260
[  235.902837][ T9721]  ? __fget_light+0x173/0x210
[  235.904492][ T9721]  __sys_sendmsg+0x117/0x1f0
[  235.906432][ T9721]  ? __pfx___sys_sendmsg+0x10/0x10
[  235.908470][ T9721]  do_syscall_64+0xcd/0x250
[  235.910413][ T9721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.912982][ T9721] RIP: 0033:0x7f55cd1773b9
[  235.914993][ T9721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.923155][ T9721] RSP: 002b:00007f55cdea3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  235.926785][ T9721] RAX: ffffffffffffffda RBX: 00007f55cd305f80 RCX: 00007f55cd1773b9
[  235.930276][ T9721] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000004
[  235.933382][ T9721] RBP: 00007f55cdea30a0 R08: 0000000000000000 R09: 0000000000000000
[  235.936369][ T9721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.939522][ T9721] R13: 000000000000000b R14: 00007f55cd305f80 R15: 00007ffc2108bae8
[  235.943036][ T9721]  </TASK>
[  236.139246][ T5387] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  236.335058][ T5387] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  236.338788][ T5387] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.349646][ T5387] usb 6-1: Product: syz
[  236.351489][ T5387] usb 6-1: Manufacturer: syz
[  236.353418][ T5387] usb 6-1: SerialNumber: syz
[  236.378190][ T5387] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  236.413539][ T9729] 9pnet_fd: Insufficient options for proto=fd
[  236.435398][ T5387] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  236.637015][ T9732] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.646107][ T9732] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.671858][ T9553] usb 6-1: USB disconnect, device number 10
[  236.913914][ T9719] fuse: Unknown parameter '�¥ˆ8€ÕXrootmode'
[  237.249960][ T5349] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  237.256541][ T5349] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  237.261310][ T5349] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  237.265947][ T5349] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  237.270708][ T5349] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  237.273860][ T5349] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  237.500590][ T5387] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  237.504605][ T5387] ath9k_htc: Failed to initialize the device
[  237.518372][ T9553] usb 6-1: ath9k_htc: USB layer deinitialized
[  237.542081][ T9748] FAULT_INJECTION: forcing a failure.
[  237.542081][ T9748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.550203][ T9748] CPU: 0 UID: 0 PID: 9748 Comm: syz.3.970 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  237.555368][ T9748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  237.560125][ T9748] Call Trace:
[  237.561631][ T9748]  <TASK>
[  237.562919][ T9748]  dump_stack_lvl+0x16c/0x1f0
[  237.564906][ T9748]  should_fail_ex+0x497/0x5b0
[  237.566898][ T9748]  _copy_from_user+0x30/0xf0
[  237.568870][ T9748]  copy_msghdr_from_user+0x99/0x160
[  237.571075][ T9748]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  237.573536][ T9748]  ? rcu_is_watching+0x12/0xc0
[  237.575613][ T9748]  ? __pfx___lock_acquire+0x10/0x10
[  237.577933][ T9748]  ___sys_recvmsg+0xdc/0x1a0
[  237.579943][ T9748]  ? __pfx____sys_recvmsg+0x10/0x10
[  237.582130][ T9748]  ? find_held_lock+0x2d/0x110
[  237.584153][ T9748]  ? __pfx___might_resched+0x10/0x10
[  237.586379][ T9748]  ? __might_fault+0xe3/0x190
[  237.588359][ T9748]  do_recvmmsg+0x2ba/0x750
[  237.590257][ T9748]  ? __pfx_do_recvmmsg+0x10/0x10
[  237.592333][ T9748]  ? vfs_write+0x14d/0x1140
[  237.594259][ T9748]  ? __mutex_unlock_slowpath+0x164/0x650
[  237.596620][ T9748]  __x64_sys_recvmmsg+0x239/0x290
[  237.598758][ T9748]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  237.601111][ T9748]  do_syscall_64+0xcd/0x250
[  237.603047][ T9748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.605568][ T9748] RIP: 0033:0x7fa388d773b9
[  237.607420][ T9748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.615064][ T9748] RSP: 002b:00007fa389acf048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  237.618744][ T9748] RAX: ffffffffffffffda RBX: 00007fa388f06058 RCX: 00007fa388d773b9
[  237.621962][ T9748] RDX: 0000000000000a0d RSI: 00000000200066c0 RDI: 0000000000000005
[  237.625469][ T9748] RBP: 00007fa389acf0a0 R08: 0000000000000000 R09: 0000000000000000
[  237.628600][ T9748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.629516][ T9737] chnl_net:caif_netlink_parms(): no params data found
[  237.631672][ T9748] R13: 000000000000006e R14: 00007fa388f06058 R15: 00007ffea42afbb8
[  237.637617][ T9748]  </TASK>
[  237.639204][    C0] vkms_vblank_simulate: vblank timer overrun
[  237.649773][ T9745] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  237.649773][ T9745]    program syz.1.971 not setting count and/or reply_len properly
[  237.748384][ T9737] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.754637][ T9737] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.757956][ T9737] bridge_slave_0: entered allmulticast mode
[  237.761309][ T9737] bridge_slave_0: entered promiscuous mode
[  237.766950][ T9737] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.770133][ T9737] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.772747][ T9737] bridge_slave_1: entered allmulticast mode
[  237.776128][ T9737] bridge_slave_1: entered promiscuous mode
[  237.835345][ T9737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.841895][ T9737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.905020][ T9737] team0: Port device team_slave_0 added
[  237.909650][ T9737] team0: Port device team_slave_1 added
[  237.947084][ T9759] cgroup: name respecified
[  237.972627][ T9737] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.975957][ T9737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.986907][ T9737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.993536][ T9737] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.996602][ T9737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.007707][ T9737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.076076][ T9737] hsr_slave_0: entered promiscuous mode
[  238.079656][ T9737] hsr_slave_1: entered promiscuous mode
[  238.082964][ T9737] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.086106][ T9737] Cannot create hsr debugfs directory
[  238.172000][ T9766] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.178425][ T9766] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.238028][ T9737] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.329839][ T9737] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.407176][ T9737] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.471996][ T9775] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22)
[  238.496487][ T9737] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.517656][ T9777] netlink: 8 bytes leftover after parsing attributes in process `syz.1.980'.
[  238.579404][ T9779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.981'.
[  238.644556][ T9737] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  238.650710][ T9737] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  238.657382][ T9737] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  238.664450][ T9737] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  238.742638][ T9737] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.747686][ T9790] binder: 9786:9790 ioctl c0306201 0 returned -14
[  238.747759][ T9787] netlink: 4 bytes leftover after parsing attributes in process `syz.2.982'.
[  238.769332][ T9737] 8021q: adding VLAN 0 to HW filter on device team0
[  238.782761][ T1811] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.786038][ T1811] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.791137][ T1811] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.794499][ T1811] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.033797][ T9807] netlink: 32 bytes leftover after parsing attributes in process `syz.3.986'.
[  239.034046][ T9737] 8021q: adding VLAN 0 to HW filter on device batadv0
[  239.061854][   T39] audit: type=1400 audit(2125181631.064:406): avc:  denied  { setopt } for  pid=9806 comm="syz.3.986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  239.083962][ T9737] veth0_vlan: entered promiscuous mode
[  239.096656][ T9737] veth1_vlan: entered promiscuous mode
[  239.129951][ T9737] veth0_macvtap: entered promiscuous mode
[  239.136764][ T9737] veth1_macvtap: entered promiscuous mode
[  239.152803][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.160828][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.165467][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.171474][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.199005][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.203737][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.208131][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.213053][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.217343][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.222111][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.227761][ T9737] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.260123][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.264153][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.267871][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.274319][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.280921][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.286354][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.290693][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.295233][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.299336][   T39] audit: type=1400 audit(2125181631.304:407): avc:  denied  { ioctl } for  pid=9815 comm="syz.3.988" path="/dev/usbmon0" dev="devtmpfs" ino=723 ioctlcmd=0x9201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  239.300173][ T9737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.317961][ T9737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.326112][ T9737] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.329671][ T5358] Bluetooth: hci5: command tx timeout
[  239.338609][ T9737] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.343084][ T9737] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.347212][ T9737] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.351800][ T9737] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.422024][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  239.425581][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.463941][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  239.467453][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.612892][ T9825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'.
[  239.670822][ T9827] netlink: 4 bytes leftover after parsing attributes in process `syz.0.991'.
[  239.837938][ T9823] netlink: 68 bytes leftover after parsing attributes in process `syz.3.989'.
[  239.842103][ T9823] netlink: 68 bytes leftover after parsing attributes in process `syz.3.989'.
[  239.955481][ T9846] ip6gretap0 speed is unknown, defaulting to 1000
[  239.958325][ T9846] ip6gretap0 speed is unknown, defaulting to 1000
[  239.962544][ T9846] ip6gretap0 speed is unknown, defaulting to 1000
[  239.971660][ T9846] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  239.981927][ T9846] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  240.015330][ T9846] ip6gretap0 speed is unknown, defaulting to 1000
[  240.019381][ T9846] ip6gretap0 speed is unknown, defaulting to 1000
[  240.023669][ T9846] ip6gretap0 speed is unknown, defaulting to 1000
[  240.027953][ T9846] ip6gretap0 speed is unknown, defaulting to 1000
[  240.035939][ T9846] ip6gretap0 speed is unknown, defaulting to 1000
[  240.038983][ T9846] ip6gretap0 speed is unknown, defaulting to 1000
[  240.153476][   T39] audit: type=1400 audit(2125181632.154:408): avc:  denied  { getopt } for  pid=9850 comm="syz.1.996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  240.191602][ T9853] bond0: entered promiscuous mode
[  240.193807][ T9853] bond_slave_0: entered promiscuous mode
[  240.197645][ T9853] bond_slave_1: entered promiscuous mode
[  240.265684][ T9857] fuse: Unknown parameter 'fd½0x0000000000000004'
[  240.271372][   T39] audit: type=1400 audit(2125181632.274:409): avc:  denied  { accept } for  pid=9856 comm="syz.1.998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  240.306233][ T9857] can0: slcan on ttyS3.
[  240.363989][ T9862] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1000'.
[  240.370823][   T39] audit: type=1400 audit(2125181632.364:410): avc:  denied  { read } for  pid=9861 comm="syz.0.1000" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  240.370896][ T9857] can0 (unregistered): slcan off ttyS3.
[  240.380948][   T39] audit: type=1400 audit(2125181632.364:411): avc:  denied  { open } for  pid=9861 comm="syz.0.1000" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  240.496551][ T9868] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  240.496551][ T9868]    program syz.1.1001 not setting count and/or reply_len properly
[  240.769114][ T1418] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  240.959719][ T1418] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  240.963998][ T1418] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  240.967771][ T1418] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  240.972297][ T1418] usb 5-1: config 0 interface 0 has no altsetting 0
[  240.976246][ T1418] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  240.980204][ T1418] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  240.984856][ T1418] usb 5-1: config 0 interface 0 has no altsetting 0
[  240.989100][ T1418] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  240.992931][ T1418] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  240.997576][ T1418] usb 5-1: config 0 interface 0 has no altsetting 0
[  241.001672][ T1418] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.005395][ T1418] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.010333][ T1418] usb 5-1: config 0 interface 0 has no altsetting 0
[  241.015288][ T1418] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.019167][ T1418] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.023723][ T1418] usb 5-1: config 0 interface 0 has no altsetting 0
[  241.027664][ T1418] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.031220][ T1418] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.035168][ T1418] usb 5-1: config 0 interface 0 has no altsetting 0
[  241.039077][ T1418] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.042914][ T1418] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.047493][ T1418] usb 5-1: config 0 interface 0 has no altsetting 0
[  241.052069][ T1418] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.055677][ T1418] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.060707][ T1418] usb 5-1: config 0 interface 0 has no altsetting 0
[  241.065748][ T1418] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  241.068774][ T1418] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  241.072100][ T1418] usb 5-1: Product: syz
[  241.073965][ T1418] usb 5-1: Manufacturer: syz
[  241.076048][ T1418] usb 5-1: SerialNumber: syz
[  241.089773][ T1418] usb 5-1: config 0 descriptor??
[  241.100453][ T1418] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  241.308543][ T9862] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  241.319142][ T1811] usb 5-1: USB disconnect, device number 8
[  241.332149][ T1811] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  241.419200][ T5358] Bluetooth: hci5: command tx timeout
[  241.588639][ T9900] __nla_validate_parse: 4 callbacks suppressed
[  241.588651][ T9900] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1011'.
[  241.595440][ T9900] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1011'.
[  241.653693][ T9904] bridge0: port 3(gretap1) entered blocking state
[  241.656694][ T9904] bridge0: port 3(gretap1) entered disabled state
[  241.660575][ T9904] gretap1: entered allmulticast mode
[  241.664345][ T9904] gretap1: entered promiscuous mode
[  241.676938][ T9904] bridge0: port 3(gretap1) entered blocking state
[  241.680986][ T9904] bridge0: port 3(gretap1) entered forwarding state
[  241.707689][ T9905] siw: device registration error -23
[  241.854112][ T9910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1014'.
[  242.007544][ T9917] 9pnet_fd: Insufficient options for proto=fd
[  242.015410][ T9925] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  242.015410][ T9925]    program syz.0.1015 not setting count and/or reply_len properly
[  242.147881][ T9929] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1017'.
[  242.153826][ T9929] netlink: 'syz.3.1017': attribute type 2 has an invalid length.
[  242.157272][ T9929] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1017'.
[  242.247808][ T9929] pim6reg1: entered promiscuous mode
[  242.251245][ T9929] pim6reg1: entered allmulticast mode
[  242.389110][   T39] audit: type=1400 audit(2125181634.394:412): avc:  denied  { bind } for  pid=9930 comm="syz.1.1018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  242.399394][   T39] audit: type=1400 audit(2125181634.394:413): avc:  denied  { name_bind } for  pid=9930 comm="syz.1.1018" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  242.411533][   T39] audit: type=1400 audit(2125181634.394:414): avc:  denied  { node_bind } for  pid=9930 comm="syz.1.1018" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  242.419906][   T39] audit: type=1400 audit(2125181634.404:415): avc:  denied  { listen } for  pid=9930 comm="syz.1.1018" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  242.429975][   T39] audit: type=1400 audit(2125181634.404:416): avc:  denied  { connect } for  pid=9930 comm="syz.1.1018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  242.443724][   T39] audit: type=1400 audit(2125181634.404:417): avc:  denied  { name_connect } for  pid=9930 comm="syz.1.1018" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  242.478792][   T39] audit: type=1400 audit(2125181634.474:418): avc:  denied  { accept } for  pid=9930 comm="syz.1.1018" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  242.808354][ T9553] IPVS: starting estimator thread 0...
[  242.911694][ T9946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  242.918450][ T9946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  242.919132][ T9943] IPVS: using max 34 ests per chain, 81600 per kthread
[  243.178342][ T9949] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1023'.
[  243.261400][ T9952] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1024'.
[  243.311939][ T9949] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1023'.
[  243.489533][ T5358] Bluetooth: hci5: command tx timeout
[  243.549007][  T832] IPVS: starting estimator thread 0...
[  243.609174][   T25] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  243.619109][   T39] audit: type=1326 audit(2125181635.614:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9969 comm="syz.2.1028" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x0
[  243.643034][ T9966] IPVS: using max 33 ests per chain, 79200 per kthread
[  243.653550][ T9968] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  243.653550][ T9968]    program syz.0.1029 not setting count and/or reply_len properly
[  243.820097][   T25] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  243.826175][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.832088][   T25] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.837069][   T25] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.841726][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.845764][   T25] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.851604][   T25] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.855940][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.860208][   T25] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.865115][   T25] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.872160][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.876160][   T25] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.881672][   T25] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.886230][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.891343][   T25] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.897780][   T25] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.902573][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.906567][   T25] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.911502][   T25] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.915898][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.920028][   T25] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.924837][   T25] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.928746][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.933507][   T25] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.939151][   T25] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.945371][   T25] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  243.949705][   T25] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  243.953563][   T25] usb 8-1: Product: syz
[  243.955590][   T25] usb 8-1: Manufacturer: syz
[  243.957816][   T25] usb 8-1: SerialNumber: syz
[  243.962518][   T25] usb 8-1: config 0 descriptor??
[  243.972138][   T25] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[  244.198331][ T9949] IPVS: sed: TCP 172.20.20.170:21 - no destination available
[  244.201646][ T9949] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  244.215120][ T9553] usb 8-1: USB disconnect, device number 3
[  244.219289][ T9553] yurex 8-1:0.0: USB YUREX #0 now disconnected
[  244.311253][ T9989] 9pnet_fd: Insufficient options for proto=fd
[  244.795413][T10004] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1036'.
[  244.799874][T10004] netlink: 'syz.0.1036': attribute type 2 has an invalid length.
[  244.804556][T10004] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1036'.
[  244.867826][T10004] pim6reg1: entered promiscuous mode
[  244.870392][T10004] pim6reg1: entered allmulticast mode
[  245.111794][   T53] block nbd0: Possible stuck request ffff88802124a000: control (read@0,4096B). Runtime 60 seconds
[  245.149867][T10013] 9pnet_fd: Insufficient options for proto=fd
[  245.401639][T10020] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  245.401639][T10020]    program syz.2.1040 not setting count and/or reply_len properly
[  245.569285][ T5358] Bluetooth: hci5: command tx timeout
[  245.853564][   T39] audit: type=1326 audit(2125181637.854:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10026 comm="syz.1.1042" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4110f773b9 code=0x0
[  246.210270][   T39] audit: type=1400 audit(2125181638.214:421): avc:  denied  { open } for  pid=10042 comm="syz.2.1046" path="/dev/ptyq8" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  246.282940][T10043] netlink: 'syz.2.1046': attribute type 2 has an invalid length.
[  246.286688][T10043] netlink: 'syz.2.1046': attribute type 1 has an invalid length.
[  247.075233][T10053] 9pnet_fd: Insufficient options for proto=fd
[  247.082093][T10064] FAULT_INJECTION: forcing a failure.
[  247.082093][T10064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.094657][T10064] CPU: 2 UID: 0 PID: 10064 Comm: syz.2.1051 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  247.100270][T10064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.104921][T10064] Call Trace:
[  247.106590][T10064]  <TASK>
[  247.107875][T10064]  dump_stack_lvl+0x16c/0x1f0
[  247.109968][T10064]  should_fail_ex+0x497/0x5b0
[  247.112832][T10064]  _copy_from_user+0x30/0xf0
[  247.115317][T10064]  ? __pfx_do_get_msr+0x10/0x10
[  247.117556][T10064]  msr_io+0x94/0x290
[  247.119515][T10064]  ? kvm_arch_vcpu_load+0x4ba/0x980
[  247.121736][T10064]  ? __pfx_msr_io+0x10/0x10
[  247.123318][T10064]  kvm_arch_vcpu_ioctl+0x2a95/0x49d0
[  247.125143][T10064]  ? kvm_arch_vcpu_ioctl+0x2a78/0x49d0
[  247.127250][T10064]  ? stack_trace_save+0x95/0xd0
[  247.129394][T10064]  ? __pfx_stack_trace_save+0x10/0x10
[  247.131956][T10064]  ? hlock_class+0x4e/0x130
[  247.134077][T10064]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  247.136674][T10064]  ? do_syscall_64+0xcd/0x250
[  247.139103][T10064]  ? __pfx___lock_acquire+0x10/0x10
[  247.141149][T10064]  ? hlock_class+0x4e/0x130
[  247.143276][T10064]  ? mark_lock+0xb5/0xc60
[  247.145193][T10064]  ? lock_acquire+0x1b1/0x560
[  247.147355][T10064]  ? __mutex_trylock_common+0xea/0x250
[  247.149724][T10064]  ? __pfx___mutex_trylock_common+0x10/0x10
[  247.152383][T10064]  ? rcu_is_watching+0x12/0xc0
[  247.154473][T10064]  ? trace_contention_end+0xea/0x140
[  247.156796][T10064]  ? __mutex_lock+0x1a6/0x9c0
[  247.158832][T10064]  ? tomoyo_path_number_perm+0x292/0x590
[  247.160908][T10064]  ? __pfx_lock_release+0x10/0x10
[  247.162979][T10064]  ? kvm_vcpu_ioctl+0x1e4/0x1520
[  247.165242][T10064]  ? __pfx___mutex_lock+0x10/0x10
[  247.168459][T10064]  ? kfree+0x12a/0x3b0
[  247.170684][T10064]  ? tomoyo_path_number_perm+0x467/0x590
[  247.173901][T10064]  ? tomoyo_path_number_perm+0x190/0x590
[  247.176339][T10064]  ? kvm_vcpu_ioctl+0x9e7/0x1520
[  247.178572][T10064]  kvm_vcpu_ioctl+0x9e7/0x1520
[  247.180708][T10064]  ? do_vfs_ioctl+0x515/0x1ad0
[  247.182778][T10064]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  247.185237][T10064]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  247.188493][T10064]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  247.191422][T10064]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  247.194562][T10064]  ? selinux_file_ioctl+0x180/0x270
[  247.197081][T10064]  ? selinux_file_ioctl+0xb4/0x270
[  247.199111][T10064]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  247.201552][T10064]  __x64_sys_ioctl+0x193/0x220
[  247.203768][T10064]  do_syscall_64+0xcd/0x250
[  247.205939][T10064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.208400][T10064] RIP: 0033:0x7f55cd1773b9
[  247.210482][T10064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.218094][T10064] RSP: 002b:00007f55cdea3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  247.222109][T10064] RAX: ffffffffffffffda RBX: 00007f55cd305f80 RCX: 00007f55cd1773b9
[  247.226060][T10064] RDX: 0000000020000040 RSI: 00000000c008ae88 RDI: 0000000000000006
[  247.229530][T10064] RBP: 00007f55cdea30a0 R08: 0000000000000000 R09: 0000000000000000
[  247.232901][T10064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.236098][T10064] R13: 000000000000000b R14: 00007f55cd305f80 R15: 00007ffc2108bae8
[  247.240432][T10064]  </TASK>
[  247.305011][T10067] 9pnet_fd: Insufficient options for proto=fd
[  247.798855][T10083] loop0: detected capacity change from 0 to 6
[  247.806770][T10083] Dev loop0: unable to read RDB block 6
[  247.811216][T10083]  loop0: unable to read partition table
[  247.813319][T10083] loop0: partition table beyond EOD, truncated
[  247.815919][T10083] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  247.815919][T10083] 
) failed (rc=-5)
[  247.948769][T10088] sg_write: data in/out 2053731068/60 bytes for SCSI command 0x0-- guessing data in;
[  247.948769][T10088]    program syz.2.1057 not setting count and/or reply_len properly
[  248.481149][ T4827] Dev loop0: unable to read RDB block 6
[  248.486753][ T4827]  loop0: unable to read partition table
[  248.495764][ T4827] loop0: partition table beyond EOD, truncated
[  249.666836][T10103] __nla_validate_parse: 1 callbacks suppressed
[  249.666854][T10103] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1061'.
[  249.931929][   T39] kauditd_printk_skb: 2 callbacks suppressed
[  249.931945][   T39] audit: type=1326 audit(2125181641.934:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  249.950568][   T39] audit: type=1326 audit(2125181641.934:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  249.951617][T10113] netlink: 'syz.2.1063': attribute type 2 has an invalid length.
[  249.962939][   T39] audit: type=1326 audit(2125181641.944:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  249.975439][   T39] audit: type=1326 audit(2125181641.944:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  249.985965][   T39] audit: type=1326 audit(2125181641.944:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  249.995029][   T39] audit: type=1326 audit(2125181641.954:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  250.005396][   T39] audit: type=1326 audit(2125181641.954:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  250.015412][   T39] audit: type=1326 audit(2125181641.954:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  250.024780][   T39] audit: type=1326 audit(2125181641.954:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  250.035347][   T39] audit: type=1326 audit(2125181641.954:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10112 comm="syz.2.1063" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  250.487110][T10126] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  250.487110][T10126]    program syz.2.1066 not setting count and/or reply_len properly
[  250.665548][T10141] netlink: 'syz.3.1070': attribute type 2 has an invalid length.
[  250.669649][T10141] netlink: 'syz.3.1070': attribute type 1 has an invalid length.
[  250.673074][T10141] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1070'.
[  251.118988][ T5388] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  251.269278][ T5388] usb 8-1: device descriptor read/64, error -71
[  251.559475][ T5388] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  251.819993][ T5388] usb 8-1: device descriptor read/64, error -71
[  251.963623][ T5388] usb usb8-port1: attempt power cycle
[  252.490050][ T5388] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  252.519510][T10170] 9pnet_fd: Insufficient options for proto=fd
[  252.533780][ T5388] usb 8-1: device descriptor read/8, error -71
[  252.849124][ T5388] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  252.908530][ T5388] usb 8-1: device descriptor read/8, error -71
[  253.029181][ T5388] usb usb8-port1: unable to enumerate USB device
[  253.052356][T10177] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1080'.
[  253.123876][T10176] netlink: 'syz.0.1079': attribute type 2 has an invalid length.
[  253.128781][T10176] netlink: 'syz.0.1079': attribute type 1 has an invalid length.
[  253.134305][T10176] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1079'.
[  253.181455][T10178] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1080'.
[  253.269413][T10181] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  253.269413][T10181]    program syz.0.1081 not setting count and/or reply_len properly
[  253.472172][    T9] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  253.650137][    T9] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  253.655102][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  253.659504][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  253.663558][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  253.666663][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  253.669863][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  253.673619][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  253.676847][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  253.680753][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  253.685138][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  253.689137][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  253.693167][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  253.697309][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  253.705537][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  253.709897][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  253.715498][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  253.719218][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  253.722761][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  253.726983][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  253.731103][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  253.735053][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  253.739920][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  253.742999][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  253.745955][    T9] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  253.749817][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  253.753755][    T9] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  253.756789][    T9] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  253.760268][    T9] usb 6-1: Product: syz
[  253.762520][    T9] usb 6-1: Manufacturer: syz
[  253.764693][    T9] usb 6-1: SerialNumber: syz
[  253.769219][    T9] usb 6-1: config 0 descriptor??
[  253.775806][    T9] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  254.009383][T10177] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  254.023648][   T30] usb 6-1: USB disconnect, device number 11
[  254.032413][   T30] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  254.037908][T10192] loop0: detected capacity change from 0 to 6
[  254.045847][T10192] Dev loop0: unable to read RDB block 6
[  254.048472][T10192]  loop0: unable to read partition table
[  254.056400][T10192] loop0: partition table beyond EOD, truncated
[  254.059795][T10192] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  254.059795][T10192] 
) failed (rc=-5)
[  254.635639][T10207] netlink: 'syz.3.1089': attribute type 2 has an invalid length.
[  254.638995][T10207] netlink: 'syz.3.1089': attribute type 1 has an invalid length.
[  254.642457][T10207] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1089'.
[  254.715795][T10210] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  254.715795][T10210]    program syz.1.1090 not setting count and/or reply_len properly
[  254.985903][   T39] kauditd_printk_skb: 70 callbacks suppressed
[  254.985915][   T39] audit: type=1400 audit(2125181646.984:504): avc:  denied  { unmount } for  pid=5348 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  255.406210][T10232] FAULT_INJECTION: forcing a failure.
[  255.406210][T10232] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.411711][T10232] CPU: 3 UID: 0 PID: 10232 Comm: syz.1.1094 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  255.415883][T10232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.419841][T10232] Call Trace:
[  255.421011][T10232]  <TASK>
[  255.422070][T10232]  dump_stack_lvl+0x16c/0x1f0
[  255.424194][T10232]  should_fail_ex+0x497/0x5b0
[  255.426298][T10232]  _copy_to_user+0x30/0xc0
[  255.428277][T10232]  simple_read_from_buffer+0xd0/0x160
[  255.430573][T10232]  proc_fail_nth_read+0x1b0/0x290
[  255.432643][T10232]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  255.434667][T10232]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  255.436516][T10232]  vfs_read+0x1d4/0xbd0
[  255.437929][T10232]  ? __fdget_pos+0xeb/0x180
[  255.439454][T10232]  ? __pfx_vfs_read+0x10/0x10
[  255.441203][T10232]  ? __pfx___mutex_lock+0x10/0x10
[  255.442971][T10232]  ? __fget_files+0x256/0x400
[  255.444642][T10232]  ksys_read+0x12f/0x260
[  255.446126][T10232]  ? __pfx_ksys_read+0x10/0x10
[  255.447764][T10232]  do_syscall_64+0xcd/0x250
[  255.449337][T10232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.450598][T10228] 9pnet_fd: Insufficient options for proto=fd
[  255.451473][T10232] RIP: 0033:0x7f4110f75dfc
[  255.455907][T10232] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  255.463908][T10232] RSP: 002b:00007f4111ddc040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  255.467431][T10232] RAX: ffffffffffffffda RBX: 00007f4111105f80 RCX: 00007f4110f75dfc
[  255.470705][T10232] RDX: 000000000000000f RSI: 00007f4111ddc0b0 RDI: 0000000000000004
[  255.473999][T10232] RBP: 00007f4111ddc0a0 R08: 0000000000000000 R09: 0000000000000000
[  255.477270][T10232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.480536][T10232] R13: 000000000000000b R14: 00007f4111105f80 R15: 00007ffdf3d39308
[  255.483801][T10232]  </TASK>
[  256.062619][T10246] netlink: 'syz.3.1099': attribute type 2 has an invalid length.
[  256.066037][T10246] netlink: 'syz.3.1099': attribute type 1 has an invalid length.
[  256.070963][T10246] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1099'.
[  256.853541][T10257] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  256.853541][T10257]    program syz.1.1102 not setting count and/or reply_len properly
[  257.502757][T10272] 9pnet_fd: Insufficient options for proto=fd
[  258.935517][T10282] FAULT_INJECTION: forcing a failure.
[  258.935517][T10282] name failslab, interval 1, probability 0, space 0, times 0
[  258.940843][T10282] CPU: 3 UID: 0 PID: 10282 Comm: syz.2.1107 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  258.945214][T10282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.949559][T10282] Call Trace:
[  258.951016][T10282]  <TASK>
[  258.952269][T10282]  dump_stack_lvl+0x16c/0x1f0
[  258.954300][T10282]  should_fail_ex+0x497/0x5b0
[  258.956279][T10282]  ? fs_reclaim_acquire+0xae/0x160
[  258.958156][T10282]  should_failslab+0xc2/0x120
[  258.959867][T10282]  __kmalloc_cache_noprof+0x6b/0x300
[  258.962098][T10282]  ? sctp_transport_new+0x93/0x790
[  258.964319][T10282]  sctp_transport_new+0x93/0x790
[  258.966457][T10282]  sctp_assoc_add_peer+0x2e5/0x1530
[  258.968531][T10282]  sctp_connect_new_asoc+0x209/0x790
[  258.970908][T10282]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  258.973097][T10282]  ? selinux_sctp_bind_connect+0x112/0x2c0
[  258.975325][T10282]  sctp_sendmsg+0x1610/0x1eb0
[  258.977313][T10282]  ? __pfx_sctp_sendmsg+0x10/0x10
[  258.979434][T10282]  ? sock_has_perm+0x25a/0x2f0
[  258.981615][T10282]  ? __might_fault+0xe3/0x190
[  258.983770][T10282]  ? __pfx_sctp_sendmsg+0x10/0x10
[  258.985992][T10282]  inet_sendmsg+0x119/0x140
[  258.988006][T10282]  __sys_sendto+0x42c/0x4e0
[  258.989905][T10282]  ? __pfx___sys_sendto+0x10/0x10
[  258.991821][T10282]  ? ksys_write+0x1ab/0x260
[  258.993711][T10282]  ? __pfx_ksys_write+0x10/0x10
[  258.995878][T10282]  __x64_sys_sendto+0xe0/0x1c0
[  258.998005][T10282]  ? do_syscall_64+0x91/0x250
[  259.000017][T10282]  ? lockdep_hardirqs_on+0x7c/0x110
[  259.002370][T10282]  do_syscall_64+0xcd/0x250
[  259.004424][T10282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.006920][T10282] RIP: 0033:0x7f55cd1773b9
[  259.008912][T10282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.016933][T10282] RSP: 002b:00007f55cdea3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  259.020528][T10282] RAX: ffffffffffffffda RBX: 00007f55cd305f80 RCX: 00007f55cd1773b9
[  259.023915][T10282] RDX: 0000000000000001 RSI: 0000000020000500 RDI: 0000000000000006
[  259.027396][T10282] RBP: 00007f55cdea30a0 R08: 0000000020000100 R09: 000000000000001c
[  259.030569][T10282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.033845][T10282] R13: 000000000000000b R14: 00007f55cd305f80 R15: 00007ffc2108bae8
[  259.036633][T10282]  </TASK>
[  259.333017][T10291] EXT4-fs (sda1): shut down requested (2)
[  259.335902][T10291] Aborting journal on device sda1-8.
[  259.536248][T10306] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  259.536248][T10306]    program syz.1.1113 not setting count and/or reply_len properly
[  259.616789][T10312] 9pnet_fd: Insufficient options for proto=fd
[  259.916648][T10316] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1114'.
[  260.057186][T10334] FAULT_INJECTION: forcing a failure.
[  260.057186][T10334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.063953][T10334] CPU: 2 UID: 0 PID: 10334 Comm: syz.3.1119 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  260.068715][T10334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.073573][T10334] Call Trace:
[  260.074979][T10334]  <TASK>
[  260.076294][T10334]  dump_stack_lvl+0x16c/0x1f0
[  260.078410][T10334]  should_fail_ex+0x497/0x5b0
[  260.080541][T10334]  _copy_from_iter+0x44f/0x1150
[  260.082727][T10334]  ? __pfx__copy_from_iter+0x10/0x10
[  260.085086][T10334]  ? __virt_addr_valid+0x5e/0x590
[  260.087338][T10334]  ? __phys_addr_symbol+0x30/0x80
[  260.089718][T10334]  ? __check_object_size+0x497/0x720
[  260.092012][T10334]  skb_copy_datagram_from_iter+0x121/0x6c0
[  260.094535][T10334]  packet_sendmsg+0x2136/0x53a0
[  260.096610][T10334]  ? sock_has_perm+0x25a/0x2f0
[  260.098682][T10334]  ? __pfx_sock_has_perm+0x10/0x10
[  260.100871][T10334]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  260.103865][T10334]  ? __pfx_packet_sendmsg+0x10/0x10
[  260.106193][T10334]  ? __import_iovec+0x1fd/0x6e0
[  260.108389][T10334]  ____sys_sendmsg+0xab5/0xc90
[  260.110569][T10334]  ? copy_msghdr_from_user+0x10b/0x160
[  260.112778][T10334]  ? __pfx_____sys_sendmsg+0x10/0x10
[  260.114838][T10334]  ? find_held_lock+0x2d/0x110
[  260.116717][T10334]  ? __pfx___lock_acquire+0x10/0x10
[  260.119049][T10334]  ___sys_sendmsg+0x135/0x1e0
[  260.121227][T10334]  ? __pfx____sys_sendmsg+0x10/0x10
[  260.123571][T10334]  ? ksys_write+0x21c/0x260
[  260.125547][T10334]  ? __fget_light+0x173/0x210
[  260.127694][T10334]  __sys_sendmsg+0x117/0x1f0
[  260.129960][T10334]  ? __pfx___sys_sendmsg+0x10/0x10
[  260.132310][T10334]  do_syscall_64+0xcd/0x250
[  260.134348][T10334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.136922][T10334] RIP: 0033:0x7fa388d773b9
[  260.138671][T10334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.147035][T10334] RSP: 002b:00007fa389af0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.150559][T10334] RAX: ffffffffffffffda RBX: 00007fa388f05f80 RCX: 00007fa388d773b9
[  260.153823][T10334] RDX: 00000000200400c4 RSI: 0000000020000180 RDI: 0000000000000003
[  260.157502][T10334] RBP: 00007fa389af00a0 R08: 0000000000000000 R09: 0000000000000000
[  260.161016][T10334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.164480][T10334] R13: 000000000000000b R14: 00007fa388f05f80 R15: 00007ffea42afbb8
[  260.167957][T10334]  </TASK>
[  260.210218][   T39] audit: type=1400 audit(2125181652.214:505): avc:  denied  { create } for  pid=10336 comm="syz.1.1120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  260.229658][   T39] audit: type=1400 audit(2125181652.234:506): avc:  denied  { getopt } for  pid=10336 comm="syz.1.1120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  260.775079][T10362] 9pnet_fd: Insufficient options for proto=fd
[  261.742104][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[  261.744952][ T1380] ieee802154 phy1 wpan1: encryption failed: -22
[  261.939093][ T5388] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  262.105351][T10381] Invalid logical block size (43862)
[  262.139104][ T5388] usb 8-1: Using ep0 maxpacket: 16
[  262.149676][ T5388] usb 8-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  262.153627][ T5388] usb 8-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  262.157368][ T5388] usb 8-1: Product: syz
[  262.159901][ T5388] usb 8-1: Manufacturer: syz
[  262.161909][ T5388] usb 8-1: SerialNumber: syz
[  262.165768][ T5388] usb 8-1: config 0 descriptor??
[  262.229584][   T39] audit: type=1326 audit(2125181654.234:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10384 comm="syz.2.1129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  262.239101][   T39] audit: type=1400 audit(2125181654.234:508): avc:  denied  { read } for  pid=10382 comm="syz.0.1132" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  262.248698][   T39] audit: type=1326 audit(2125181654.234:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10384 comm="syz.2.1129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  262.259294][   T39] audit: type=1400 audit(2125181654.234:510): avc:  denied  { open } for  pid=10382 comm="syz.0.1132" path="/43/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  262.267998][   T39] audit: type=1326 audit(2125181654.234:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10384 comm="syz.2.1129" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  262.279238][   T39] audit: type=1400 audit(2125181654.234:512): avc:  denied  { ioctl } for  pid=10382 comm="syz.0.1132" path="/43/file0/file0" dev="fuse" ino=0 ioctlcmd=0x929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  262.289286][   T39] audit: type=1326 audit(2125181654.234:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10384 comm="syz.2.1129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  262.298505][   T39] audit: type=1326 audit(2125181654.234:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10384 comm="syz.2.1129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cd1773b9 code=0x7ffc0000
[  262.375845][ T5388] usb 8-1: USB disconnect, device number 8
[  262.547830][T10400] overlayfs: workdir and upperdir must be separate subtrees
[  262.814406][T10407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1138'.
[  262.979461][T10412] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  263.132180][T10421] IPVS: sed: TCP 172.20.20.170:21 - no destination available
[  263.727811][T10439] dccp_invalid_packet: P.Data Offset(0) too small
[  264.078450][T10449] 9pnet_fd: Insufficient options for proto=fd
[  264.457278][T10455] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1148'.
[  265.670209][   T39] kauditd_printk_skb: 71 callbacks suppressed
[  265.670225][   T39] audit: type=1400 audit(2125181657.674:586): avc:  denied  { create } for  pid=10480 comm="syz.2.1155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  265.686463][T10481] netlink: 'syz.2.1155': attribute type 2 has an invalid length.
[  265.690293][T10481] netlink: 'syz.2.1155': attribute type 1 has an invalid length.
[  265.693428][T10481] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1155'.
[  265.698085][   T39] audit: type=1400 audit(2125181657.684:587): avc:  denied  { bind } for  pid=10480 comm="syz.2.1155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  265.712075][   T39] audit: type=1400 audit(2125181657.684:588): avc:  denied  { write } for  pid=10480 comm="syz.2.1155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  265.844004][T10487] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1157'.
[  265.932492][T10493] netlink: 'syz.2.1158': attribute type 2 has an invalid length.
[  265.936251][T10493] netlink: 'syz.2.1158': attribute type 1 has an invalid length.
[  265.940686][T10493] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.1158'.
[  266.029835][   T39] audit: type=1400 audit(2125181658.024:589): avc:  denied  { execute_no_trans } for  pid=10496 comm="syz.2.1159" path="/297/file0" dev="tmpfs" ino=1648 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  266.082809][   T39] audit: type=1400 audit(2125181658.084:590): avc:  denied  { write } for  pid=10478 comm="syz.0.1154" name="ip_tables_matches" dev="proc" ino=4026534107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  266.157570][   T39] audit: type=1400 audit(2125181658.154:591): avc:  denied  { ioctl } for  pid=10501 comm="syz.2.1160" path="/dev/nullb0" dev="devtmpfs" ino=693 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  266.170049][T10504] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  266.170049][T10504]    program syz.3.1161 not setting count and/or reply_len properly
[  266.193095][   T39] audit: type=1400 audit(2125181658.194:592): avc:  denied  { unmount } for  pid=5348 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  266.616944][T10513] netlink: 'syz.0.1164': attribute type 2 has an invalid length.
[  266.620328][T10513] netlink: 'syz.0.1164': attribute type 1 has an invalid length.
[  266.626954][T10513] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1164'.
[  266.709255][T10516] netlink: 'syz.0.1165': attribute type 2 has an invalid length.
[  266.712978][T10516] netlink: 'syz.0.1165': attribute type 1 has an invalid length.
[  266.717627][T10516] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1165'.
[  266.799059][T10521] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1167'.
[  267.085156][T10538] sctp: [Deprecated]: syz.3.1171 (pid 10538) Use of struct sctp_assoc_value in delayed_ack socket option.
[  267.085156][T10538] Use struct sctp_sack_info instead
[  267.226206][T10542] netlink: 'syz.3.1173': attribute type 2 has an invalid length.
[  267.230695][T10542] netlink: 'syz.3.1173': attribute type 1 has an invalid length.
[  267.234450][T10542] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1173'.
[  267.347408][T10549] FAULT_INJECTION: forcing a failure.
[  267.347408][T10549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.356686][T10549] CPU: 3 UID: 0 PID: 10549 Comm: syz.3.1175 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  267.361672][T10549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  267.366398][T10549] Call Trace:
[  267.367890][T10549]  <TASK>
[  267.369227][T10549]  dump_stack_lvl+0x16c/0x1f0
[  267.371351][T10549]  should_fail_ex+0x497/0x5b0
[  267.373471][T10549]  _copy_from_user+0x30/0xf0
[  267.375446][T10549]  kstrtouint_from_user+0xd7/0x1c0
[  267.377176][T10549]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  267.379028][T10549]  ? __pfx_lock_acquire+0x10/0x10
[  267.381104][T10549]  proc_fail_nth_write+0x84/0x270
[  267.383032][T10549]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  267.385421][T10549]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  267.387874][T10549]  vfs_write+0x29a/0x1140
[  267.389590][T10549]  ? __fdget_pos+0xeb/0x180
[  267.391568][T10549]  ? __pfx_vfs_write+0x10/0x10
[  267.393495][T10549]  ? __pfx___mutex_lock+0x10/0x10
[  267.394688][T10553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1177'.
[  267.395578][T10549]  ? __fget_files+0x256/0x400
[  267.401185][T10549]  ksys_write+0x12f/0x260
[  267.403075][T10549]  ? __pfx_ksys_write+0x10/0x10
[  267.404961][T10549]  do_syscall_64+0xcd/0x250
[  267.406656][T10549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.408852][T10549] RIP: 0033:0x7fa388d75e9f
[  267.410634][T10549] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  267.418569][T10549] RSP: 002b:00007fa389af0040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  267.421972][T10549] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa388d75e9f
[  267.425411][T10549] RDX: 0000000000000001 RSI: 00007fa389af00b0 RDI: 0000000000000008
[  267.428713][T10549] RBP: 00007fa389af00a0 R08: 0000000000000000 R09: 0000000000000000
[  267.432111][T10549] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  267.435383][T10549] R13: 000000000000000b R14: 00007fa388f05f80 R15: 00007ffea42afbb8
[  267.438664][T10549]  </TASK>
[  267.623081][   T39] audit: type=1400 audit(2125181659.624:593): avc:  denied  { append } for  pid=10569 comm="syz.1.1181" name="001" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  267.848450][T10581] __nla_validate_parse: 2 callbacks suppressed
[  267.848467][T10581] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1184'.
[  267.936827][T10584] dvmrp0: entered allmulticast mode
[  268.035883][   T39] audit: type=1400 audit(2125181660.034:594): avc:  denied  { write } for  pid=10585 comm="syz.0.1186" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  268.046516][   T39] audit: type=1400 audit(2125181660.034:595): avc:  denied  { ioctl } for  pid=10585 comm="syz.0.1186" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  268.511923][T10592] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1188'.
[  268.543444][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1189'.
[  268.713967][T10605] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1193'.
[  269.070743][T10626] 9pnet_fd: Insufficient options for proto=fd
[  269.352149][T10632] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1199'.
[  269.359954][T10632] FAULT_INJECTION: forcing a failure.
[  269.359954][T10632] name failslab, interval 1, probability 0, space 0, times 0
[  269.365461][T10632] CPU: 3 UID: 0 PID: 10632 Comm: syz.2.1199 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  269.369963][T10632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.374645][T10632] Call Trace:
[  269.376135][T10632]  <TASK>
[  269.377463][T10632]  dump_stack_lvl+0x16c/0x1f0
[  269.379532][T10632]  should_fail_ex+0x497/0x5b0
[  269.381482][T10632]  ? fs_reclaim_acquire+0xae/0x160
[  269.383743][T10632]  should_failslab+0xc2/0x120
[  269.385854][T10632]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  269.388223][T10632]  ? __asan_memcpy+0x3c/0x60
[  269.390261][T10632]  ? __kernfs_new_node+0xd3/0x890
[  269.392387][T10632]  ? kstrdup+0x5c/0x70
[  269.394257][T10632]  __kernfs_new_node+0xd3/0x890
[  269.396436][T10632]  ? __pfx___lock_acquire+0x10/0x10
[  269.398694][T10632]  ? __pfx___kernfs_new_node+0x10/0x10
[  269.401114][T10632]  ? lock_acquire+0x1b1/0x560
[  269.403230][T10632]  ? find_held_lock+0x2d/0x110
[  269.405407][T10632]  kernfs_new_node+0x186/0x240
[  269.407580][T10632]  kernfs_create_link+0xcc/0x240
[  269.409767][T10632]  sysfs_do_create_link_sd+0x90/0x140
[  269.412129][T10632]  sysfs_create_link+0x61/0xc0
[  269.414265][T10632]  driver_sysfs_add+0x91/0x2d0
[  269.416416][T10632]  really_probe+0x146/0xa90
[  269.418506][T10632]  __driver_probe_device+0x1de/0x440
[  269.420828][T10632]  driver_probe_device+0x4c/0x1b0
[  269.423094][T10632]  __device_attach_driver+0x1df/0x310
[  269.425526][T10632]  ? __pfx___device_attach_driver+0x10/0x10
[  269.428142][T10632]  bus_for_each_drv+0x157/0x1e0
[  269.430310][T10632]  ? __pfx_bus_for_each_drv+0x10/0x10
[  269.432428][T10632]  ? lockdep_hardirqs_on+0x7c/0x110
[  269.434740][T10632]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  269.437352][T10632]  __device_attach+0x1e8/0x4b0
[  269.439411][T10632]  ? __pfx___device_attach+0x10/0x10
[  269.441582][T10632]  ? usb_ifnum_to_if+0x16f/0x1d0
[  269.443781][T10632]  proc_ioctl+0x58c/0x6b0
[  269.445711][T10632]  usbdev_ioctl+0x1796/0x4010
[  269.447806][T10632]  ? __pfx_usbdev_ioctl+0x10/0x10
[  269.449940][T10632]  ? do_vfs_ioctl+0x515/0x1ad0
[  269.451819][T10632]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  269.454062][T10632]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  269.456923][T10632]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  269.459891][T10632]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  269.462255][T10632]  ? selinux_file_ioctl+0x180/0x270
[  269.464247][T10632]  ? selinux_file_ioctl+0xb4/0x270
[  269.466421][T10632]  ? __pfx_usbdev_ioctl+0x10/0x10
[  269.468664][T10632]  __x64_sys_ioctl+0x193/0x220
[  269.470810][T10632]  do_syscall_64+0xcd/0x250
[  269.472844][T10632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.475471][T10632] RIP: 0033:0x7f55cd1773b9
[  269.477504][T10632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.485877][T10632] RSP: 002b:00007f55cde82048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  269.489508][T10632] RAX: ffffffffffffffda RBX: 00007f55cd306058 RCX: 00007f55cd1773b9
[  269.492995][T10632] RDX: 0000000020000000 RSI: 00000000c0105512 RDI: 0000000000000008
[  269.496490][T10632] RBP: 00007f55cde820a0 R08: 0000000000000000 R09: 0000000000000000
[  269.499700][T10632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.502772][T10632] R13: 000000000000006e R14: 00007f55cd306058 R15: 00007ffc2108bae8
[  269.505994][T10632]  </TASK>
[  269.519511][T10632] hub 9-0:1.0: really_probe: driver_sysfs_add failed
[  269.645589][T10636] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1200'.
[  270.234639][T10653] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1205'.
[  270.325813][T10660] sg_write: data in/out 830110031/371 bytes for SCSI command 0x0-- guessing data in;
[  270.325813][T10660]    program syz.3.1208 not setting count and/or reply_len properly
[  270.605404][T10669] 9pnet_fd: Insufficient options for proto=fd
[  270.946767][T10671] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1209'.
[  271.028871][T10675] validate_nla: 8 callbacks suppressed
[  271.032426][T10675] netlink: 'syz.0.1210': attribute type 2 has an invalid length.
[  271.035930][T10675] netlink: 'syz.0.1210': attribute type 1 has an invalid length.
[  271.039841][T10675] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1210'.
[  271.225149][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  271.225159][   T39] audit: type=1400 audit(2125181663.224:599): avc:  denied  { connect } for  pid=10687 comm="syz.2.1214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  271.288182][   T39] audit: type=1400 audit(2125181663.284:600): avc:  denied  { write } for  pid=10687 comm="syz.2.1214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  272.222124][T10715] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1222'.
[  272.337730][T10725] 9pnet_fd: Insufficient options for proto=fd
[  272.446864][T10731] netlink: 'syz.3.1226': attribute type 11 has an invalid length.
[  273.014205][T10741] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1228'.
[  273.474454][T10748] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1232'.
[  273.682783][   T39] audit: type=1400 audit(2125181665.684:601): avc:  denied  { setopt } for  pid=10754 comm="syz.3.1233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  273.686632][T10757] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1233'.
[  274.042622][   T39] audit: type=1400 audit(2125181666.044:602): avc:  denied  { write } for  pid=10759 comm="syz.3.1234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  274.080930][T10767] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1235'.
[  274.086484][ T4827] udevd[4827]: worker [5353] /devices/virtual/block/nbd0 is taking a long time
[  274.536216][   T39] audit: type=1400 audit(2125181666.534:603): avc:  denied  { connect } for  pid=10788 comm="syz.2.1239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  274.580644][T10793] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1240'.
[  274.587661][   T39] audit: type=1400 audit(2125181666.584:604): avc:  denied  { write } for  pid=10788 comm="syz.2.1239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  274.834172][T10803] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1243'.
[  275.035633][   T39] audit: type=1400 audit(2125181667.034:605): avc:  denied  { connect } for  pid=10809 comm="syz.1.1245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  275.046720][   T39] audit: type=1326 audit(2125181667.044:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10809 comm="syz.1.1245" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4110f773b9 code=0x0
[  275.172446][   T53] block nbd0: Possible stuck request ffff88802124a000: control (read@0,4096B). Runtime 90 seconds
[  275.277491][T10814] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1245'.
[  275.306294][ T6410] smc: removing ib device syz1
[  275.649219][T10816] FAULT_INJECTION: forcing a failure.
[  275.649219][T10816] name failslab, interval 1, probability 0, space 0, times 0
[  275.649477][T10816] CPU: 0 UID: 0 PID: 10816 Comm: syz.3.1246 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  275.649501][T10816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  275.649514][T10816] Call Trace:
[  275.649522][T10816]  <TASK>
[  275.649530][T10816]  dump_stack_lvl+0x16c/0x1f0
[  275.649579][T10816]  should_fail_ex+0x497/0x5b0
[  275.649611][T10816]  ? fs_reclaim_acquire+0xae/0x160
[  275.649630][T10816]  should_failslab+0xc2/0x120
[  275.649653][T10816]  __kmalloc_cache_noprof+0x6b/0x300
[  275.649674][T10816]  ? drm_atomic_helper_connector_duplicate_state+0x70/0xd0
[  275.649701][T10816]  drm_atomic_helper_connector_duplicate_state+0x70/0xd0
[  275.649727][T10816]  drm_atomic_get_connector_state+0x37f/0x740
[  275.649754][T10816]  drm_atomic_add_affected_connectors+0x2e7/0x400
[  275.649780][T10816]  ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10
[  275.649805][T10816]  ? modeset_lock+0x10e/0x6c0
[  275.649827][T10816]  __drm_atomic_helper_set_config+0x5f1/0xe90
[  275.649854][T10816]  ? __pfx___drm_atomic_helper_set_config+0x10/0x10
[  275.649880][T10816]  ? drm_client_rotation+0x4d9/0x6a0
[  275.649903][T10816]  drm_client_modeset_commit_atomic+0x557/0x810
[  275.649928][T10816]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  275.649954][T10816]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  275.649974][T10816]  drm_client_modeset_commit_locked+0x14d/0x580
[  275.649997][T10816]  drm_fb_helper_pan_display+0x2a5/0x990
[  275.650021][T10816]  fb_pan_display+0x477/0x7d0
[  275.650043][T10816]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  275.650065][T10816]  bit_update_start+0x49/0x1f0
[  275.650090][T10816]  fbcon_switch+0xbbf/0x12f0
[  275.650113][T10816]  ? __pfx_fbcon_switch+0x10/0x10
[  275.650136][T10816]  ? __pfx_bit_cursor+0x10/0x10
[  275.650158][T10816]  ? fbcon_cursor+0x3bf/0x520
[  275.650180][T10816]  ? is_console_locked+0x9/0x20
[  275.650200][T10816]  ? con_is_visible+0x65/0x150
[  275.650226][T10816]  redraw_screen+0x2bf/0x760
[  275.650250][T10816]  ? __pfx_redraw_screen+0x10/0x10
[  275.650273][T10816]  ? fbcon_set_palette+0x3f9/0x580
[  275.650294][T10816]  fbcon_modechanged+0x52a/0x620
[  275.650316][T10816]  fbcon_set_all_vcs+0x1d6/0x450
[  275.650338][T10816]  fbcon_update_vcs+0x2c/0x50
[  275.650360][T10816]  do_fb_ioctl+0x781/0x7d0
[  275.650386][T10816]  ? __pfx_do_fb_ioctl+0x10/0x10
[  275.650413][T10816]  ? do_vfs_ioctl+0x515/0x1ad0
[  275.650440][T10816]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  275.650473][T10816]  ? selinux_file_ioctl+0x180/0x270
[  275.650500][T10816]  ? selinux_file_ioctl+0xb4/0x270
[  275.650528][T10816]  fb_ioctl+0xf1/0x160
[  275.650553][T10816]  ? __pfx_fb_ioctl+0x10/0x10
[  275.650577][T10816]  __x64_sys_ioctl+0x193/0x220
[  275.650600][T10816]  do_syscall_64+0xcd/0x250
[  275.650619][T10816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.650642][T10816] RIP: 0033:0x7fa388d773b9
[  275.650657][T10816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.650674][T10816] RSP: 002b:00007fa389af0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  275.650695][T10816] RAX: ffffffffffffffda RBX: 00007fa388f05f80 RCX: 00007fa388d773b9
[  275.650708][T10816] RDX: 0000000020000100 RSI: 0000000000004601 RDI: 0000000000000003
[  275.650720][T10816] RBP: 00007fa389af00a0 R08: 0000000000000000 R09: 0000000000000000
[  275.650731][T10816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  275.650741][T10816] R13: 000000000000000b R14: 00007fa388f05f80 R15: 00007ffea42afbb8
[  275.650756][T10816]  </TASK>
[  275.911717][T10823] netlink: 'syz.3.1248': attribute type 2 has an invalid length.
[  275.914757][T10823] netlink: 'syz.3.1248': attribute type 1 has an invalid length.
[  275.918040][T10823] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1248'.
[  276.194052][    C1] ==================================================================
[  276.197532][    C1] BUG: KASAN: stack-out-of-bounds in xdp_do_check_flushed+0x41c/0x4e0
[  276.201094][    C1] Read of size 4 at addr ffffc9000330fa50 by task syz.2.1250/10828
[  276.205844][    C1] 
[  276.207842][    C1] CPU: 1 UID: 0 PID: 10828 Comm: syz.2.1250 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  276.212004][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.216028][    C1] Call Trace:
[  276.217290][    C1]  <IRQ>
[  276.218256][    C1]  dump_stack_lvl+0x116/0x1f0
[  276.220012][    C1]  print_report+0xc3/0x620
[  276.221759][    C1]  ? __virt_addr_valid+0x5e/0x590
[  276.223465][    C1]  kasan_report+0xd9/0x110
[  276.225085][    C1]  ? xdp_do_check_flushed+0x41c/0x4e0
[  276.227202][    C1]  ? xdp_do_check_flushed+0x41c/0x4e0
[  276.229145][    C1]  xdp_do_check_flushed+0x41c/0x4e0
[  276.231231][    C1]  __napi_poll.constprop.0+0xd1/0x550
[  276.233282][    C1]  net_rx_action+0xa92/0x1010
[  276.235045][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  276.237012][    C1]  ? __pfx_mark_lock+0x10/0x10
[  276.238993][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  276.240760][    C1]  ? sched_clock+0x38/0x60
[  276.242487][    C1]  ? sched_clock_cpu+0x6d/0x4d0
[  276.244355][    C1]  ? mark_held_locks+0x9f/0xe0
[  276.246197][    C1]  handle_softirqs+0x216/0x8f0
[  276.248039][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  276.249842][    C1]  irq_exit_rcu+0xbb/0x120
[  276.251152][    C1]  common_interrupt+0xb0/0xd0
[  276.252528][    C1]  </IRQ>
[  276.253740][    C1]  <TASK>
[  276.254973][    C1]  asm_common_interrupt+0x26/0x40
[  276.256994][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x58/0x60
[  276.259328][    C1] Code: 82 f8 15 00 00 83 f8 02 75 20 48 8b 8a 00 16 00 00 8b 92 fc 15 00 00 48 8b 01 48 83 c0 01 48 39 d0 73 07 48 89 01 48 89 34 c1 <c3> cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  276.267363][    C1] RSP: 0018:ffffc9000330f5a8 EFLAGS: 00000293
[  276.269885][    C1] RAX: 0000000000000000 RBX: ffff88801798f470 RCX: ffffffff81f1ca17
[  276.273251][    C1] RDX: ffff8880387aa440 RSI: ffffffff81f1bd2d RDI: ffff88801798f470
[  276.276286][    C1] RBP: ffff88801798f470 R08: 0000000000000006 R09: 0000000000000001
[  276.279319][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
[  276.281987][    C1] R13: 0000000000000001 R14: 0000000000000000 R15: dffffc0000000000
[  276.284602][    C1]  ? page_table_check_clear.part.0+0x237/0x540
[  276.286716][    C1]  ? page_ext_put+0xd/0xd0
[  276.288207][    C1]  page_ext_put+0xd/0xd0
[  276.289922][    C1]  page_table_check_clear.part.0+0x3a7/0x540
[  276.292046][    C1]  __page_table_check_pte_clear+0x328/0x580
[  276.294017][    C1]  ? __pfx___page_table_check_pte_clear+0x10/0x10
[  276.296137][    C1]  ? const_folio_flags.constprop.0+0x56/0x150
[  276.298309][    C1]  ? __tlb_remove_folio_pages_size.constprop.0+0x162/0x560
[  276.301056][    C1]  unmap_page_range+0x21ac/0x3c10
[  276.303081][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[  276.305103][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  276.306904][    C1]  ? uprobe_munmap+0x20/0x5d0
[  276.308464][    C1]  unmap_single_vma+0x194/0x2b0
[  276.310456][    C1]  unmap_vmas+0x22f/0x490
[  276.312010][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[  276.313761][    C1]  ? __pfx_lock_release+0x10/0x10
[  276.315601][    C1]  exit_mmap+0x1b8/0xb20
[  276.317249][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  276.319087][    C1]  __mmput+0x12a/0x480
[  276.320605][    C1]  mmput+0x62/0x70
[  276.322210][    C1]  do_exit+0x9bf/0x2bb0
[  276.323916][    C1]  ? get_signal+0x8f2/0x2770
[  276.325822][    C1]  ? __pfx_do_exit+0x10/0x10
[  276.327708][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  276.329744][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  276.331886][    C1]  do_group_exit+0xd3/0x2a0
[  276.333748][    C1]  get_signal+0x25fd/0x2770
[  276.335664][    C1]  ? lock_acquire+0x1b1/0x560
[  276.337599][    C1]  ? __pfx_get_signal+0x10/0x10
[  276.339565][    C1]  ? __pfx_do_futex+0x10/0x10
[  276.341512][    C1]  arch_do_signal_or_restart+0x90/0x7e0
[  276.343776][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  276.346106][    C1]  ? ksys_write+0x1ab/0x260
[  276.347743][    C1]  ? __pfx_ksys_write+0x10/0x10
[  276.349498][    C1]  syscall_exit_to_user_mode+0x150/0x2a0
[  276.351689][    C1]  do_syscall_64+0xda/0x250
[  276.353547][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.355766][    C1] RIP: 0033:0x7f55cd1773b9
[  276.357581][    C1] Code: Unable to access opcode bytes at 0x7f55cd17738f.
[  276.360365][    C1] RSP: 002b:00007f55cdea30f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  276.363698][    C1] RAX: fffffffffffffe00 RBX: 00007f55cd305f88 RCX: 00007f55cd1773b9
[  276.366926][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f55cd305f88
[  276.370134][    C1] RBP: 00007f55cd305f80 R08: 00007f55cdea36c0 R09: 00007f55cdea36c0
[  276.373325][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f55cd305f8c
[  276.376485][    C1] R13: 000000000000000b R14: 00007ffc2108ba00 R15: 00007ffc2108bae8
[  276.379678][    C1]  </TASK>
[  276.380966][    C1] 
[  276.381957][    C1] The buggy address belongs to stack of task syz.2.1250/10828
[  276.384947][    C1]  and is located at offset 24 in frame:
[  276.387196][    C1]  exit_mmap+0x0/0xb20
[  276.388883][    C1] 
[  276.389867][    C1] This frame has 2 objects:
[  276.391840][    C1]  [32, 96) 'vmi'
[  276.391852][    C1]  [128, 256) 'tlb'
[  276.393382][    C1] 
[  276.395989][    C1] The buggy address belongs to the virtual mapping at
[  276.395989][    C1]  [ffffc90003308000, ffffc90003311000) created by:
[  276.395989][    C1]  kernel_clone+0xfd/0x980
[  276.403162][    C1] 
[  276.404156][    C1] The buggy address belongs to the physical page:
[  276.406762][    C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45e3e
[  276.410544][    C1] memcg:ffff88802c269a82
[  276.412407][    C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  276.415500][    C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  276.419039][    C1] raw: 0000000000000000 0000000000000000 00000001ffffffff ffff88802c269a82
[  276.422609][    C1] page dumped because: kasan: bad access detected
[  276.425395][    C1] page_owner tracks the page as allocated
[  276.427762][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 10738, tgid 10738 (syz.1.1229), ts 272965243881, free_ts 270262441999
[  276.434866][    C1]  post_alloc_hook+0x2d1/0x350
[  276.436680][    C1]  get_page_from_freelist+0x1351/0x2e50
[  276.438982][    C1]  __alloc_pages_noprof+0x22b/0x2460
[  276.441320][    C1]  alloc_pages_mpol_noprof+0x275/0x610
[  276.443622][    C1]  __vmalloc_node_range_noprof+0xa6a/0x1520
[  276.446224][    C1]  copy_process+0x2f3b/0x8de0
[  276.448290][    C1]  kernel_clone+0xfd/0x980
[  276.450086][    C1]  __do_sys_clone3+0x1f5/0x270
[  276.451807][    C1]  do_syscall_64+0xcd/0x250
[  276.453626][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.456143][    C1] page last free pid 10648 tgid 10648 stack trace:
[  276.458805][    C1]  free_unref_page+0x64a/0xe40
[  276.460789][    C1]  vfree+0x181/0x7a0
[  276.462421][    C1]  snd_dma_free_pages+0x51/0x70
[  276.464443][    C1]  snd_pcm_lib_free_pages+0x172/0x390
[  276.466662][    C1]  snd_pcm_release_substream.part.0+0x2a8/0x340
[  276.469216][    C1]  snd_pcm_release_substream+0x5b/0x70
[  276.471595][    C1]  snd_pcm_oss_release+0x13b/0x320
[  276.473855][    C1]  __fput+0x408/0xbb0
[  276.475524][    C1]  task_work_run+0x14e/0x250
[  276.477425][    C1]  syscall_exit_to_user_mode+0x27b/0x2a0
[  276.479641][    C1]  do_syscall_64+0xda/0x250
[  276.481262][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.483423][    C1] 
[  276.484230][    C1] Memory state around the buggy address:
[  276.486346][    C1]  ffffc9000330f900: 00 f2 f2 f2 00 f2 f2 f2 00 00 f2 f2 00 00 00 00
[  276.489061][    C1]  ffffc9000330f980: 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
[  276.491998][    C1] >ffffc9000330fa00: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00
[  276.495040][    C1]                                                  ^
[  276.497483][    C1]  ffffc9000330fa80: 00 00 00 f2 f2 f2 f2 00 00 00 00 00 00 00 00 00
[  276.500581][    C1]  ffffc9000330fb00: 00 00 00 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00
[  276.503894][    C1] ==================================================================
[  276.507017][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  276.510057][    C1] CPU: 1 UID: 0 PID: 10828 Comm: syz.2.1250 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  276.514470][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.518912][    C1] Call Trace:
[  276.520330][    C1]  <IRQ>
[  276.521559][    C1]  dump_stack_lvl+0x3d/0x1f0
[  276.523512][    C1]  panic+0x6f5/0x7a0
[  276.525158][    C1]  ? __pfx_panic+0x10/0x10
[  276.526709][    C1]  ? check_panic_on_warn+0x1f/0xb0
[  276.528410][    C1]  check_panic_on_warn+0xab/0xb0
[  276.530071][    C1]  end_report+0x117/0x180
[  276.531525][    C1]  kasan_report+0xe9/0x110
[  276.532944][    C1]  ? xdp_do_check_flushed+0x41c/0x4e0
[  276.534668][    C1]  ? xdp_do_check_flushed+0x41c/0x4e0
[  276.536716][    C1]  xdp_do_check_flushed+0x41c/0x4e0
[  276.538852][    C1]  __napi_poll.constprop.0+0xd1/0x550
[  276.540891][    C1]  net_rx_action+0xa92/0x1010
[  276.542958][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  276.545186][    C1]  ? __pfx_mark_lock+0x10/0x10
[  276.547297][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  276.549502][    C1]  ? sched_clock+0x38/0x60
[  276.551261][    C1]  ? sched_clock_cpu+0x6d/0x4d0
[  276.553201][    C1]  ? mark_held_locks+0x9f/0xe0
[  276.555089][    C1]  handle_softirqs+0x216/0x8f0
[  276.556990][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  276.559046][    C1]  irq_exit_rcu+0xbb/0x120
[  276.560818][    C1]  common_interrupt+0xb0/0xd0
[  276.562945][    C1]  </IRQ>
[  276.564270][    C1]  <TASK>
[  276.565612][    C1]  asm_common_interrupt+0x26/0x40
[  276.567758][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x58/0x60
[  276.570450][    C1] Code: 82 f8 15 00 00 83 f8 02 75 20 48 8b 8a 00 16 00 00 8b 92 fc 15 00 00 48 8b 01 48 83 c0 01 48 39 d0 73 07 48 89 01 48 89 34 c1 <c3> cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  276.577942][    C1] RSP: 0018:ffffc9000330f5a8 EFLAGS: 00000293
[  276.580187][    C1] RAX: 0000000000000000 RBX: ffff88801798f470 RCX: ffffffff81f1ca17
[  276.583454][    C1] RDX: ffff8880387aa440 RSI: ffffffff81f1bd2d RDI: ffff88801798f470
[  276.586608][    C1] RBP: ffff88801798f470 R08: 0000000000000006 R09: 0000000000000001
[  276.589965][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
[  276.593286][    C1] R13: 0000000000000001 R14: 0000000000000000 R15: dffffc0000000000
[  276.596577][    C1]  ? page_table_check_clear.part.0+0x237/0x540
[  276.599147][    C1]  ? page_ext_put+0xd/0xd0
[  276.601053][    C1]  page_ext_put+0xd/0xd0
[  276.602597][    C1]  page_table_check_clear.part.0+0x3a7/0x540
[  276.604604][    C1]  __page_table_check_pte_clear+0x328/0x580
[  276.606852][    C1]  ? __pfx___page_table_check_pte_clear+0x10/0x10
[  276.609637][    C1]  ? const_folio_flags.constprop.0+0x56/0x150
[  276.611765][    C1]  ? __tlb_remove_folio_pages_size.constprop.0+0x162/0x560
[  276.614763][    C1]  unmap_page_range+0x21ac/0x3c10
[  276.616735][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[  276.618664][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  276.620867][    C1]  ? uprobe_munmap+0x20/0x5d0
[  276.622770][    C1]  unmap_single_vma+0x194/0x2b0
[  276.624403][    C1]  unmap_vmas+0x22f/0x490
[  276.625941][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[  276.627565][    C1]  ? __pfx_lock_release+0x10/0x10
[  276.629261][    C1]  exit_mmap+0x1b8/0xb20
[  276.630678][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  276.632516][    C1]  __mmput+0x12a/0x480
[  276.634255][    C1]  mmput+0x62/0x70
[  276.635717][    C1]  do_exit+0x9bf/0x2bb0
[  276.637140][    C1]  ? get_signal+0x8f2/0x2770
[  276.639052][    C1]  ? __pfx_do_exit+0x10/0x10
[  276.641093][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  276.642972][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  276.645167][    C1]  do_group_exit+0xd3/0x2a0
[  276.647076][    C1]  get_signal+0x25fd/0x2770
[  276.648786][    C1]  ? lock_acquire+0x1b1/0x560
[  276.650738][    C1]  ? __pfx_get_signal+0x10/0x10
[  276.652525][    C1]  ? __pfx_do_futex+0x10/0x10
[  276.654525][    C1]  arch_do_signal_or_restart+0x90/0x7e0
[  276.656686][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  276.659389][    C1]  ? ksys_write+0x1ab/0x260
[  276.661425][    C1]  ? __pfx_ksys_write+0x10/0x10
[  276.663632][    C1]  syscall_exit_to_user_mode+0x150/0x2a0
[  276.666162][    C1]  do_syscall_64+0xda/0x250
[  276.668193][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.670472][    C1] RIP: 0033:0x7f55cd1773b9
[  276.672289][    C1] Code: Unable to access opcode bytes at 0x7f55cd17738f.
[  276.675260][    C1] RSP: 002b:00007f55cdea30f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  276.678050][    C1] RAX: fffffffffffffe00 RBX: 00007f55cd305f88 RCX: 00007f55cd1773b9
[  276.680970][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f55cd305f88
[  276.683694][    C1] RBP: 00007f55cd305f80 R08: 00007f55cdea36c0 R09: 00007f55cdea36c0
[  276.686376][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f55cd305f8c
[  276.689649][    C1] R13: 000000000000000b R14: 00007ffc2108ba00 R15: 00007ffc2108bae8
[  276.692928][    C1]  </TASK>
[  276.694796][    C1] Kernel Offset: disabled
[  276.696554][    C1] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:08:04  Registers:
info registers vcpu 0

CPU#0
RAX=00000000008cbb77 RBX=0000000000000000 RCX=ffffffff8b11a529 RDX=0000000000000000
RSI=ffffffff8b4cc580 RDI=ffffffff8bb08480 RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20
R8 =0000000000000001 R9 =ffffed100d606fd9 R10=ffff88806b037ecb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff9012b0d8 R15=0000000000000000
RIP=ffffffff8b11b91f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b32009ff8 CR3=0000000043416000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc2108be70 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000c4
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000c4
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fe2745 RDI=ffffffff9519a720 RBP=ffffffff9519a6e0 RSP=ffffc900008b0778
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303963666666
R12=0000000000000000 R13=000000000000002e R14=ffffffff84fe26e0 R15=0000000000000000
RIP=ffffffff84fe276f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002001d000 CR3=0000000047a36000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdf3d39690 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4110fe56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4110fe56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4110fe56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4110fe56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4110fe5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4110fe5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000287207 RBX=0000000000000002 RCX=ffffffff8b11a529 RDX=0000000000000000
RSI=ffffffff8b4cc580 RDI=ffffffff8bb08480 RBP=ffffed10030db000 RSP=ffffc90000197e08
R8 =0000000000000001 R9 =ffffed100d646fd9 R10=ffff88806b237ecb R11=0000000000000000
R12=0000000000000002 R13=ffff8880186d8000 R14=ffffffff9012b0d8 R15=0000000000000000
RIP=ffffffff8b11b91f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2c702ff8 CR3=000000002a952000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffff800 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe7749e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe7749e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe7749e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe7749e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe7749e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe7749e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000376f65 6469762f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000144c46 474a550c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000080000100 RBX=ffffc900008df8b0 RCX=ffffffff813cd8b7 RDX=ffff888019a94880
RSI=ffffffff813cd8c0 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc900008df880
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffc900008df8f8 R13=ffffffff81761170 R14=ffffc900008df970 R15=ffff888019a94880
RIP=ffffffff818a7b53 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000555577684808 CR3=0000000047a36000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc2108be70 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f55cd1e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000d8
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 0000000000000000 0000000000000000 00000000000000d8
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000