last executing test programs:

2m3.431282691s ago: executing program 3 (id=170):
unshare(0x62040200)
r0 = socket(0x10, 0x6, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000000c0)={'ip_vti0\x00', &(0x7f0000000000)={'gretap0\x00', 0x0, 0x8, 0x7887, 0x1, 0x3, {{0x5, 0x4, 0x2, 0x9, 0x14, 0x67, 0x0, 0x3, 0x8, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2}}}})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000050900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a310000000020000480140003006e657464657673696d300000000000000800014000000005"], 0xd4}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="10c00000000000001800128008000100677470000c00028008000200", @ANYRES32=r3, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="c7a6fbcd7e4bad6d0b61b0ce22d61e0ed3c6511cfc04cf23c24c6c9a03fbb3e49e2f4558dd693c6e05d9f771f2d9bbdd75e5203b3358344bb57c059507032dababbe4e2698"], 0x40}}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r4, 0x0, 0x15, &(0x7f0000000040)=0x3, 0x4)
bind$inet(r4, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
listen(r1, 0xc97)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x3}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
accept4$phonet_pipe(r0, &(0x7f0000000180), &(0x7f0000000280)=0x10, 0x40000)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e4, &(0x7f0000000100))
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x46, 0x0, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x20008805, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
accept4$unix(r0, &(0x7f00000003c0)=@abs, &(0x7f00000002c0)=0x6e, 0x800)

2m3.431081431s ago: executing program 3 (id=171):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="6802000000050104000000000000000102000003540201"], 0x268}, 0x1, 0x0, 0x0, 0x4004}, 0x4)

2m3.321197065s ago: executing program 3 (id=172):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000400)={'filter\x00', 0x4}, 0x68)
pselect6(0x40, &(0x7f0000000080)={0x2, 0x40, 0xfff, 0x9, 0x6, 0x425, 0x0, 0x10}, &(0x7f00000000c0)={0x2, 0x800, 0x4, 0x9, 0x1, 0x201, 0xf01, 0xa0a}, &(0x7f0000000280)={0x5, 0x9, 0x9, 0x81, 0x6, 0xffc0000000000000, 0x7, 0x6}, &(0x7f00000002c0)={0x0, 0x989680}, &(0x7f0000000340)={&(0x7f0000000300)={[0x9]}, 0x8})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x200, 0x0, 0x914})
r2 = syz_io_uring_setup(0x43, &(0x7f00000006c0)={0x0, 0x5dda, 0x800, 0x2, 0x268}, &(0x7f0000000100), &(0x7f0000000140))
syz_io_uring_setup(0x5e2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x40000000, 0x54}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000003c0)={0x7, &(0x7f0000000380)=[{0x4, 0xa4, 0x3, 0x8}, {0x7f, 0x80, 0x7, 0x4}, {0xe55, 0xc0, 0xa0, 0x101}, {0x6, 0x7, 0x5, 0x28000000}, {0x100, 0xd4, 0x9, 0x3}, {0x4a99, 0x4, 0x7f, 0x2}, {0x1ff, 0xff, 0x7, 0x8}]})
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_FALLOCATE={0x11, 0x1, 0x0, @fd_index=0x5, 0x5, 0x0, 0x21})
io_uring_enter(r2, 0x1d3e, 0xdd87, 0x0, 0x0, 0x0)

2m3.321006652s ago: executing program 3 (id=173):
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_OBJREF_IMM_TYPE={0x8}, @NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0x6)
splice(r0, &(0x7f0000000040)=0x478, r0, &(0x7f0000000080)=0x1, 0xf29, 0xa)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0) (async)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_OBJREF_IMM_TYPE={0x8}, @NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) (async)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) (async)
write$binfmt_misc(r0, &(0x7f0000000000), 0x6) (async)
splice(r0, &(0x7f0000000040)=0x478, r0, &(0x7f0000000080)=0x1, 0xf29, 0xa) (async)

2m3.317043834s ago: executing program 3 (id=174):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000007c0), r4)
sendmsg$DEVLINK_CMD_GET(r4, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000800)={0x14, r5, 0x309, 0x70bd2d, 0x25dfdbfc}, 0x14}}, 0x40)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r3, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000740)={0x158, r5, 0x2, 0x70bd29, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}]}, 0x158}, 0x1, 0x0, 0x0, 0x40011}, 0x10004004)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r1, r2, 0x2, 0x2, 0x0, @void, @value}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a800000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r8, r7, 0x2, 0x6, 0x4000, @void, @value}, 0x10)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xb)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0xb)

2m3.220922244s ago: executing program 3 (id=175):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440100001a0001000000000000000000ff0100000000000000000000000000010000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa000000000000000000000000000000006c000000ffffffff0000007400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480003006465666c617465000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x144}}, 0x0)

2m3.160450973s ago: executing program 0 (id=178):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
unshare(0x62040200)
r0 = socket$netlink(0x10, 0x3, 0x0)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

2m3.160239058s ago: executing program 0 (id=179):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = shmat(0x0, &(0x7f0000ff7000/0x3000)=nil, 0x400c)
shmdt(r1)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000500)={@val={0x8, 0xf8}, @val={0x0, 0x0, 0x2}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x1, 0x883e, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x36)

2m2.991183995s ago: executing program 0 (id=183):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000001300)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r1, 0x83625fc5352ba305, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$FBIOGET_VSCREENINFO(r3, 0x4600, &(0x7f0000000000)) (async)
ioctl$FBIO_WAITFORVSYNC(r3, 0x4601, 0x20000000) (async, rerun: 64)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=0xffffffffffffffff, 0x4) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x4, &(0x7f0000000040)=ANY=[@ANYRES16=r0], &(0x7f0000000080)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x13, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
syz_emit_ethernet(0x25, &(0x7f0000000000)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@llc={0x4, {@snap={0x55, 0x1, "8ffe", "b9e0dc", 0x16, '\x00'/14}}}}}, 0x0)

2m2.990689759s ago: executing program 0 (id=184):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x302, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x0, 0x40}, &(0x7f0000000500)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_MSG_RING={0x28, 0x2, 0x0, r1, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), r5)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002bbd7000fcdbdf25170000001c0006"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0xa0)

2m2.990089824s ago: executing program 0 (id=185):
r0 = socket(0x15, 0x5, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x155)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x10)
statx(r1, 0x0, 0x1000, 0x20, &(0x7f0000000040))
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGPGRP(r3, 0x540f, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x7)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000000280)=""/244, 0xf4}], 0x1)
connect$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x20)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000006600), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r4, 0x5453, 0x0)

2m2.860797605s ago: executing program 0 (id=186):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r1 = openat$binfmt_format(0xffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
write$binfmt_format(r1, &(0x7f0000000040)='0\x00', 0x2)
r2 = memfd_create(&(0x7f0000000340)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b', 0x0)
write(r2, &(0x7f00000000c0)='i', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, &(0x7f0000000140)={0x0, 0x6})

1m47.700073083s ago: executing program 32 (id=186):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r1 = openat$binfmt_format(0xffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
write$binfmt_format(r1, &(0x7f0000000040)='0\x00', 0x2)
r2 = memfd_create(&(0x7f0000000340)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b', 0x0)
write(r2, &(0x7f00000000c0)='i', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, &(0x7f0000000140)={0x0, 0x6})

1m47.631830921s ago: executing program 33 (id=175):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440100001a0001000000000000000000ff0100000000000000000000000000010000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa000000000000000000000000000000006c000000ffffffff0000007400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480003006465666c617465000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x144}}, 0x0)

1m30.518629139s ago: executing program 4 (id=699):
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x286000, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0x0, 0x0, 0xfffd, 0x0, 0x0, "e872185081e6c67e"})
ioctl$KDSIGACCEPT(r1, 0x4b4e, 0xa)

1m30.330401302s ago: executing program 4 (id=700):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c0005001901070000"], 0x398}}, 0x884)

1m30.330106054s ago: executing program 4 (id=701):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440100001a0001000000000000000000ff0100000000000000000000000000010000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa000000000000000000000000000000006c000000ffffffff0000740000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480003006465666c617465000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x144}}, 0x0)

1m30.32920592s ago: executing program 4 (id=703):
r0 = socket(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_virt_wifi\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000240)=0x21df, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r4=>0x0})
sendto$packet(r3, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r7 = open_tree(r5, &(0x7f0000000000)='\x00', 0x89901)
r8 = socket$inet(0x2, 0x1, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = eventfd2(0x0, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r10, 0x4018aebd, &(0x7f0000000140)={0x0, r11})
ioctl$KVM_HYPERV_EVENTFD(r10, 0x4018aebd, &(0x7f00000000c0)={0x0, r11})
ioctl$sock_inet_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000000)={'sit0\x00', {0x2, 0x4e26, @rand_addr=0xdffffc13}})
move_mount(r7, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x220)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYRES64=r8, @ANYRESDEC=r6, @ANYBLOB="08000300c85e390b849070af4b8c0d1d004e5e7cac90ce2b370fa97dcceef33ffca4307ff88850b52e1505b7c13db1ae15005c4f7384ac27d2e7ed49cd3dbdc4fe09c7febc4f2bbfba63d865149e4ba5531c33915e62f591964a162c4ae6b56f41c236ea4a205d7229b6180036da003c51bc547d26fc23a6b0f6f6726df3b3853c5f575dc5c722f3b6fea97cdf687d6f22b3917f96cdebb60d2effb4528863e6caae4d2fbed7eb219a38bc2ba9d4f7998d33b9b90d854583318bf3672ee15d", @ANYRES32=r1, @ANYBLOB="54000880515bf13eef6980bdb36f299326f92f2a894c4255482e4d18062c497468782a75cb8989c854fa237a12a8e7897a97d7ae2e715a362dfaadacf411ed6b4a7b27087deb70e5a63ba7ac77afc76af1e46b6308000400", @ANYRES32=r1, @ANYBLOB="08000300", @ANYRES32=r1, @ANYBLOB="08000400", @ANYRES32=r1, @ANYBLOB="080006000000008008001700fc0000000500140040000000080017000f000000"], 0xb8}}, 0x0)

1m30.161249482s ago: executing program 4 (id=708):
unshare(0x62040200)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="55fdff0018007f5f00fe01b2a4a2809302060000fd41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

1m29.960880274s ago: executing program 4 (id=713):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000240)={0x100000011, @multicast2, 0x0, 0x0, 'sh\x00', 0x3b, 0x2, 0x4a}, 0x2c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, &(0x7f0000000100))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e000000040000000400000009"], 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300), 0x20000000}, 0x20)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)

1m29.960783953s ago: executing program 34 (id=713):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000240)={0x100000011, @multicast2, 0x0, 0x0, 'sh\x00', 0x3b, 0x2, 0x4a}, 0x2c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, &(0x7f0000000100))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e000000040000000400000009"], 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300), 0x20000000}, 0x20)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)

25.429342906s ago: executing program 2 (id=3121):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="6802000000050104000000000000000002000003540201"], 0x268}, 0x1, 0xf5ffffff, 0x0, 0x4004}, 0x4)

25.360191169s ago: executing program 2 (id=3122):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r3=>0x0})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00p\x00E7\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="0c0002"], 0x24}}, 0x0)
r5 = epoll_create1(0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_MOD(r5, 0x2, r6, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0], 0x50}}, 0x0)
ioctl$TIOCSBRK(r6, 0x5427)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f000000c000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="f00066070f01d9ba210066ed36650fc775cb670faea200700000baf80c66b88ceef38f66efbafc0c66edfe0d3e0fecb74e7b66b9410a00000f320f01f9", 0x3d}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)

25.229494923s ago: executing program 2 (id=3126):
r0 = open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
fcntl$getflags(r0, 0xb)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r0, 0x4018aee3, &(0x7f0000000300)=@attr_pmu_filter={0x0, 0x1, 0x1, &(0x7f00000002c0)={0xfffc, 0x4}})
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000140)={0x7f, 0x0, <r2=>0x0})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r5, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r2, 0x0, <r6=>0xffffffffffffffff, 0x1})
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
r10 = dup3(r9, r8, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0x71, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x17)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f0000000340)={0x48, 0x2, r2, 0x0, <r11=>0x0})
ioctl$IOMMU_DESTROY$stdev(r10, 0x3b80, &(0x7f0000000400)={0x8, r11})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r7, 0x3ba0, &(0x7f0000001340)={0x48, 0x7, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a157f})

25.150135695s ago: executing program 2 (id=3127):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fe010204fffe0a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

25.149784282s ago: executing program 2 (id=3128):
r0 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r0, &(0x7f0000000300)="800037bbfa9ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c)
mknod(&(0x7f0000000080)='./bus\x00', 0xc000, 0x0)
mount(&(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='vfat\x00', 0x2900080, &(0x7f00000001c0)='discard')
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
r2 = signalfd4(r1, &(0x7f0000000000)={[0x8]}, 0x8, 0x5b7e09cf010a3f8f)
pipe(&(0x7f0000000200))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
fgetxattr(r5, &(0x7f0000000280)=@known='system.posix_acl_access\x00', &(0x7f0000001740)=""/72, 0x48)
ioctl$KVM_GET_MSRS(r4, 0xc048aeca, &(0x7f0000000200))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000000040))
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x5)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000980)='/sys/power/pm_trace', 0x0, 0x0)
read$FUSE(r7, &(0x7f00000009c0)={0x2020}, 0x2020)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000000, 0x110, r7, 0x0)

25.02974869s ago: executing program 2 (id=3140):
r0 = io_uring_setup(0x355b, &(0x7f0000000140)={0x0, 0xe24b, 0x10, 0x5, 0x4000020})
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) (async)
io_uring_enter(r0, 0x7a05, 0xf6c, 0x9, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000004600)=[{{0x0, 0x0, 0x0}, 0xc4}], 0x1, 0x10123, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix']) (async, rerun: 64)
r3 = socket$inet6(0xa, 0x2, 0x3a) (rerun: 64)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @mcast1, 0x6}, 0x1c) (async)
sendto$inet6(r3, &(0x7f0000000100)="80000fdc2208a1ce", 0x8, 0x0, 0x0, 0x0)

9.99650634s ago: executing program 35 (id=3140):
r0 = io_uring_setup(0x355b, &(0x7f0000000140)={0x0, 0xe24b, 0x10, 0x5, 0x4000020})
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) (async)
io_uring_enter(r0, 0x7a05, 0xf6c, 0x9, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000004600)=[{{0x0, 0x0, 0x0}, 0xc4}], 0x1, 0x10123, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix']) (async, rerun: 64)
r3 = socket$inet6(0xa, 0x2, 0x3a) (rerun: 64)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @mcast1, 0x6}, 0x1c) (async)
sendto$inet6(r3, &(0x7f0000000100)="80000fdc2208a1ce", 0x8, 0x0, 0x0, 0x0)

3.37025385s ago: executing program 1 (id=3692):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000000c000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="f00066070f01d9ba210066ed36650fc775cb670faea200700000baf80c66b88ceef38f66efbafc0c66edfe0d3e0fecb74e7b66b9410a00000f320f01f9", 0x3d}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 45)

3.19861598s ago: executing program 1 (id=3699):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="6802000000050104000000000000000002000003540201"], 0x268}, 0x1, 0x0, 0x0, 0x4004}, 0x1f)

3.198284414s ago: executing program 1 (id=3701):
r0 = syz_open_dev$dri(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_matches\x00')
read(r1, &(0x7f0000000240)=""/202, 0xca)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1, 0x0)
syz_fuse_handle_req(r2, &(0x7f000000a380)="3b697857314c1569d179a732ad0932734be5c4ea201d6912dd0ffda2b73dd98ba30c98527c86386fef17a54117a5f682b6e4c2cc9f15a2a93aae6af5dd2ff4f9852f2191641361b71a32594932d64b5ff764628d725f06008d8c4298731823282afeaad532a99d5ec43515b6645312bc0128900f00ee205b02e0ce2ee7a62c289675c23cc4787f145ead353dd9986aeaba15e227c71c7fee0ffecd38bf7eb65d608ecd8fb352c0db3b3e7e3bb7ce2bcc9aa95cdd6d51f0060ba465cdddfd159b228a867ed0fb8a7c5120476585f044328eae5ceb17cc76f3a74c6265e305a4ca95c5d914bbeac361e757e8fe975b89ef08a86d381005e10689748e4e99d1fa644e499667d36117d45c9b924ebfbeb86abb3df0e9972ddb474ce8f903a605845569402b2b720417472a9d2eaa86f505217666b25a2baedf6895a8adfcf2f6227b3e55cebc3a3037a6d5afbe2e291a87f9a8ea57431dbd359327346370d7f275758627b2a56575662e7a4dcfc0768ffb79f82a183f75a623233444f4f5e68157bd0d0e83acce82eafd2f6c1062eedbe03d0a9448b1c1d86427256774cfedbcd176f2ecd286bf160cb656fabe575b96fce16b9396a803d4b52ec192d88767ce33482108b2f9fb36b2b0041bf6b40181d30a5909fb3668fd329fa0726a32155cc2695cf567c239ae0b5bb7106466670be55e2101381ddd89eaa417589c117162bae17cefe5b609ab7b600b29c1d20b3ca2de20e0d2af97e2b4f9f2e379c2842002472d752b9b8a3988a4b94690f0c77a6b6782444b9afa148fee9d980b0c214f1c3195d3643806d7e9f1367c465f33378d462ee20a4fc661f0358e28de44cafa53c262204188903226070dcf6710790a65c05a4a11d3c3cf88433e77f087fd501a9e85907d95c5ae15133bda850c9adc030ea1cfda23c1712c24ac9a61ed91e3d5656d2b26adc422907e597fb0a7a5391cc8da547944e5c5169943989331707ebe27e01669c951a1327963d7493ddb7a8b3470b218b3e81b91b490d249de5a2da9697f1b46c0afe712904dd5b044cb7f477d7f3f1c2fdeb99d1a5a854824e41e6946ecee91ec709e6426e3959354e09d2f558ad9cc5308fab1870470f79fd020d7c568a75ea3aa215e061a3a48feb2c95390f68a614367002c30f01bab73f56c45012d5c590784be7577468597a267ab3f25d9030c753de7de7266c5cae0302d9bdb90c449ddb0de354dd120769e0382650eff520ad9b66b7972f006d20d16fe5fcf01857684d7da16b2e06d21767d0271910537eba844a416abbbe8d77802bc584264708c1553f91702d36bc98b0819dc7d4fc46f446afab6b7b3bdef87991bafa3f08dfadfba4cf491e7135909c16bf7b651f955df7074c567bd58cc2fbe33389843f35ee736d319c120a13437b93a6bb3fec8cd0798130e37f8c1a59e019cf5396a51c5dc45eb6ff41518dda3bbe000d5da829694c026cc26b8bc1dfb2213e5505e3dd2c889bbaab5a2fa24f820a32a30cf63ddc7a0dcc1ff79846c5e5b7532af855e4c9af2725ce4405581127fdaca6602657937906f638dcfe2970905228cbb14bfba1521b947e99c2798d61dd30cbcbb6274e0bf64d728304ae2fabf05ca92832bee95123f1033b980f69a878266e1144c20719866c9b44bec7a43c59a3407646a70f1802d964d2802470aaf8f0387246ebf5277442ea52ab2af93865bdb3f9e914dff769101c3871ace6891ffdb0aed0260bdaf42903308d79a565adc097d47cf8e1b8d868800414364670cc241d9671e171f5862f7c55b828fc61a8fa0d8df2576922a289268b7a8694bd71d65d08ee496aaa25c85b38da84a4d217907e0eb434ce836f39f30fd01f9f876ae48550277f0bbe31b703b87ecd87e26ca0daa4c15248caeb26d0ed529c837dda2f2b1efa28e2a53908cb66a897a6630e921b7549451ead5f5954622633678a634781694e112c310d2414b5993c768f6f49874631a051f021e6bf162794995c41295c11ce56f55963f6f004e64f4eb07cd83933d6d53a52f0edd0f3ae28fe2ee05bf0d0b70dfaed85ea0fc12f2e378384b6a934c6e4b7030ad91ffc6a051b316eb69db92a96a036bf004f1ca5927e467f1cfdd9064863898c6f570a0294d1759cb6d0eb53277d3bfa43143e918bb66236404a54af4336a186f64cb30250e97dff70cf09d4f69e18ce0e04525a630036687c0565d88c451f796ed6cc6e6b10bb8193059da4023bc5dfc5a5d88ca30b82bae468b49605e278efcdc91dcbc2392b9917e0b73191dbca0bdea65d07ac7c9d4d3dc5d03b47ed416c384a1ce472c354630befb3aeb281210a21b4e033f5f598b8c85d75467a99b7eba88e3467e8ce70b212567d841e1a6fcc41de476cfd8a50af6c21b1f687f61c8f224b056d07674c6d13386f9b7a4e414939badf1d2ec95047ac0d4ccc58601671f473c23aac8004b440725f6c04e0bd508d5c24aa99b10b9e17eed07803e7c437b23bd71c1f4af67cdd2e329b0d51f9e617a415d1a6d13b18dd3d2782523f80056f1594631236bf527ec28140946abaf47158e7ee0b895f2ba36ab81ea4ee0728da3685ff30fc2034291ae58be46739487caf644613d0be8c1967728695bb142e5fc9ca0ed313d7a6d88aea96080b68986c237136b823e21596a5d31e9ab47e53325a20e3ac69fe73aa46a419a5e21309b77124a18944eaf4e11a93f86d35f05b0d2194ffc37d607d3e1874e45228db6eef510cf1efdb2b119cb717dfccd90586ad3f20e3f07b648fda8b1bdad93d3f255a88e39d036a75de789871a4ba279d9aadabe11284a92c97d9154b5de8896d4a96ba1d0ea12bff4e4b96b40fbe0512a40f9383c943e60234fa29ad276d5d4bbb27b722165acfb7cea6110507d55052d7c70b524edfc5b18719ade4358d3fc56a152044c29a95cb65fba3897607977584147dc2fcf93cf815c96c854ebeeb9d1777f6ec187d876b3d2202112dff6de398af86a20927996d755d04baaa03c1b557429e6b55c5455a27f12d2a2ddcb9926ee51f35d220361362e4907ad9bcb3727c6784b483f3d2d27a79002f205eb56b81e083ef8fb244d67dfa8ecea6242315b600d5be380b463854e5e2be7ad6cb189927fd2ccf3b0b6442f253f8a9ab96d4d43cfa36dd508db8a245aab653c81a99676f676d666067dd81be3c373435db31cf4f8ddfd7182d51e4f55e6bc5f7a07515c8db1205cd21ee0194c91ac21a1dc1647246f07153a4856e56ac20351d89ec6e063d24298d973cdaf715ac8f4616a98c92a6287108201d6d94567a4c9593b1c9edd76af1529f4a1be85b0f8e66b4e7f2e049285cbe04db1ff499d4993683134f534f02fb6363f4486b649d1e8fe953fb4cb55858da62b23aa284871ce993c7147ce6f17d8c8497c8ea827dce9887be03b7dcfd315b7f51c6cd9cbf2fb7c3ec5cb2ed83e58024170b855e8c0397980dd82144c9f35070c0efe57d1554513851658fcae4914bd2fd00dfd088b6863f6374cca933e4e32d210af8d562935e29fa073e6dede3475ef162e8e9c46c45db2440e89408f6ab4b5cceac4224946a36363ef0e48d935478aa900d6a42bdeec31f5476c5ccf1d0f8438ac8bc98e7ab1fa46e93a32ae0fcb8245ff9728709624caf36e6e9da37940365b56378ca56b6e3b1572873c8ad1a24c7f682efb462c602de48740ae61c2d41ed95a2ac5acd937968f79664127c42b049c549a1b131e6724e4b0675656dcb1b32aa59707c727ed2c11b06aef4282e9bf9cbe896ba145caf0dec34b1b99c0357fa937c63f875560e1bc2818ad9f67e53851b3352eb7e0b54db5443af06017cfb61390d968c8b717b30ad5ed35df18ccdf62de490172916169f9403eb20b9d6960aee3e09fe5570189e4883f27b541b068005ab73af1f46d0a6519be2f1e1c619c97a63181a2321a15d14d4c813cb3b81c9574d6af848c78ffc4714bf1c88e99ccd8082bbe51978f76c4751a395080d454b45deb156447e8ff3e168da708b7eb55a6a0abfd65f240bb41eae54403a9f618523e19aacf031e8b300e4f85ad0ca7c19bd44eea5ac034b18a7138600a33e1b53825ebd7e74eb54dddb3e96e56610d82ea06169d6cecbd2e044782aaef304f7f639c005ffc299286f53c12f200c584bf98e2262d35fb80e78fbb3afb30c3b5d63e2ee8bf25f3a4e00fc1ba9e7980b496379b507ec11f11ea42ea3569a69657133dcadaab51c64c5768d52b73c28644ef8a8b27bbcf0bced3b0c8b0558bd3e7e6ee570abc896dd2e1c56158133d6c37cdd5d925a9366d3232d594f2fd87205dd155ec8ef1ba1bb2f898e699ebb744c0c61aec452bf598118f57c120940586bd6adad610b726b48dc7c28f0858878352e40342b3144b46e6887224f56bdb7ea70183353cf1c1c2a485c9ca2b74afb75fc303166163f17266827a3e5629baf59651c1717879c947f22af9f6ce087e19b81961c3ef79519848fc3718e6987d21e35382812f863491b6b09d73e426242f67abd59a28a5ca6b65a7f87d789dc3a2110328c7dd6c5a9529656ecf6a9bbd04e18e3068f494985d89335a7602e262a58451ebd1b6649d2844f69aaa418b45584981b9d4d1a2d33ff25d08d2c56ef5ab45e1ae13f6c8009afbac97fce34916c053901db5969212ea4e8f0add0ef87b23a589800b07dd89ecbbe8761085521457d771622e5556a8d2cfbcce851b7904842423a564eeb7bd56010bcf96732b326fe76c4dba76f50e273e715002b7be9a38ec533fba7da509b8504ca2305313873d1b3ea7b4b6de23dcd876d2164c672867d4f437d9c6e5ef69722af3c52f1fb753c26f59ed30c91159bdb69f132f1f89526e6c764dd953c139988712c4bfef5069768af32d7e9479754df89a82b8e8cf1b48b9eaef45f7a8e9f695b5480226aa6b64acd877b1382d8e47b3d7a73074ce9eba19b31c3fdbe34eab67e743e5594370276e57016f23505a57493d1d5530bb95d7ad1eb934cdcb66c5e89a1ac4c5337a6bdec3d4412bc481818a68d1f7130dcb9691bf0575bc85b7cb5e50c57b88782fbadd24d08ac8fd9bd6fed2ab792ce96b6a143b3cdaa61df52a3792f9f8deff4973aeaecd1fbec38b2ab2d380ecfeff1955d6c45877ff63e00904d3a915f52bd205c22d6463b4133cea26e1952edb34e50f702b36a671fad5d4705c6c0104ace92eeee17d05bb7e01f8c9eb145a35a675bd9d466aa4567e9e208045a86cb7a2dc3771af29622499a8c20aac07309b6ef76afabf301e40571efa17c2c5f7689f2fde4bd04b52376a0f6b70d30c71bc1b40bc261e51f07a801fb841aaa6b0af8e87b71bdda29690742c4ae27fcedc637a27c3aaf08688a3b5070af4bc224379602340ad47465fff38300ebe6512b88868457e94a5a1409bc1ede6f05ad26cb418ee5ac7f9b39a0e190eeb25d453a7de2dfd81a5afdb3527f1419270a91337be8533ed24e80ddeaee51052320a5768ee89452a22c2a5961f58be38c1aeb6ca02be52a9738b5aea8ae9b26f14e2e2a19018d05b85cd3442eda0cf24613666e742320b56719f818d4f44c992a3f677e50688d10dd452d035c2117f0cc8605f408ca48de20b58bc60b27ebd107082fd6606f08f2f762b2ccf6bdceaf4643bff1bb7d8893611af760e421d3094cc2d0f2d20d073241525963141a1dc3a5f36032b2810deb016134e1b02d33ed65854dac63902fcf42d68b6f657ca0cb35da63fbe2cccf1b1b7d76f1a011802ffa476750a1395a8dc2a9c8d3e08e82ec6c406673962f4ccf1560b56d96e2a09a0be988b473b53d2080ee3398e7d5cc475d269b9aceb4e546cd8a71efe8682488ad08efe44f3535ce00bdd1ddaaa14aaf8ed4dcf1d9b68f523edf703d15aa0da48a093a6c9d7ce55e3697901167041b511c0d95e6a1ac0d3ae805657fd3f8976cdf60caf93d1ae9d2092ad7a27aa446e00249cef55e54ffc7fbba1718ef84d3c31df484d5d40a6fa63a664cfbbc39387c1e41997f292d8f5515cdb8fe0e2a7c711d6f969da4f9de8fa624856e70818f1a1f0392f13d909ff6205932a51af439aa626739138d19ece7bf680b7a499a0f3be1c00c0916916396da357cbda90ff8c175f64d6da2c2436ec71e7f6af721f1319c26a6eddaa4273f4ac76efc5a817539f99d0772455a3b1f310a7fcd15a8de24a4a65483ad5c20aeee5b179c903a9a7a7f4a1451c271212ff5c5f2fc2b38d8d3c47f2d278a416940a28523c1c13db22685e00055786e0e689c98e379e924787cba373ff5be2c5291cdd1c130f307e2cdae513803c971741785d5c8c7fef801be7760a436e18049cc1089f8c280cba97a10a7c05dddf2a791e42613791e7b686fde09612501b924f6def014f59a576029ba3c6ba280a63347b1e911d7d81b1cc28473de1ac0d5bf3599ae3d5a52cd1aa9597681f359baa16d3b4d6c8ec632f4f630785b41edd5f80dad3b3e06a2356b164401967c782f846b099cf2636b77af4f1525f7f8eb3b65b489be7f638cca2b3e047d1978ead1e66881a42a731678552b3d69dfca0353353c7065ec2fea498643b9f242b823cd2b637569ba7d1930f5d044e345f72e818c4c9d6cc7a30dbb68d31b3bcfde50d4df2bfa7b690440442a1e66fc639674c52d23d952068a6c89ce746632eba3baeb4cd37ff16ab916cf5f4ff449fc06b8bec841a1f7b5a1201380beb76754e37c275e4a89e267a363cb7b384eeda9aa145d54e671545329232c2ff26908760e91e7176b8e6f017bf9b5a87c3750131d5e8dd11b5d2768f5c07f77fc235f7d0b25baa7b8607140b7fea9ad2cf3186be0485982ad2752664c03a9f612fab54e2f4c4d8c2273fa36ea4fdab17957dd80bfa9f7849a28b29b008de7f8bcaeabc3acf2b9bb1bd90f2cfff51be43a41976e47097ac806c1c44945674012c782767d5ce3e04af4a48be035c9f9856803c5fb6949876405a8e227638d12026bc69250e8c961f0435b1cc7bec50eecf4f9c219aa82781429f35967b385c58e23ab6e7ea8e0afd46e2e491f1c234abe732abab6890feb8a3b2e879e0ae3b139ce9a089bce77e9debe0794f3e0ea08e7553de48eef24d577f0dfadb428e115e201285f43120822c5f17f64de4c4d9b98da29a90e242af488d54d5faff483dc7356dd7f63ec9ec2a566e115ff67edd22dff6cd7966e8b6f86b8426933c183a823cdd4c37639e2fffb76d33acb74c77c09c41c5bea4fe871346b2288efd141b0046bb5c3801155dd4f46834a9a631baaaa8d308cc69472a1ff54ba16598fbd1fc53da0c38ab801bae803542e431f785c36533fddb86b32dbfde83fd292826b250fc9799a427388dde26da29b5592eb2c511791be9b4c242f168a01da805488e04ce162133af48c68e0a5ce2dcc8e2beae0cb8d8b28720c25ec54c41a790965a98e78657d62ea563b5f0f94e904a74be9817ea1d00fca5004267c2acf38019c42ec02810dc2dfc3f401627c38a1f47d1b34590d8be5b7e735469f4385ff4ad61c1fff0d055cb90f77c7f8c6b808c6b3d32c7790c9762cab5704476ea6c71f7b7e90e556c1bb0285e9ba00aaaa1ca79cfee062bb7e6d8a9737e66cdb2653fe90e76e72dc825a7c36ffecc2ca2404d986fa2c3bcbd8d0de9f36e8ac6dfc406ad29396dddcbd87ec4f1a5a6fc60ace58296a3cb8561cb3d31194681f55ca7a56b96e7f21087e0cf4a8bf0e61d266ccd25d1cae67a70a59ec7b0d781b203dabe37ad3e90fc3556b8e05ef4aff892eda75607d1a8e88d05a447f447fa26a076333ce4ea263320ad80c62472a90e0a44032f2eb11823e60d6bc61ba30f7f1cc4c81c94e45580102b8d92c40577198e28dfd008937d5c4aaa84557d81df4bbe3ec37ba0b3eefc77c34d667bb9374e862922285948f4aa9c39e5ca499a2f67054b2fc77fd91b6703c97fe067a151bdc6297a12862c3ded9d5a0dfe80dea89ae5ec2fdcd8f0008c1fe9065ad5d3965d1b972a19a39b1982beab67570bfc52a227a2888b5fa5109ab2fb56fa144adc9c25d543e3d0082f3a5631c135bd5d29cc909dc41f04d38117bcc4696c30d0b3b4a213f31c2c3329b8cf2cdf565ed2a20eac2381e925188642b371bafb9ba440b65baa0b78e2561298c89f9de2ff5340505e2ae878535babb4213886bff6757d3d0ad16db900491d240ea761ae8603f5a637336bb6802a48b2c70d46f9a5417d383475f37be2a55d716ac4eed0842da695c194716dd4d7aa9f8ffaf24be387dec1288621812aac6cc6affee310c5410578f517bf7dc040ce4b81cade497f39947df750c0ed6096c43868ff6e7f22cf63feb146423e4047554dc9ca574d3e96056b250534008f1d80d94a7b677aaf3fc7cebc0f458cdaa28cead78a3b5fd38b89bd23b30ec5bd261e1c3214c50c6b58c1c70897cdfacddf5d9b55075a1fd15d68d36d5b16940d0bfe39fe956edcea979d661ae1fd01931461f1dd77f04e542bff454ff9bbf08be8d443d0c05bae69266b1f7a615835b25033dd7147648f88a64fa0fc43ad7f1c1ee00c805e6a9f06776ad9e4af3d04a0f35aa504def1ed9e6d201b1305583c8167a5b85765d4f7d026f38113f2ada1ba72a193c722a44cc43325388269eb783e7dbf37a53442e792dead7e385bc3066c50df8d7430c507826e4f10bdf947ee2ed963b458ed91faec8eb8b041bf6c54d2b517d464f59233859ae9f22790174bd2bea49ff74d1fd5cf1de2c4aae880d4b47e1af79c98e1e333e68d4ef7de379ed4ce4d2924bd5484f902f28f09527b8d9fd98e22e5b2f42dadbd1687f082a954260accfbf66305dafe79f84dc09d37ee840e971d2205ef44af81f4b8fe45faa19dad961f9c45cefc4ba7cd26e8d7851b959b83873e26bb6ff946c291f5bd45283de28a8a0f337c21ecb272e03dc163b2529d369dd1e9cb9a70ba2c0cedd7cc6a38c9ab2ad2e3344fbf417ccd3f94ee7d5507a9582a1260709c10dc4f2b1f6b8ff7cc0b6a336405a49f048384636be13ed4ea32e0702bf3385c0f1cb850a615c44f8975ee34d5de4b0a7814864328b0c818778c2bc29fe7363b6ac7ed25353a4efa3027829852c516602b2fab8799feec227d5d349aea98035caddf0b4bcb6aab802044c9f67fa9a724395f8365b75bf8dfa319cff40206d3be8e80eae0c940db246411f722543217fd11bcc7cd33c1ea9c7b5896c54eb1437103e51d52f49ec70c05e7e2988a7f9f83774fb1c743d2d5442a976daad8a4a187d565f0daf69d4242b4b8b69b043327c7ba0eca28c3b713089b7de09169524e7e5486e03b545570bd50d635323fc6b6320d2047edead95f7e9abb88a1c232897bbe86cbc6fa8579662a4a791985c1ca96073057b183541de02aaa7db197f48e4aefa480c811eafe5db4f7b23edbcbfaafc6e900678eaab5b7aa2f7acc26c37db92b93288b9c65312fbe30e3909696b75d2febdae0d3d6f5c19cc4eea43c9f89498664b21472123d69e1b50268dcd12be20a2c17670ed1d6fc5faeb8f9bc872c1574491c7caca58ad1425872bd85fcf361773ec2aa4d1e12913c3976ecb487b7b2e603e458e57e93a9401b4fe3e523816153c88f06d3c9534526fd837b7a6db28610c64790ffe2a7a49253bb2afe5d9da47a656e4355843c1bd0d79e689031e0e5de42fe4dd217de1ed5967444964450c776a2467e7342da7f556ef93a2284753727c51f8de88c760c14ba58cd6fbe7e3148e56ea24b151a15eab189a0d5f4ba1058992614f7ac92ff6bb4bab02eb8e140bdcfe2412bc33d9c9352c89b0a753bb4dcd3d6d834f8e37f63d4015e017682be35f8d2bc7a19ba38d8165af6f10632c8397f16f94b62cdc1cd07f753aae03f8ecd0ac71df6b1e6279bc2262e5c152d3bfec27dbd7cd32160714de28ed80892a42afa8d452c74be015e6e1a11a4bb385d286464f7e59b1943b8bed2c9b2cae7e2e1928b7d56d1a0110675b63a7ce97f2f415e135b707e497389eff403242192ebe5932bfeecf7c14abe6147be31d11b2b246445388331a8a12dc8f9f29ba72ff2a2a510320ebdb459766b5cc2f6dab554ad94f53b1d3a4fdf66370783b9c107ed86d88d625fbdd0a0a4816430721146539638bf653f8e58cfcea14d8dd4fcbc751e22c2e9cc0ab42d7d4c4624037c3736c69e0b36979c818e73c8850861c0a848d523c1c0b193767d3aec75c4918af1414500bfcd41f380e583522fdfb8bc9d3af991309a4e6943f76c4bb88f48382b2e324ed2d908f40e9b1e4d0101f957c5f424fe2a0c68328acc8feb1a085155c1be38528629aa5ea47c3141ffb1a85c186849034437cdda5db607a7630f683c146d4694a6fd8f943a82c609de920ba7cb8a5c58c6212c477aa92142e9b08b503707350210d8a476c904a2301fccbb2433926ae60f925696c2e5daa3b4ad79525915f686fef5b0a266f575c54f41e5783b081c3c9ac804708076dde9b281f16c4818b3cd698c45066162f460ac628e0fb6c0b9057b15e97caa29a66c0addbfb4e29ab71d709501aa288ac3f190dc685444aed80d1c7e78711bd6fd6c03a88cd7f7cf0ef5b0a94c28a08a3792bae5830fbc3927b4a20be35c096a960cf304d473ccf5d41fa52746e068aeac26fbe7472978e8fe148ffe9c4691a2ede7e80b77350ba1c7fad75e044bb1eea0914a1b7ed414f6b70a0e004365977d938c38f1b8db2452e860fd909a9a9c2bbdfffb0defa7cae2780eb19daf76bbd544ed373aa839e2c94dd91642f54ea7ebf704d0c1b81df46101c3473d4d62772772bd42c388f4815cf7ceddf42e70d97ba3ac6d677861353ba8810454c651b36d6a2bffcb2b65a77c6730970b464ee40966d1edd7a384582dacdfcc5583065120c43b1fdd34a93bda24fe3dff46921ed8f1a05fa584eea78440c84f7e52b6049ef51fb487b71da9f142cd483ab8c851810d04f0bc6994c47ea79c5810671dc9450c9bc32cf7c9635272e61ae29a3b2cd80ce399c70191e8eb1896097132fb0de6faf24afe637f5f3f86094a279a1dd4046b73f04acb1f7ee1c488bb89f27bc9ebda1655dba66f165af677d850f4c44a1ad0c26bf0ad55161ee318fa4bf9dd920876768e43461bd6fd304ae7b992bd11da2346ee31916d2d07c877e57e74801a37d7110d221779dc2cb388edf29bf1dfa968726eea20a15dcb5f3c06abcf8b26e12306bbd5a38dcf7bcf4e7f93e901d47a7649be0b73f6ef03d52d52c452c1f7064c4f817827da8b8d30bdb871cb4c0bf450e308da02673ca6c1349094950977f87ba64dd9f7de049d0a3ebd0020b8ab796444619afff226c52edd964daa383e2e6bc085e229b1ad784c10289d16c97fbda5b9fe513cad891c57eefc035f4464d24416c0587ce32ca009882b0b1b5b85d1d88bcfb353a72e374ca388c398b6f4d1706e1b7c21c3ee8dd6753208b19306017e94fcd8eb62a93d0e9982bcacfe2fe127c3c74063794aea3e8940412c628b3f2f715dd66cbf03d411c04984ff2360fec20b5166679d0ef5019fd6eaca256ebac8222c8bf62b6f9337c2893057336e7235a16326c645f4452b5ccca0466bb7e3e01f14ab7d6d6f478a80ec2e09a4d718", 0x2000, &(0x7f0000000c40)={0x0, 0x0, 0x0, &(0x7f0000000400)={0x18, 0x0, 0x0, {0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ppoll(&(0x7f0000000280)=[{r4}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000002000)='./bus\x00', 0x14b142, 0x0)
sendfile(r1, r1, 0x0, 0xfff)
sendfile(r5, r1, 0x0, 0xf6c1)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000280)={0x1, 0x2, 0x1, 0x200})
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000000)={0x40, 0x174cae12, 0x8, 0x400})

1.169351203s ago: executing program 6 (id=3741):
prctl$PR_CAPBSET_READ(0x59616d61, 0xdaffffffffffffff) (async)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x0)
syz_usb_disconnect(r0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x749ee000) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000440)=ANY=[@ANYBLOB="b7000000fdffffffbfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000001f040000000000001d4002000000000065040000000000000f030000000000001d440000000000007a0a00fe000000000f00000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b1100886475923906f88b53987ad0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64360f56e24e6d2105bd901128c7e0ec82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7dfcb59b854e9d5a17f48a7382f1b3fa4526650ea6cef13d000000225d85ae49cee383f936ad657b303ab841dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c1070bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c22ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fd03000000022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b884114f244a9bf93f04bf072f0861f5c0b000000004000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99705cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0706a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2811e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96735600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922923806ca84d69ea370db27a5ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca311a28ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da7418fd3aa81cff202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c829aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0d0274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f4441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbf34c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cbf5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d9436220000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd9000000000000f05fe239d3d6dafc367f12689b6700000000bd4990d9dc174a69aadffdea5445fd3c13350af85d308caee689736c06417b52541eb5871d820b850dcb00877bbe2ed19d911564f11adeb52ec3047cfdcac8a8bab6ee365941cf792155f589226758e9c8bec8289b3012ca74bfe210e0315b384ce982e16f93f3e0b1385cfaab63bd36b141dfbc7f96ee549b8b52c311e5c657943f2a5d177f03e10b3595ed13458472a2eab1ea987a0668e52fff5c716fb5950852186649ce7362b45225f050c1c37327b6833025cc1dff2d57df674be03bab30901188386d248370"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.110197175s ago: executing program 5 (id=3745):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0xd5)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@ipmr_getroute={0x1c, 0x1a, 0x20, 0x70bd2c, 0x25dfdbfb, {0x80, 0x0, 0x14, 0x12, 0x0, 0x2, 0xfd, 0xb, 0x800}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000014}, 0x20814)
syz_io_uring_setup(0x145b, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x2000}, &(0x7f0000000240), &(0x7f0000000280))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='freezer.state\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd1, &(0x7f0000000000)=0x3, 0x4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[], 0xb0}}, 0x0)
mount$9p_fd(0x20000000, &(0x7f0000000340)='./file1\x00', 0x0, 0x1942060, 0x0)

1.109625934s ago: executing program 7 (id=3747):
r0 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x80)
ioctl$VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000100)=0x6)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x7f9f, 0x0)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000080)={0x0, 0x0, 0x7, &(0x7f0000000000)={0x22, "e922604a455494c905fd824393fe53e14fcab3d1eb0000000000000000000800"}})
r2 = open(&(0x7f0000000040)='./file0\x00', 0x268c5, 0x0)
r3 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r3, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r6, 0x400442c8, &(0x7f00000001c0)={r2, 0x1ff, 0xfff, "0c9fa6d09d56f6f30baff1d8e43ef91db760e4bc66bfd1a2dda42b9bc4f6a8a74f17341007fa11d537ba4ba6890438f6a12fd101fdde9f38eda564a237d08c1d341fd58a834bd057519aecdd968009627ff06dee98db131c967263a7b0523c39c4544551610a040b7a59b20ab69853d2079673a2248405f0a70cd78a"})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000180)={0x3, &(0x7f0000000140)=[{0x9fc7, 0x6, 0xf2, 0x164b}, {0x400, 0xf, 0x8, 0x10000}, {0x8, 0xff, 0xd, 0x1}]})

1.109207199s ago: executing program 5 (id=3748):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x403, 0x70bd28, 0x4, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_ALL_TARGETS={0x8, 0x1e, 0xfffffffd}]}}}]}, 0x3c}, 0x1, 0x2000000000000000, 0x0, 0x80d0}, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=@newqdisc={0x2c, 0x24, 0x800, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0x0, 0x2}, {0xffff, 0xf}, {0x0, 0xfff3}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}]}, 0x2c}}, 0x8000)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000180)={0x1})
getpeername(r0, &(0x7f0000000180)=@isdn, &(0x7f00000000c0)=0x80)
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000c40)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d649379071c33390e418ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8bef9cb85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e5a61561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a0600adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cd50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b75b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33320253af570f4ef9c0254afdd89ac3943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b74c516647652bfb6e93002494a5cd74e2a9a4734487062437da23e1efa6ef7674108aaa3ffac859c3577c2637bb3bdc69bc365b1f20dba96b8acca62f3f80045318de0facf2ed44b814e842c2a520159bb6c320cec0910c0b8bd3d547bdfba2e0bb24d117ed0388afd37affbad2f9c77c9c1314a16ffe64f5e3744a2fffd7039670f5706e589a4c3868"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x275a, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0xfffffd42, 0x0, 0x0, 0x0, 0x4, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r7, 0x541c, &(0x7f0000000000))
r8 = socket(0x10, 0x6, 0x0)
connect$unix(r8, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
futex(&(0x7f0000000000)=0x1, 0xd, 0x0, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000080), 0x2)

1.04031728s ago: executing program 5 (id=3749):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000180)='vfat\x00', 0x208000, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000e00)=[{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000440)="d4e666e247641d8d52a3ef9c12c8178a", 0x10}], 0xcf, &(0x7f0000000480)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x0, 0x117, 0x4, 0x7f}, @iv={0x0, 0x117, 0x2, 0x0, "d6e7c3406dcc3781db4195e3cc9a8a07b44ae04b583d99feca953b1fb10e9848c7fbbca54967b5b138dd21968846b6af1e68b762d894cb060c7e7b786d02"}], 0x18}], 0x1, 0x0)
recvmsg(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/74, 0x4a}], 0x1}, 0x0)
r3 = accept4$netrom(r2, &(0x7f0000000000)={{0x3, @null}, [@rose, @rose, @bcast, @default, @default, @netrom, @bcast, @rose]}, &(0x7f00000000c0)=0x48, 0x80800)
r4 = socket$inet(0x2, 0x3, 0x4)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
sendmmsg$inet(r4, &(0x7f0000000ec0)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x1, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
r5 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
write$tun(r5, 0x0, 0x46)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r6, 0x1, 0x1, &(0x7f0000000200), 0xd)
setsockopt$MRT_DEL_VIF(r5, 0x0, 0xcb, 0xfffffffffffffffc, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000300), 0x48, 0x0, 0x0, 0xfffffffffffffdfd)

1.039581447s ago: executing program 5 (id=3750):
r0 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8)
read(r0, &(0x7f00000002c0)=""/199, 0xc7)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='macvtap0\x00', 0x10)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROM_LAST_WRITTEN(r3, 0x127d, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000c80)=@mangle={'mangle\x00', 0x44, 0x6, 0x390, 0x260, 0x0, 0x0, 0x1c8, 0x130, 0x2f8, 0x2f8, 0x2f8, 0x2f8, 0x2f8, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x2d}, @multicast2, 0xffffff00, 0xffffffff, 'vlan0\x00', 'veth0_to_team\x00', {0xff}, {0xff}, 0x6c, 0x0, 0x2d}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0xf4}}}, {{@ip={@rand_addr, @private, 0x0, 0xff000000, 'macvtap0\x00', 'bridge_slave_0\x00', {0xff}}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x35}, @private=0xa010100, 0xff000000, 0xff, 'ip6gretap0\x00', 'ip6erspan0\x00', {}, {0x75816b9d8404136c}, 0x0, 0x3, 0x18}, 0x0, 0x70, 0x98}, @ECN={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3f0)

1.039109861s ago: executing program 7 (id=3751):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r1, 0x40187013, &(0x7f0000000140)={0x1})
r2 = syz_open_dev$cec(&(0x7f0000000340), 0x0, 0x8240)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x9b}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9540700000000000400b55467", 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000040)={0xd0})
r4 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000400)=ANY=[], 0x5)
write$cgroup_subtree(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="f78d8db4fc57971710bfb3d119b7"], 0xb)

949.727434ms ago: executing program 7 (id=3752):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000000c000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="f00066070f01d9ba210066ed36650fc775cb670faea200700000baf80c66b88ceef38f66efbafc0c66edfe0d3e0fecb74e7b66b9410a00000f320f01f9", 0x3d}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 49)

710.382753ms ago: executing program 7 (id=3753):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fe01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

710.178129ms ago: executing program 7 (id=3754):
r0 = socket(0x11, 0x800000003, 0x0) (async)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$input_event(r1, &(0x7f0000000040)={{0x77359400}, 0x5, 0x589, 0x5}, 0x18) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000dc0)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd2d, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x60, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4, 0xc}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc], 0x0, [0x8, 0x0, 0x8000]}}]}}]}, 0x90}}, 0x0)

708.468394ms ago: executing program 7 (id=3755):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = signalfd(r0, &(0x7f00000000c0)={[0x401]}, 0x8) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_TX_TS(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x74, 0x0, 0x8, 0x70bd2b, 0x11d7b775, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x4, 0x17}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0x1}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xd}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x74}, 0x1, 0x0, 0x0, 0x40040}, 0x0) (async)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) (async)
setsockopt$inet_sctp_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000040)={0x0, 0x3}, 0x8) (async)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card1/oss_mixer\x00', 0xc48c1, 0x0)
writev(r4, &(0x7f00000028c0)=[{&(0x7f0000002600)='u', 0x4000}, {0x0, 0x2}], 0x2)
close_range(r4, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000340)={0x0, 0x2}, 0x1d)
sendto$inet(r3, &(0x7f0000001000)="ab", 0x1, 0x80, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) (async)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@ipv6_newnexthop={0x24, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ENCAP_TYPE={0x6}, @NHA_BLACKHOLE={0x4}]}, 0x24}}, 0x0)

419.891648ms ago: executing program 6 (id=3756):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000600007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000aa00000095"], &(0x7f0000000300)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

419.655489ms ago: executing program 6 (id=3757):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x7)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$sock(r1, 0x0, 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x404d441}, 0x10)
getsockopt$ax25_int(r1, 0x101, 0x6, &(0x7f0000000040), &(0x7f0000000100)=0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), r3)
r4 = dup(r2)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
lsetxattr$trusted_overlay_origin(&(0x7f0000000180)='./file1\x00', &(0x7f0000000280), &(0x7f0000000440), 0x2, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

419.483243ms ago: executing program 6 (id=3758):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_MCAST_LEAVE_GROUP(r2, 0x29, 0x2d, &(0x7f0000000380)={0xdf7, {{0xa, 0x4e22, 0x9, @empty, 0x6ce}}}, 0x88)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x1c, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f00000002c0)=0xa0000)
r7 = dup(r6)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000040)={@my=0x0})
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@hyper})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r9=>0x0})
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r9}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4, 0x5, 0x0, 0x0, [{0x8, 0x0, 0x0, 0x0, 0x123e}, {0x8, 0x6}, {0x8}]}}]}]}, 0x44}}, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
setsockopt$inet6_MCAST_LEAVE_GROUP(r2, 0x29, 0x2d, &(0x7f0000000380)={0xdf7, {{0xa, 0x4e22, 0x9, @empty, 0x6ce}}}, 0x88) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x1c, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0) (async)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f00000002c0)=0xa0000) (async)
dup(r6) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000040)={@my=0x0}) (async)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@hyper}) (async)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1}) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge0\x00'}) (async)
socket(0x10, 0x80002, 0x0) (async)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r9}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4, 0x5, 0x0, 0x0, [{0x8, 0x0, 0x0, 0x0, 0x123e}, {0x8, 0x6}, {0x8}]}}]}]}, 0x44}}, 0x0) (async)

419.331191ms ago: executing program 6 (id=3759):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc491c6170000501d0000be7ba9bd"], 0x1c}}, 0x0)
sendmsg(r3, &(0x7f00000002c0)={&(0x7f0000000140)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x3, 0x3, 0x4, 0x1, {0xa, 0x4e22, 0x0, @mcast1, 0x1}}}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000740)="7fc379cb1275dc2f3ee2bfe9e0051d0e29fc079c020e07e7eb505bc2b13ab079659d7705e6e13f6564c4289433e7552949f4b03545f31b24a28de48f9c08df0b743d87b1096b4f8c29541e18f9203ced48f8c0d8e1c8dd08d60b5300ee0b3f8d61cd372a4a24a23218af25264a325825b202f6740a5fb0be48c2a77f6de1efc8a0b53cc326e8805f4481d929e9d35bbaf6eff4d78059130f0a4f6afb79c5ea4e17f95efd06dc86860da021482f14b1deaec78905ce85ece67aa4045295143b8c9d843fa87e9bd33f1f5c9449e1d8dc016b653450675fa2c8bffe02200a3857134bb1ef3ebd7006396fc99f5a9583732004c7a01e78af3a7bd3409ddf2e0eee92fe6654164ca9ff73e52f23b8de8c5619985851bfb713d0ad37e380670b9820e940e00b5e8350c63d1bdb07aee132e23c76c152d3653a6ba59ed239fb09c181c6e17167cbc7d0bcb11e767e30437d6fb40a5a18d841ea340fdaf11593000789b2f5471838e7ea715a001ee565427c37dba813f54f2596d35b5540c965a01f2cecf727b25012560d06509f170a811b3854b1d268e89a97f0ae05fd24fb6b23c36304c734e8cbeaafff72de4f7b73494ae94918e8e8a4d6b7f8a5c3b8c8baba929989274765e501e3ff082ff91e86b19523fe8d78b4dc2dc3e286737476c635bf4127e8924b021e3ef085550be51753f6333a5f86574033b7602ecd36c492fe50df54594cfa7205d5bc5aa106345037fc02bc009237d5adebd82222f4b4c424de2606bff074e42209e46a44f6106e5a28779f92a27ddc6e8d3d2fef677e50dc0903af7337691202bb629171a8288fb5facd3309d58c8dec2968a5c8861ce8d0beee7884252a4e1d1a72f299dbf6991e16b3aefce31b46efd15daa5be0979ff3f59c781f19db3065fb37207dd5fd4cf54875e1a75df8442e7ab094352fb4136026ac9239837253e924190324161d1ba7100c5cc49f16b0a9f3850bc5df3e86b2d6acb68143330d4709d0a8cae902fa12e0449b809c51c596c02cc1afae66ff757935d93b519e9d5c8c0864609c5d4922f0b6301bc013a5162e483fef5085ab02a10e2c995c8d33c6bac5014f1665d944dcfea7dd5f1b7f5eeb50615ef49b498cc39a86fba810d2a9ec0a34b76bd68da0254a8c3b1058d386ebc9e26d650048c56d74298ed05feee3a7fc07cf4afc01c4fc0dca4f92b0194c7e8ea22e50d6367e48f934872021368d600f98c88165a93fea5747ca44dd3e1ecb52567200e68eb9085694ba5b676c0d2ded39b20ac2c9822f6c5ecbf27f169c0a99095a79dfbecdbb2ae7497224c800df99261265733283153107ab12c55c88f9fe0b18b71625a559065375fd87002204f3a4f02b21babd8e7ec0acd169c9e0a25f10712f8a2227ffd86c4ed0aea8d39d10cbd9ba2f8137c92a074123eb368d0a9105885b07800d85f47d64038cfd5415a0278e6ac4cef6eceb2715820063ebbe5f88b918d0206cdd6625ee43451c635df3805a7d7a4ddeb0c228ffb0853e968c737da92d320b4ce14c331e8612761276701eee537c533ff9a8d3b0e51093a543d5ca3d93ddfb52a35066164a04b5ee08d830a962a10e338004f9c6bef5ce226582318c7d45898766f017373f2800470336964c826e41b731a7e8363838d5f94b5cdda0305a9ed285dedf96340482d1fe9c0ab1820994b99bee33bcd50011f2698561ad2e4e44f0728eb52dd560e276faeb97e70e50343b58080337904476d280ae4f8487cb15b05a069ed98801cec417c3dde66e7c7f6b9de17fc94715dd22833145fb8dce90a7e45c648bb377d55aa70db61ba676ae9119e2b91d7bb435f1da206607ccf177a5a2a26d6a488f476dbb672972bc13e300b079e7c14009dbdc8f1fa32ec07cefc61489fd799e4de1cb9ef0d31a067754fc031168f4312c28a55bb6606f73fe7ff54d2641303d19d74d6a4425e0a26d21d8504b2ec531c962a03f69372444ac2dd2ce0700a1d7909fbb2d9a3a9c620ae5aed2f22b279013afeb10e6a4fb4dcb34af2b5b36b995261b7df6522b279d321e9bdf4f2e72464d51005fa1ca5b88b987dcb2cf7553de0c8d7101014ee312d88d2e47b959f90b147faec8505e98cd9c0a3c92edc35f9efc51a3c0b9605947514d441cb8d190589e9ed95e211d57c52d493b95842af2ed0f15bdbcaa43ab6ebf51a6d9ec0776501000ce58b2266e32cb1c08986c57b6a47bd63ae47e10922987ae0524624f3ed3116feacccbd859fcde3ae3d91dc7b770e8dc78ed5bf85e5e42b3b9f11ccb2165d4daec5da3782e218784daf081766b802f813e458244cb3342f56be1743bc331a10496acf3fd3db1c3d9ff3f763a720b4e2dc094bfc4b59e928add94f607b02615262b2eab4367ce6e57c6fb0511b2390625255c2fd4f778a00b2d57ff0b1bc928cc5e53c08fbf049984c2ec46667876fc3b59d98f4a2dfc96ec08e1ac953349ac2ef3f4328ecc289c5ff31e5ff198220b5c83e45f9de0070f543ce47a23fb9773f69c009d5a90b4e623d323fc4f0695db6f9d7569d3a0605ae6e42ac94100f2ff027f421d5872f9b2b0c3348e19ddd73386fab9f09a34bf660774119ba3e8fa1b4d56e83403985d3e37080cc23cd740a1d687aea9b147d57c49d8c458e60ecd4d0a60a93356862cefea981555a77e993a2e82fa13bf1ea5d0189ebda99ef11fb6205b5eac8a11bcaae7970e4fdf8353780ebffdd665ba5094c48a7826387a7be62bbde038ee84318e589f67926fa5fe08e0c51c02c54ade236b5ad863f942df62ac81dcbd9e47f5f896595399304834a07636a378a1322d2672d40e1a0c9842d99d7bc311b48fd92a68ba0fe14d6cc4e9685b8d2ecff1d60d4a32e64a8681acd1f76c69885beaac3bbe80971a33b921b2f1ecee2cc4f8c3d3810322526e9653e6dbcf3e3fc55c59e73799b49f1d1f0d8070038191016b4a87e1f87d8d8824f156e14f4b178867d1c9a39962d4fa42e54cbe0d10498d4ae9aa8254c1de529575de7b35a9cc0077741fb7df5def4ad41ee30bc70beddec5457e95c3841dcbf88f990887352081f1eac1d8b10b1460426df6f005da6f3eb3996bb00bfa5d8db295c263db8bd52f61988b779da740dea862585f1818d8964dc7e54749bb32b4d479d9f53d699430e6d163fd5bdc4ece7a7261a0f1032089d28aea6378ce8f5c61e93936222aa1b653f50625b14b488c17e67099313b87c652216407fdb116917482eb149707d1969e602ed44637f7fdc088d1f7539c3d7fd48bb869157fa236fde2ee1144ad7eecc99147956e4a89cae4928f3fb55f896dc1f346f0184549d367cc3b7365350f5d2907aa7aff576f26ab304dd9c6afe8f88f762505881385cf92b6dbe8bfab6ada41300d7da65010e4e870e47bf09f7d6c61d15b04e1a99ef03dd320624ee5635fd878f542c9529dfaa32b1594c277cf554058f136e94caffd5a5dbb4cd939dd089bf1d173bcce3734ce546b4a11853d1d05dde2633cf68d4eabf66db8094c6f5fc33cb17d5d9e62b14e0fa85bef5128b3d6b7ea01ba057a40ee3093bcff9e8d32457d718271c7ad12afd9f8f833f88f5b07e7ba909ed783c208fe112d796a290cf7e07a036f9021bc8f7d63b03199cc1c74c1cb89ada9313add233452d3113b8575cc2111bcafb0eb6b9d5825b4bd4fb119ef031ca48956210dbe2f0a03c6131946eb5b01fff993b69850349701940501333752dc614addf0d27d27ba434f0ad2a5cb35a69da2473ff144a7c7d7eb6f629d15b211a0f8bea637ce4cb3ba3064d9c54908f4b881c7befdbd4423e3dfe6ceaa5f59eebf57dbc2ebf90d65e0daff372609fb8a98be47f1e2a61cc95d22c727f2457425349a21cca9accfa1f3dd86b4912495c2c02c41616d8e0134c4f62b35a441d274017a6a5a40e7172f9010d21a9d978f9b0ccf66bcade42098966edc41cbb02d7d7dce5560a8723dd3830928f1f4935f5738deb62c25605d2a46520077d3dd28c3bea144f6356872a119c5cab3eed8bf2765fb78abad3ec42656f49a0d0f602f99df4b0c11d5a4d47b4f5674a2a71f15b567ec156e077d5761468b8d653babf359b2168a08398365cc9ed32aa361620b981458489e79a4757b5680cfdf5e5d344b2540d84421df55ec7556d839f4e4ab205b29c3a339c60e0112449d25cc0b39203a02552f8a3931aa59f33c0fd654da59452e7d86f339d3d414c9d38fae4c0f839e1e8dd9a7be8fdb74c7fd0958ffc31a75457f093d8e28c040714ae786ed28766c5f1c7e358df05019275503ad9a839cc69f740d86567cdaa65f6512728fce79e8bbcdc11a6831fad2747677329d24ea4bb40223b514bd4f59c1272dced6f69b4dc52c612292196676b6b2c3b4845a856221539205ddc461f24279a16ad8da792ddf3c67db40fbc3c4e427e08b81e3a1608d5ebbeace9c0874deb17b8961b0b38deaaf1e6c19abd1cb70978546b5ae62e9d4d21a859d3496656bef9f642debb842459325c1aef7488c910545ab7f6ff1fad52b43e27a040aaac408f128f8004fa9b24bd06169d111c8265de411280c381acdb8ed7fbfd1323e5ef5704628303ba3231f4f031af317231f9c795be3f2ad26e55d7f1e4f8667c7e32a9a1e0b11631234ecb6d78942e2f0a44a10308ee1e1f7331d1a3c79b1d42ffff6ff63068942f3a162600794bc5cb5a6968b1c6e19663730adb06736318e1c999c68bda6c259856c81accf84b5b12ddf75b8516399b7c78f279af024c7dd5ca1eb560486f95c00cc7c947a1d0d5472c55c1739f974e649939bea4cfcd89232a025f391b8fe606fb6ed062e28a220129cd0a60ee9b9e8914316d47eca43f124cce76b626f796d042dca0883f73e4e5c301edd77235550b4bbf1406385d44e3d269f15a6db194f3d06e701e7b7f554601e66af113ead683bbf21534eb9ca179c558c998f0581bf4fa5d5f271e58b7005680156d251c14594ecc199f379954a97f3fefad6902e18edff2a7e5e743bfbbe9f1c1e7fc92c6d8dd5d7257de58a55268eca161b69af1ce34d62a8546e230bc86c0ecc543d60ce7171285599db68d025883644d72cf2b784c40a546ef712a6561aa2f46880c0389f0476be3af745f52277c6fba57ada0517e40d5d28e074e004b2a599f18822bffc74d902eaf6f8b3b3d7d7cea607735da21654b5537df7aa06a9185890b5a34a1572d9a21aeb77fbe139c99e7d058407aebea439679831b9a8d68f9bf0bcf5db8e58c0d0e647593190d6d188b6519d822ff122cd805e49993264062a96897d7adc9cc2d2cf84bf69331299f011c2f13a52ebde8e6cf98b968734dad24e3e676a9322bf5b8fa67cf1dbf4076684bd0a038a28118347ebc121dc9d38aa79458128ee19420cf8637ee5bfc69145168019d61fd8a6398e4ef7537b8472db3f28a2c9ea9c3ae26726a0626abddd55f4857904f291c02c708df28cf0c1019127c9d9189de14428a3f55fd98980b4c1007ae4d36c8bbb4d477dda35996c87f78a875cd23834fe4ad7d9b5a4e0fbb2089f7acb16615ed5e196a653ad594a63f43cbf6eaa8d4fc6bcec850c1344a212d6fe520f28b7961fa927d09ca4da57f21b0216bd4c96d659955e2e758e5b932d9422ea19f5a70aec3aeef39cccf6eced0a822b38e616cadb6ec959f07c3a585797e395eaec30caa3f0fa72a4d20503b8a8d9caab837d69bf5c58afebaf626ea03d42c7ab6c985e2b4353cef4d821fad27f89d90dbfbe7b6975091c39ff487bb2de869295bf2ed51a2ac3eeb8df042675a283c4e85496412c", 0x1000}, {&(0x7f0000000240)="6594a8071d02e0c0e8f26ebf8facc7f396a6ca6b14b0a7b5ca0ef0b42ab4a505d7897feebbd82156e2c617c760a29cdef01d79a69f348b2ce771a944b13833d2d200c46383a3603aa4401f9bdd53b8fbe57d10efc706460049", 0x59}], 0x2, &(0x7f0000001740)=ANY=[@ANYBLOB="50000000000000003a00000000000000202f77f36f97a435b4fe2b632ee7967a56bf8baeb0e30aecb5b4a402074e4f7e2d2d555aa16cc5be1ca1539896dc1bd430a4338176d30f7a40002c1f1d45aa1569810dd731e6a700000000009000000000000000ff000000080000002eecc004f72553b1e74d86df005f096dbedc726d850bcfa2f20a91f937a239c4582e118bacff85aff38388d1265c3db0e048ead453b66c644ea54968030c715bf0a7eaaed602008b20906e0075fe3b3f74cf98ee7defedc983da6c40482b7c142e1b1e5343e5729bd2d2986da1b9543602374d85373fc2cc03048edc5a7d4479595d4f3bee44bc8bc0043bce48b624fbaf8c673b3721b605fa4715d5b3c0472a13d7b5e3e2a897f43b93f739e87a9dd77ba25f2ba399dd20f2ae54092fee0a5a2b77ef75f309cc9ae85b0b733e62a47d849b019a06c2f85380a0162bc4276cb3f9d448993729af3a5cae96967fb394628d2abb5da7eff44b6b78f5719cfdaa672f9bb701546a18c427b4872c7bef5110f97ca4ffd12848da2d525b6ac01c34ecb5c4da3f726eec471c066d6d525b727b7077d0a077418fd966702fd99720c8b362ada5fa849847befac8d659ad70799cf9984876447198ecbfce55a23a1f83b4f5734e6c074538100028bb4f9eeb7155cef4f0f9fd5b2ad3380c56f610430de7c15fdd35565c261b30515b821633c3dcac3c3cea20ae6fa97c67c2af47f918c432ceefe682a70540a988df3df94fcce325e39527ad1fa3f5feca912a42e327ca7310aecff9db6ade5c022f30b2806fc50adcc4ecd95401533833ea2f96808154d3a471252896cc5188c403ab781cc32c2f0ffc3be50bdc88b93bd347bcf44375a3330fbd535047a9bdbd13cad8612d90dff44d236a3b9f4725c6b2b16eb44566fbba53d7257a1d0851fd1beccccbfaf0f52382ceb82058198a4c944545cabfd5220024d525be9e4ce5331c9faaec66ecdf13e578d7390c170f33ef"], 0xe0}, 0x4040000)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'syzkaller0\x00', 0x800})
recvmmsg$unix(r3, &(0x7f0000008240)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="25000000faffffff09ff0500000008000380", @ANYRES32=r2], 0x24}}, 0x0)

339.717994ms ago: executing program 6 (id=3760):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="150000000800000002"], 0x50)
r1 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x1)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r1, 0xc0bc5351, &(0x7f0000000140)={0x21, 0x2, 'client0\x00', 0xfd9349ed89a2673f, "f6ccff8c942a79e7", "0d024f9fdbf938c680139598e7ff79b9e95a3778540fe6b406996b6946ea09fc", 0x401, 0xb})
r2 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000202505a8a440000102030109021b00010100000009040000010701010009050102"], 0x0)
syz_usb_control_io$printer(r2, 0x0, &(0x7f0000000b40)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00)={0x20, 0x0, 0x1}})
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r3, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b702000000000d008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000005000000b7e118d35d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

119.177607ms ago: executing program 5 (id=3761):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000000c000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="f00066070f01d9ba210066ed36650fc775cb670faea200700000baf80c66b88ceef38f66efbafc0c66edfe0d3e0fecb74e7b66b9410a00000f320f01f9", 0x3d}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 50)

70.21414ms ago: executing program 1 (id=3762):
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040), 0x2a002, 0x0)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x800063b1, 0x0, 0x100000, 0x0, 0x0, r0}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000100)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}, 0x3}, 0x0, 0x0, 0x1}) (async)
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000240), 0x10000, 0x0)
r6 = io_uring_setup(0x203c, &(0x7f0000000280)={0x0, 0xd495, 0x100, 0x3, 0x3db}) (async)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r2, 0x114, &(0x7f0000000380)=0xff, 0x0, 0x4)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0x16, 0x20000002, r7)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x1, 0x0, 0x1, {0x0, r7}})

281.886µs ago: executing program 1 (id=3763):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r1, 0x84, 0x6d, &(0x7f0000001940)=""/4107, &(0x7f0000001040)=0x100b)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

90.99µs ago: executing program 1 (id=3764):
r0 = socket(0x15, 0x5, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r1, &(0x7f00000005c0), 0x10)
read(r1, &(0x7f00000027c0)=""/4073, 0xfe9)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f0000000000)=0x4, 0x4)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), r3)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000380)={'wpan0\x00', <r5=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_KEY(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x34, r4, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa1}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x40850)
sendmsg$can_raw(r1, &(0x7f0000000240)={&(0x7f0000000780), 0x10, &(0x7f0000000200)={&(0x7f00000007c0)=@can={{0x2, 0x0, 0x1, 0x1}, 0x1, 0x2, 0x0, 0x0, "f97003b8750e5566"}, 0x10}}, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/oops_count', 0x0, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x2, 0x3, 0x301, 0x0, 0x0, {0x7}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x4, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x27}}]}, 0x28}}, 0x4020)
sendfile(r7, r6, 0x0, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt(r0, 0x200000000114, 0x9, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0x1)

0s ago: executing program 5 (id=3765):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000140)={0x7f, 0x0, <r1=>0x0})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000100), 0x80)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1, 0x0, <r4=>0xffffffffffffffff, 0x1})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r5, 0x3ba0, &(0x7f0000001340)={0x48, 0x7, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a157f})

0s ago: executing program 5 (id=3767):
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r0 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000040), 0x2103, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140))
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x7}]}}}]}, 0x3c}}, 0x0)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r3, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000002c0)={0x1c, 0x0, 0x1, 0x4000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010028bd7000fbdbdf251a00000004002e8008000300", @ANYRES32, @ANYBLOB='4\x00.'], 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20040)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000000)=ANY=[@ANYBLOB="1808000009000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca90000000000003509010000000000950000000000000075090200020000007b9a00fe00000000b509000000000000c39a04fee1000000bf8700000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018290000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000040008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

kernel console output (not intermixed with test programs):

ned -16
[  153.613683][T15906] 9pnet_fd: Insufficient options for proto=fd
[  153.854929][   T35] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  153.865843][T15910] /dev/sr0: Can't open blockdev
[  153.945645][T15912] /dev/sr0: Can't open blockdev
[  153.964244][   T39] audit: type=1400 audit(1732429282.915:828): avc:  denied  { map } for  pid=15914 comm="syz.5.3425" path="socket:[71933]" dev="sockfs" ino=71933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_selinux_socket permissive=1
[  153.992200][   T39] audit: type=1400 audit(1732429282.945:829): avc:  denied  { setattr } for  pid=15914 comm="syz.5.3425" path="socket:[71932]" dev="sockfs" ino=71932 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  154.004919][   T35] usb 6-1: Using ep0 maxpacket: 8
[  154.007439][   T35] usb 6-1: config 167 has too many interfaces: 202, using maximum allowed: 32
[  154.009894][   T35] usb 6-1: config 167 has 1 interface, different from the descriptor's value: 202
[  154.013803][   T35] usb 6-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29
[  154.016225][   T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.018382][   T35] usb 6-1: Product: syz
[  154.019510][   T35] usb 6-1: Manufacturer: syz
[  154.020775][   T35] usb 6-1: SerialNumber: syz
[  154.024841][   T35] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state.
[  154.028154][   T35] dvb-usb: bulk message failed: -22 (3/0)
[  154.045755][   T35] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  154.048567][   T35] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author)
[  154.051617][   T35] usb 6-1: media controller created
[  154.057374][   T35] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  154.062890][   T35] dvb-usb: bulk message failed: -22 (6/0)
[  154.064680][   T35] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author'
[  154.069068][   T35] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input33
[  154.070129][T15910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  154.075327][T15910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  154.075486][   T35] dvb-usb: schedule remote query interval to 150 msecs.
[  154.079998][   T35] dvb-usb: bulk message failed: -22 (3/0)
[  154.094919][   T35] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected.
[  154.235267][   T35] dvb-usb: bulk message failed: -22 (1/0)
[  154.236886][   T35] dvb-usb: error while querying for an remote control event.
[  154.346771][   T35] usb 6-1: USB disconnect, device number 21
[  154.355416][   T35] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected.
[  154.565770][ T5957] usbhid 11-1:0.0: can't add hid device: -32
[  154.567417][ T5957] usbhid 11-1:0.0: probe with driver usbhid failed with error -32
[  154.635895][T15928] can: request_module (can-proto-3) failed.
[  154.807845][T15950] FAULT_INJECTION: forcing a failure.
[  154.807845][T15950] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.812072][T15950] CPU: 0 UID: 0 PID: 15950 Comm: syz.6.3436 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  154.814831][T15950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.817810][T15950] Call Trace:
[  154.818898][T15950]  <TASK>
[  154.819749][T15950]  dump_stack_lvl+0x16c/0x1f0
[  154.821064][T15950]  should_fail_ex+0x497/0x5b0
[  154.822344][T15950]  __kvm_read_guest_page+0x16b/0x210
[  154.823830][T15950]  kvm_fetch_guest_virt+0x128/0x1a0
[  154.825277][T15950]  __do_insn_fetch_bytes+0x420/0x6d0
[  154.826729][T15950]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  154.828449][T15950]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  154.830139][T15950]  ? vmx_check_intercept+0x1b8/0xaf0
[  154.831649][T15950]  x86_decode_insn+0xb91/0x5530
[  154.832977][T15950]  ? vmx_segment_cache_test_set+0x14b/0x400
[  154.834554][T15950]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  154.836194][T15950]  ? __pfx_x86_decode_insn+0x10/0x10
[  154.837663][T15950]  ? vmx_cache_reg+0x333/0x5e0
[  154.838982][T15950]  ? kvm_register_read_raw+0xe9/0x240
[  154.840483][T15950]  ? init_decode_cache+0xd/0x210
[  154.842198][T15950]  ? init_emulate_ctxt+0x338/0x510
[  154.844026][T15950]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  154.846013][T15950]  ? kvm_multiple_exception+0x44a/0xb40
[  154.847979][T15950]  x86_emulate_instruction+0x975/0x1a50
[  154.849692][T15950]  handle_ud+0x104/0x280
[  154.851068][T15950]  ? __pfx_handle_ud+0x10/0x10
[  154.852561][T15950]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  154.854447][T15950]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  154.856591][T15950]  handle_exception_nmi+0x83e/0x1410
[  154.858136][T15950]  ? __pfx_handle_exception_nmi+0x10/0x10
[  154.859644][T15950]  vmx_handle_exit+0x733/0x1f70
[  154.860976][T15950]  vcpu_run+0x3047/0x4f50
[  154.862144][T15950]  ? __pfx___mutex_trylock_common+0x10/0x10
[  154.863742][T15950]  ? __pfx_vcpu_run+0x10/0x10
[  154.865007][T15950]  ? rcu_is_watching+0x12/0xc0
[  154.866306][T15950]  ? trace_lock_acquire+0x146/0x1e0
[  154.867750][T15950]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  154.869443][T15950]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  154.870974][T15950]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  154.872521][T15950]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  154.874001][T15950]  kvm_vcpu_ioctl+0x6c7/0x1520
[  154.875276][T15950]  ? do_vfs_ioctl+0x513/0x1990
[  154.876567][T15950]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  154.877948][T15950]  ? preempt_count_add+0x76/0x150
[  154.879349][T15950]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  154.881149][T15950]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  154.883025][T15950]  ? __pfx_lock_release+0x10/0x10
[  154.884414][T15950]  ? __fget_files+0x40/0x3a0
[  154.885652][T15950]  ? selinux_file_ioctl+0x180/0x270
[  154.887027][T15950]  ? selinux_file_ioctl+0xb4/0x270
[  154.888392][T15950]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  154.889780][T15950]  __x64_sys_ioctl+0x190/0x200
[  154.891063][T15950]  do_syscall_64+0xcd/0x250
[  154.892291][T15950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.893902][T15950] RIP: 0033:0x7fca81b7e819
[  154.895102][T15950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.900187][T15950] RSP: 002b:00007fca828cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  154.902392][T15950] RAX: ffffffffffffffda RBX: 00007fca81d35fa0 RCX: 00007fca81b7e819
[  154.904536][T15950] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  154.906774][T15950] RBP: 00007fca828cd090 R08: 0000000000000000 R09: 0000000000000000
[  154.908963][T15950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  154.911303][T15950] R13: 0000000000000000 R14: 00007fca81d35fa0 R15: 00007ffd43faca98
[  154.914075][T15950]  </TASK>
[  154.915415][    C0] vkms_vblank_simulate: vblank timer overrun
[  154.989316][   T39] audit: type=1400 audit(1732429283.945:830): avc:  denied  { connect } for  pid=15952 comm="syz.1.3437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  155.017330][T15974] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled
[  155.286483][T15992] team0 (unregistering): Port device team_slave_0 removed
[  155.290111][T15992] team0 (unregistering): Port device team_slave_1 removed
[  155.416966][T15997] FAULT_INJECTION: forcing a failure.
[  155.416966][T15997] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.420716][T15997] CPU: 3 UID: 0 PID: 15997 Comm: syz.6.3450 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  155.423653][T15997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.426744][T15997] Call Trace:
[  155.427727][T15997]  <TASK>
[  155.428592][T15997]  dump_stack_lvl+0x16c/0x1f0
[  155.430085][T15997]  should_fail_ex+0x497/0x5b0
[  155.431603][T15997]  __kvm_read_guest_page+0x16b/0x210
[  155.433291][T15997]  kvm_fetch_guest_virt+0x128/0x1a0
[  155.434932][T15997]  __do_insn_fetch_bytes+0x420/0x6d0
[  155.436522][T15997]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  155.438235][T15997]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  155.439954][T15997]  ? vmx_check_intercept+0x1b8/0xaf0
[  155.441511][T15997]  x86_decode_insn+0xb91/0x5530
[  155.442914][T15997]  ? vmx_segment_cache_test_set+0x14b/0x400
[  155.444643][T15997]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  155.446351][T15997]  ? __pfx_x86_decode_insn+0x10/0x10
[  155.447883][T15997]  ? vmx_cache_reg+0x333/0x5e0
[  155.449262][T15997]  ? kvm_register_read_raw+0xe9/0x240
[  155.450862][T15997]  ? init_decode_cache+0xd/0x210
[  155.452306][T15997]  ? init_emulate_ctxt+0x338/0x510
[  155.453825][T15997]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  155.455450][T15997]  ? kvm_multiple_exception+0x44a/0xb40
[  155.457202][T15997]  x86_emulate_instruction+0x975/0x1a50
[  155.458837][T15997]  handle_ud+0x104/0x280
[  155.460072][T15997]  ? __pfx_handle_ud+0x10/0x10
[  155.461460][T15997]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  155.463162][T15997]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  155.464948][T15997]  handle_exception_nmi+0x83e/0x1410
[  155.466479][T15997]  ? __pfx_handle_exception_nmi+0x10/0x10
[  155.468128][T15997]  vmx_handle_exit+0x733/0x1f70
[  155.469569][T15997]  vcpu_run+0x3047/0x4f50
[  155.470899][T15997]  ? __pfx___mutex_trylock_common+0x10/0x10
[  155.472688][T15997]  ? __pfx_vcpu_run+0x10/0x10
[  155.474174][T15997]  ? rcu_is_watching+0x12/0xc0
[  155.475725][T15997]  ? trace_lock_acquire+0x146/0x1e0
[  155.477370][T15997]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  155.479115][T15997]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  155.480805][T15997]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  155.482438][T15997]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  155.484033][T15997]  kvm_vcpu_ioctl+0x6c7/0x1520
[  155.485417][T15997]  ? do_vfs_ioctl+0x513/0x1990
[  155.486815][T15997]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  155.488277][T15997]  ? preempt_count_add+0x76/0x150
[  155.489730][T15997]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  155.491678][T15997]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  155.493644][T15997]  ? __pfx_lock_release+0x10/0x10
[  155.495106][T15997]  ? __fget_files+0x40/0x3a0
[  155.496467][T15997]  ? selinux_file_ioctl+0x180/0x270
[  155.498006][T15997]  ? selinux_file_ioctl+0xb4/0x270
[  155.499485][T15997]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  155.501058][T15997]  __x64_sys_ioctl+0x190/0x200
[  155.502464][T15997]  do_syscall_64+0xcd/0x250
[  155.503890][T15997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.505663][T15997] RIP: 0033:0x7fca81b7e819
[  155.507003][T15997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.512559][T15997] RSP: 002b:00007fca828cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  155.514938][T15997] RAX: ffffffffffffffda RBX: 00007fca81d35fa0 RCX: 00007fca81b7e819
[  155.517232][T15997] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  155.519399][T15997] RBP: 00007fca828cd090 R08: 0000000000000000 R09: 0000000000000000
[  155.521781][T15997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  155.524357][T15997] R13: 0000000000000000 R14: 00007fca81d35fa0 R15: 00007ffd43faca98
[  155.526985][T15997]  </TASK>
[  155.681427][T16018] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.780198][T16036] FAULT_INJECTION: forcing a failure.
[  155.780198][T16036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.784005][T16036] CPU: 3 UID: 0 PID: 16036 Comm: syz.6.3464 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  155.786956][T16036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.790033][T16036] Call Trace:
[  155.791075][T16036]  <TASK>
[  155.791953][T16036]  dump_stack_lvl+0x16c/0x1f0
[  155.793405][T16036]  should_fail_ex+0x497/0x5b0
[  155.794955][T16036]  __kvm_read_guest_page+0x16b/0x210
[  155.796702][T16036]  kvm_fetch_guest_virt+0x128/0x1a0
[  155.798393][T16036]  __do_insn_fetch_bytes+0x420/0x6d0
[  155.800012][T16036]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  155.801860][T16036]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  155.803588][T16036]  ? vmx_check_intercept+0x1b8/0xaf0
[  155.805162][T16036]  x86_decode_insn+0xb91/0x5530
[  155.806587][T16036]  ? vmx_segment_cache_test_set+0x14b/0x400
[  155.808444][T16036]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  155.810169][T16036]  ? __pfx_x86_decode_insn+0x10/0x10
[  155.811742][T16036]  ? vmx_cache_reg+0x333/0x5e0
[  155.813138][T16036]  ? kvm_register_read_raw+0xe9/0x240
[  155.815068][T16036]  ? init_decode_cache+0xd/0x210
[  155.816666][T16036]  ? init_emulate_ctxt+0x338/0x510
[  155.818331][T16036]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  155.820516][T16036]  ? kvm_multiple_exception+0x44a/0xb40
[  155.822894][T16036]  x86_emulate_instruction+0x975/0x1a50
[  155.824758][T16036]  handle_ud+0x104/0x280
[  155.826338][T16036]  ? __pfx_handle_ud+0x10/0x10
[  155.828005][T16036]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  155.829719][T16036]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  155.831597][T16036]  handle_exception_nmi+0x83e/0x1410
[  155.833144][T16036]  ? __pfx_handle_exception_nmi+0x10/0x10
[  155.834799][T16036]  vmx_handle_exit+0x733/0x1f70
[  155.836245][T16036]  vcpu_run+0x3047/0x4f50
[  155.837512][T16036]  ? __pfx___mutex_trylock_common+0x10/0x10
[  155.839233][T16036]  ? __pfx_vcpu_run+0x10/0x10
[  155.840806][T16036]  ? rcu_is_watching+0x12/0xc0
[  155.842710][T16036]  ? trace_lock_acquire+0x146/0x1e0
[  155.844407][T16036]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  155.846162][T16036]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  155.847919][T16036]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  155.849602][T16036]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  155.851378][T16036]  kvm_vcpu_ioctl+0x6c7/0x1520
[  155.852786][T16036]  ? do_vfs_ioctl+0x513/0x1990
[  155.854169][T16036]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  155.855674][T16036]  ? preempt_count_add+0x76/0x150
[  155.857127][T16036]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  155.858868][T16036]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  155.860940][T16036]  ? __pfx_lock_release+0x10/0x10
[  155.862903][T16036]  ? __fget_files+0x40/0x3a0
[  155.864274][T16036]  ? selinux_file_ioctl+0x180/0x270
[  155.865643][T16036]  ? selinux_file_ioctl+0xb4/0x270
[  155.867120][T16036]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  155.868637][T16036]  __x64_sys_ioctl+0x190/0x200
[  155.870020][T16036]  do_syscall_64+0xcd/0x250
[  155.871536][T16036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.873328][T16036] RIP: 0033:0x7fca81b7e819
[  155.874625][T16036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.879714][T16036] RSP: 002b:00007fca828cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  155.882725][T16036] RAX: ffffffffffffffda RBX: 00007fca81d35fa0 RCX: 00007fca81b7e819
[  155.885003][T16036] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  155.887049][T16036] RBP: 00007fca828cd090 R08: 0000000000000000 R09: 0000000000000000
[  155.889344][T16036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  155.891838][T16036] R13: 0000000000000000 R14: 00007fca81d35fa0 R15: 00007ffd43faca98
[  155.894110][T16036]  </TASK>
[  155.983472][T16057] sp0: Synchronizing with TNC
[  156.044962][   T30] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  156.165102][   T76] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  156.177642][T16068] block nbd6: shutting down sockets
[  156.191693][T16072] FAULT_INJECTION: forcing a failure.
[  156.191693][T16072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.195318][T16072] CPU: 2 UID: 0 PID: 16072 Comm: syz.6.3480 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  156.198080][T16072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.200889][T16072] Call Trace:
[  156.201763][T16072]  <TASK>
[  156.202538][T16072]  dump_stack_lvl+0x16c/0x1f0
[  156.203747][T16072]  should_fail_ex+0x497/0x5b0
[  156.204945][T16072]  _copy_from_user+0x2e/0xd0
[  156.206170][T16072]  __sys_bpf+0x21c/0x49c0
[  156.207262][T16072]  ? __pfx_lock_release+0x10/0x10
[  156.208547][T16072]  ? __pfx___sys_bpf+0x10/0x10
[  156.209799][T16072]  ? vfs_write+0x306/0x1150
[  156.211032][T16072]  ? __mutex_unlock_slowpath+0x164/0x690
[  156.212499][T16072]  ? fput+0x67/0x440
[  156.213526][T16072]  ? ksys_write+0x1ba/0x250
[  156.214713][T16072]  ? __pfx_ksys_write+0x10/0x10
[  156.215991][T16072]  __x64_sys_bpf+0x78/0xc0
[  156.217165][T16072]  do_syscall_64+0xcd/0x250
[  156.217682][   T30] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  156.218359][T16072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.220740][   T30] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.222276][T16072] RIP: 0033:0x7fca81b7e819
[  156.224351][   T30] usb 10-1: Product: syz
[  156.225715][T16072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.225735][T16072] RSP: 002b:00007fca828cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  156.225753][T16072] RAX: ffffffffffffffda RBX: 00007fca81d35fa0 RCX: 00007fca81b7e819
[  156.225765][T16072] RDX: 0000000000000020 RSI: 0000000020000740 RDI: 0000000000000002
[  156.225777][T16072] RBP: 00007fca828cd090 R08: 0000000000000000 R09: 0000000000000000
[  156.225788][T16072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.225798][T16072] R13: 0000000000000000 R14: 00007fca81d35fa0 R15: 00007ffd43faca98
[  156.225817][T16072]  </TASK>
[  156.250012][   T30] usb 10-1: Manufacturer: syz
[  156.251296][   T30] usb 10-1: SerialNumber: syz
[  156.254541][   T30] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  156.255496][T16076] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  156.260200][T16076] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  156.265000][ T6255] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  156.314938][   T76] usb 6-1: Using ep0 maxpacket: 8
[  156.317358][   T76] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  156.319559][   T76] usb 6-1: config 246 descriptor has 1 excess byte, ignoring
[  156.321495][   T76] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42
[  156.323888][   T76] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  156.327144][   T76] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  156.330028][   T76] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  156.332879][   T76] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  156.337321][   T76] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  156.339612][   T76] usb 6-1: config 246 descriptor has 1 excess byte, ignoring
[  156.341556][   T76] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42
[  156.343955][   T76] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  156.346997][   T76] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  156.349883][   T76] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  156.352712][   T76] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  156.356206][   T76] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  156.358559][   T76] usb 6-1: config 246 descriptor has 1 excess byte, ignoring
[  156.360489][   T76] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42
[  156.362842][   T76] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  156.366005][   T76] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  156.368817][   T76] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  156.371475][   T76] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  156.376357][   T76] usb 6-1: string descriptor 0 read error: -22
[  156.378088][   T76] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  156.380628][   T76] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.384613][   T76] adutux 6-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  156.587825][T16055] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  156.590153][T16055] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  156.594979][ T6972] usb 6-1: USB disconnect, device number 22
[  157.023421][T16077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.025863][T16077] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.284956][ T6255] ath9k_htc 10-1:1.0: ath9k_htc: Target is unresponsive
[  157.286955][ T6255] ath9k_htc: Failed to initialize the device
[  157.302870][ T6255] usb 10-1: ath9k_htc: USB layer deinitialized
[  157.308643][   T30] usb 10-1: USB disconnect, device number 12
[  157.358480][T16089] FAULT_INJECTION: forcing a failure.
[  157.358480][T16089] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.362344][T16089] CPU: 2 UID: 0 PID: 16089 Comm: syz.1.3486 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  157.365274][T16089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.368663][T16089] Call Trace:
[  157.369734][T16089]  <TASK>
[  157.370602][T16089]  dump_stack_lvl+0x16c/0x1f0
[  157.372250][T16089]  should_fail_ex+0x497/0x5b0
[  157.373716][T16089]  __kvm_read_guest_page+0x16b/0x210
[  157.375413][T16089]  kvm_fetch_guest_virt+0x128/0x1a0
[  157.376951][T16089]  __do_insn_fetch_bytes+0x420/0x6d0
[  157.378504][T16089]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  157.380204][T16089]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  157.381919][T16089]  ? vmx_check_intercept+0x1b8/0xaf0
[  157.383462][T16089]  x86_decode_insn+0xb91/0x5530
[  157.385002][T16089]  ? vmx_segment_cache_test_set+0x14b/0x400
[  157.386951][T16089]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  157.388941][T16089]  ? __pfx_x86_decode_insn+0x10/0x10
[  157.390621][T16089]  ? vmx_cache_reg+0x333/0x5e0
[  157.392308][T16089]  ? kvm_register_read_raw+0xe9/0x240
[  157.393934][T16089]  ? init_decode_cache+0xd/0x210
[  157.395333][T16089]  ? init_emulate_ctxt+0x338/0x510
[  157.396794][T16089]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  157.398374][T16089]  ? kvm_multiple_exception+0x44a/0xb40
[  157.399976][T16089]  x86_emulate_instruction+0x975/0x1a50
[  157.401539][T16089]  handle_ud+0x104/0x280
[  157.402747][T16089]  ? __pfx_handle_ud+0x10/0x10
[  157.404267][T16089]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  157.406087][T16089]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  157.408097][T16089]  handle_exception_nmi+0x83e/0x1410
[  157.409669][T16089]  ? __pfx_handle_exception_nmi+0x10/0x10
[  157.411425][T16089]  vmx_handle_exit+0x733/0x1f70
[  157.412799][T16089]  vcpu_run+0x3047/0x4f50
[  157.414031][T16089]  ? __pfx___mutex_trylock_common+0x10/0x10
[  157.415749][T16089]  ? __pfx_vcpu_run+0x10/0x10
[  157.417181][T16089]  ? rcu_is_watching+0x12/0xc0
[  157.418615][T16089]  ? trace_lock_acquire+0x146/0x1e0
[  157.420088][T16089]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  157.421800][T16089]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  157.423376][T16089]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  157.425046][T16089]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  157.426910][T16089]  kvm_vcpu_ioctl+0x6c7/0x1520
[  157.428386][T16089]  ? do_vfs_ioctl+0x513/0x1990
[  157.429732][T16089]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  157.431145][T16089]  ? preempt_count_add+0x76/0x150
[  157.432759][T16089]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  157.434634][T16089]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  157.436514][T16089]  ? __pfx_lock_release+0x10/0x10
[  157.437889][T16089]  ? __fget_files+0x40/0x3a0
[  157.439190][T16089]  ? selinux_file_ioctl+0x180/0x270
[  157.440618][T16089]  ? selinux_file_ioctl+0xb4/0x270
[  157.442002][T16089]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  157.443486][T16089]  __x64_sys_ioctl+0x190/0x200
[  157.444913][T16089]  do_syscall_64+0xcd/0x250
[  157.446193][T16089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.447827][T16089] RIP: 0033:0x7f7fa757e819
[  157.449141][T16089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.454846][T16089] RSP: 002b:00007f7fa844b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.457183][T16089] RAX: ffffffffffffffda RBX: 00007f7fa7735fa0 RCX: 00007f7fa757e819
[  157.459366][T16089] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  157.461520][T16089] RBP: 00007f7fa844b090 R08: 0000000000000000 R09: 0000000000000000
[  157.463629][T16089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  157.466042][T16089] R13: 0000000000000000 R14: 00007f7fa7735fa0 R15: 00007ffc873d3628
[  157.468315][T16089]  </TASK>
[  157.762233][   T39] audit: type=1400 audit(1732429286.715:831): avc:  denied  { ioctl } for  pid=16100 comm="syz.1.3491" path="/330/file0/file0" dev="9p" ino=35922874 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sock_file permissive=1
[  157.770674][   T39] audit: type=1400 audit(1732429286.715:832): avc:  denied  { mounton } for  pid=16100 comm="syz.1.3491" path="/330/file0/file0" dev="9p" ino=35922874 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sock_file permissive=1
[  157.780515][T16102] (syz.1.3491,16102,2):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  157.782827][T16102] (syz.1.3491,16102,2):ocfs2_fill_super:1178 ERROR: status = -22
[  157.841958][   T39] audit: type=1400 audit(1732429286.795:833): avc:  denied  { listen } for  pid=16105 comm="syz.5.3494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  157.896551][   T66] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  157.898879][   T66] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  157.901217][   T66] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  157.903780][   T66] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  157.903941][   T66] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  157.904062][   T66] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  157.930789][T16119] FAULT_INJECTION: forcing a failure.
[  157.930789][T16119] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.934646][T16119] CPU: 2 UID: 0 PID: 16119 Comm: syz.1.3496 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  157.937838][T16119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.941043][T16119] Call Trace:
[  157.942026][T16119]  <TASK>
[  157.942890][T16119]  dump_stack_lvl+0x16c/0x1f0
[  157.944284][T16119]  should_fail_ex+0x497/0x5b0
[  157.945679][T16119]  __kvm_read_guest_page+0x16b/0x210
[  157.947215][T16119]  kvm_fetch_guest_virt+0x128/0x1a0
[  157.948742][T16119]  __do_insn_fetch_bytes+0x420/0x6d0
[  157.950409][T16119]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  157.952752][T16119]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  157.955300][T16119]  ? vmx_check_intercept+0x1b8/0xaf0
[  157.957355][T16119]  x86_decode_insn+0xb91/0x5530
[  157.959194][T16119]  ? vmx_segment_cache_test_set+0x14b/0x400
[  157.961407][T16119]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  157.963627][T16119]  ? __pfx_x86_decode_insn+0x10/0x10
[  157.965790][T16119]  ? vmx_cache_reg+0x333/0x5e0
[  157.967596][T16119]  ? kvm_register_read_raw+0xe9/0x240
[  157.967631][T16123] chnl_net:caif_netlink_parms(): no params data found
[  157.969656][T16119]  ? init_decode_cache+0xd/0x210
[  157.973497][T16119]  ? init_emulate_ctxt+0x338/0x510
[  157.975538][T16119]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  157.977688][T16119]  ? kvm_multiple_exception+0x44a/0xb40
[  157.979866][T16119]  x86_emulate_instruction+0x975/0x1a50
[  157.981949][T16119]  handle_ud+0x104/0x280
[  157.983588][T16119]  ? __pfx_handle_ud+0x10/0x10
[  157.983610][T16119]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  157.983630][T16119]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  157.983671][T16119]  handle_exception_nmi+0x83e/0x1410
[  157.983693][T16119]  ? __pfx_handle_exception_nmi+0x10/0x10
[  157.983709][T16119]  vmx_handle_exit+0x733/0x1f70
[  157.983722][T16119]  vcpu_run+0x3047/0x4f50
[  157.983735][T16119]  ? __pfx___mutex_trylock_common+0x10/0x10
[  157.983749][T16119]  ? __pfx_vcpu_run+0x10/0x10
[  157.983762][T16119]  ? rcu_is_watching+0x12/0xc0
[  157.983776][T16119]  ? trace_lock_acquire+0x146/0x1e0
[  157.983789][T16119]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  158.007359][T16119]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  158.009531][T16119]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  158.011688][T16119]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  158.013765][T16119]  kvm_vcpu_ioctl+0x6c7/0x1520
[  158.015582][T16119]  ? do_vfs_ioctl+0x513/0x1990
[  158.017383][T16119]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.019358][T16119]  ? preempt_count_add+0x76/0x150
[  158.021262][T16119]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  158.023712][T16119]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  158.026600][T16119]  ? __pfx_lock_release+0x10/0x10
[  158.028701][T16119]  ? __fget_files+0x40/0x3a0
[  158.030457][T16119]  ? selinux_file_ioctl+0x180/0x270
[  158.032482][T16119]  ? selinux_file_ioctl+0xb4/0x270
[  158.034415][T16119]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.036492][T16119]  __x64_sys_ioctl+0x190/0x200
[  158.038304][T16119]  do_syscall_64+0xcd/0x250
[  158.040069][T16119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.042266][T16119] RIP: 0033:0x7f7fa757e819
[  158.044087][T16119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.051549][T16119] RSP: 002b:00007f7fa844b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.054661][T16119] RAX: ffffffffffffffda RBX: 00007f7fa7735fa0 RCX: 00007f7fa757e819
[  158.057624][T16119] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  158.060598][T16119] RBP: 00007f7fa844b090 R08: 0000000000000000 R09: 0000000000000000
[  158.063535][T16119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  158.066519][T16119] R13: 0000000000000000 R14: 00007f7fa7735fa0 R15: 00007ffc873d3628
[  158.069620][T16119]  </TASK>
[  158.099996][T16123] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.101924][T16123] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.103856][T16123] bridge_slave_0: entered allmulticast mode
[  158.106084][T16123] bridge_slave_0: entered promiscuous mode
[  158.108633][T16123] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.110532][T16123] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.112516][T16123] bridge_slave_1: entered allmulticast mode
[  158.114490][T16123] bridge_slave_1: entered promiscuous mode
[  158.132985][T16123] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  158.137177][T16123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  158.155400][T16123] team0: Port device team_slave_0 added
[  158.159059][T16123] team0: Port device team_slave_1 added
[  158.187790][T16123] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.190686][T16123] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.200435][T16123] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.204430][T16123] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.206894][T16123] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.214507][T16123] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.244277][T16123] hsr_slave_0: entered promiscuous mode
[  158.248220][T16123] hsr_slave_1: entered promiscuous mode
[  158.250592][T16123] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  158.253310][T16123] Cannot create hsr debugfs directory
[  158.302208][T16123] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  158.306315][T16123] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  158.309199][T16123] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  158.312475][T16123] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  158.320199][T16123] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.322050][T16123] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.324024][T16123] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.326127][T16123] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.348320][T16123] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.354671][T16123] 8021q: adding VLAN 0 to HW filter on device team0
[  158.357575][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.360247][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.366518][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.368679][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.372539][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.374494][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.408144][T16160] FAULT_INJECTION: forcing a failure.
[  158.408144][T16160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.411952][T16160] CPU: 0 UID: 0 PID: 16160 Comm: syz.1.3507 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  158.415020][T16160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.418236][T16160] Call Trace:
[  158.419221][T16160]  <TASK>
[  158.420099][T16160]  dump_stack_lvl+0x16c/0x1f0
[  158.421496][T16160]  should_fail_ex+0x497/0x5b0
[  158.422872][T16160]  __kvm_read_guest_page+0x16b/0x210
[  158.424460][T16160]  kvm_fetch_guest_virt+0x128/0x1a0
[  158.426016][T16160]  __do_insn_fetch_bytes+0x420/0x6d0
[  158.427547][T16160]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  158.429276][T16160]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  158.430956][T16160]  ? vmx_check_intercept+0x1b8/0xaf0
[  158.432510][T16160]  x86_decode_insn+0xb91/0x5530
[  158.433931][T16160]  ? vmx_segment_cache_test_set+0x14b/0x400
[  158.435961][T16160]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  158.437898][T16160]  ? __pfx_x86_decode_insn+0x10/0x10
[  158.439616][T16160]  ? vmx_cache_reg+0x333/0x5e0
[  158.441151][T16160]  ? kvm_register_read_raw+0xe9/0x240
[  158.441301][T16123] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.442788][T16160]  ? init_decode_cache+0xd/0x210
[  158.446443][T16160]  ? init_emulate_ctxt+0x338/0x510
[  158.448058][T16160]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  158.449664][T16160]  ? kvm_multiple_exception+0x44a/0xb40
[  158.451265][T16160]  x86_emulate_instruction+0x975/0x1a50
[  158.452887][T16160]  handle_ud+0x104/0x280
[  158.454340][T16160]  ? __pfx_handle_ud+0x10/0x10
[  158.456070][T16160]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  158.457945][T16160]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  158.459768][T16160]  handle_exception_nmi+0x83e/0x1410
[  158.461317][T16160]  ? __pfx_handle_exception_nmi+0x10/0x10
[  158.462972][T16160]  vmx_handle_exit+0x733/0x1f70
[  158.464503][T16160]  vcpu_run+0x3047/0x4f50
[  158.465965][T16160]  ? __pfx___mutex_trylock_common+0x10/0x10
[  158.467728][T16160]  ? __pfx_vcpu_run+0x10/0x10
[  158.469119][T16160]  ? rcu_is_watching+0x12/0xc0
[  158.470524][T16160]  ? trace_lock_acquire+0x146/0x1e0
[  158.472051][T16160]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  158.473867][T16160]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  158.475695][T16160]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  158.477471][T16160]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  158.479114][T16160]  kvm_vcpu_ioctl+0x6c7/0x1520
[  158.480528][T16160]  ? do_vfs_ioctl+0x513/0x1990
[  158.481924][T16160]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.483423][T16160]  ? preempt_count_add+0x76/0x150
[  158.484893][T16160]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  158.486910][T16160]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  158.488880][T16160]  ? __pfx_lock_release+0x10/0x10
[  158.490343][T16160]  ? __fget_files+0x40/0x3a0
[  158.491696][T16160]  ? selinux_file_ioctl+0x180/0x270
[  158.493205][T16160]  ? selinux_file_ioctl+0xb4/0x270
[  158.494697][T16160]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.496217][T16160]  __x64_sys_ioctl+0x190/0x200
[  158.497618][T16160]  do_syscall_64+0xcd/0x250
[  158.498951][T16160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.500686][T16160] RIP: 0033:0x7f7fa757e819
[  158.502001][T16160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.507573][T16160] RSP: 002b:00007f7fa844b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.510044][T16160] RAX: ffffffffffffffda RBX: 00007f7fa7735fa0 RCX: 00007f7fa757e819
[  158.512340][T16160] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  158.514627][T16160] RBP: 00007f7fa844b090 R08: 0000000000000000 R09: 0000000000000000
[  158.515067][T16123] veth0_vlan: entered promiscuous mode
[  158.517001][T16160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  158.517012][T16160] R13: 0000000000000000 R14: 00007f7fa7735fa0 R15: 00007ffc873d3628
[  158.517022][T16160]  </TASK>
[  158.530482][T16123] veth1_vlan: entered promiscuous mode
[  158.543519][T16123] veth0_macvtap: entered promiscuous mode
[  158.547966][T16123] veth1_macvtap: entered promiscuous mode
[  158.553801][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.556641][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.559173][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.561857][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.564625][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.567910][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.570670][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.573454][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.576318][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.579731][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.583465][T16123] batman_adv: batadv0: Interface activated: batadv_slave_0
[  158.588272][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.591082][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.593697][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.596661][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.600166][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.603227][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.605964][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.609260][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.612507][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.615493][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.618220][T16123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.621011][T16123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.624312][T16123] batman_adv: batadv0: Interface activated: batadv_slave_1
[  158.624412][T16175] __nla_validate_parse: 11 callbacks suppressed
[  158.624422][T16175] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3509'.
[  158.628703][T16123] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.634198][T16123] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.637527][T16123] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.640506][T16123] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.666729][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.669121][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.676240][ T1227] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.678892][ T1227] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.703246][T16177] validate_nla: 4 callbacks suppressed
[  158.703256][T16177] netlink: 'syz.7.3493': attribute type 178 has an invalid length.
[  158.989699][T16198] FAULT_INJECTION: forcing a failure.
[  158.989699][T16198] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.993688][T16198] CPU: 3 UID: 0 PID: 16198 Comm: syz.7.3516 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  158.996795][T16198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.000952][T16198] Call Trace:
[  159.002249][T16198]  <TASK>
[  159.003426][T16198]  dump_stack_lvl+0x16c/0x1f0
[  159.005323][T16198]  should_fail_ex+0x497/0x5b0
[  159.007221][T16198]  __kvm_read_guest_page+0x16b/0x210
[  159.009021][T16198]  kvm_fetch_guest_virt+0x128/0x1a0
[  159.011053][T16198]  __do_insn_fetch_bytes+0x420/0x6d0
[  159.013084][T16198]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  159.015352][T16198]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  159.017609][T16198]  ? vmx_check_intercept+0x1b8/0xaf0
[  159.019703][T16198]  x86_decode_insn+0xb91/0x5530
[  159.021678][T16198]  ? vmx_segment_cache_test_set+0x14b/0x400
[  159.024016][T16198]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  159.026347][T16198]  ? __pfx_x86_decode_insn+0x10/0x10
[  159.028312][T16198]  ? vmx_cache_reg+0x333/0x5e0
[  159.030222][T16198]  ? kvm_register_read_raw+0xe9/0x240
[  159.032435][T16198]  ? init_decode_cache+0xd/0x210
[  159.034133][T16198]  ? init_emulate_ctxt+0x338/0x510
[  159.035859][T16198]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  159.037941][T16198]  ? kvm_multiple_exception+0x44a/0xb40
[  159.039995][T16198]  x86_emulate_instruction+0x975/0x1a50
[  159.042141][T16198]  handle_ud+0x104/0x280
[  159.043821][T16198]  ? __pfx_handle_ud+0x10/0x10
[  159.045819][T16198]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  159.048273][T16198]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  159.050610][T16198]  handle_exception_nmi+0x83e/0x1410
[  159.052146][   T97] nci: nci_ntf_packet: unknown ntf opcode 0x10d
[  159.052774][T16198]  ? __pfx_handle_exception_nmi+0x10/0x10
[  159.052796][T16198]  vmx_handle_exit+0x733/0x1f70
[  159.052809][T16198]  vcpu_run+0x3047/0x4f50
[  159.061344][T16198]  ? __pfx___mutex_trylock_common+0x10/0x10
[  159.063305][T16198]  ? __pfx_vcpu_run+0x10/0x10
[  159.064888][T16198]  ? rcu_is_watching+0x12/0xc0
[  159.066586][T16198]  ? trace_lock_acquire+0x146/0x1e0
[  159.068361][T16198]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  159.070317][T16198]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  159.072370][T16198]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  159.074143][T16198]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  159.075908][T16198]  kvm_vcpu_ioctl+0x6c7/0x1520
[  159.077474][T16198]  ? do_vfs_ioctl+0x513/0x1990
[  159.079033][T16198]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  159.080728][T16198]  ? preempt_count_add+0x76/0x150
[  159.082165][T16198]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  159.084145][T16198]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  159.086252][T16198]  ? __pfx_lock_release+0x10/0x10
[  159.087809][T16198]  ? __fget_files+0x40/0x3a0
[  159.089243][T16198]  ? selinux_file_ioctl+0x180/0x270
[  159.091114][T16198]  ? selinux_file_ioctl+0xb4/0x270
[  159.092848][T16198]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  159.094436][T16198]  __x64_sys_ioctl+0x190/0x200
[  159.095929][T16198]  do_syscall_64+0xcd/0x250
[  159.097345][T16198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.099159][T16198] RIP: 0033:0x7ff80457e819
[  159.100538][T16198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.106615][T16198] RSP: 002b:00007ff8053e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  159.109211][T16198] RAX: ffffffffffffffda RBX: 00007ff804735fa0 RCX: 00007ff80457e819
[  159.111603][T16198] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  159.114414][T16198] RBP: 00007ff8053e8090 R08: 0000000000000000 R09: 0000000000000000
[  159.116753][T16198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  159.119113][T16198] R13: 0000000000000000 R14: 00007ff804735fa0 R15: 00007ffc2aa2bf28
[  159.121494][T16198]  </TASK>
[  159.311373][T16228] Bluetooth: MGMT ver 1.23
[  159.366604][T16230] ebt_among: dst integrity fail: 200
[  159.869383][T16239] netlink: 15 bytes leftover after parsing attributes in process `syz.7.3529'.
[  159.927062][ T5306] Bluetooth: hci3: command tx timeout
[  159.935191][T16246] FAULT_INJECTION: forcing a failure.
[  159.935191][T16246] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.939268][T16246] CPU: 0 UID: 0 PID: 16246 Comm: syz.1.3532 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  159.942083][T16246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.945018][T16246] Call Trace:
[  159.945941][T16246]  <TASK>
[  159.946729][T16246]  dump_stack_lvl+0x16c/0x1f0
[  159.948031][T16246]  should_fail_ex+0x497/0x5b0
[  159.949301][T16246]  __kvm_read_guest_page+0x16b/0x210
[  159.950732][T16246]  kvm_fetch_guest_virt+0x128/0x1a0
[  159.952187][T16246]  __do_insn_fetch_bytes+0x420/0x6d0
[  159.953594][T16246]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  159.955140][T16246]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  159.956712][T16246]  ? vmx_check_intercept+0x1b8/0xaf0
[  159.958138][T16246]  x86_decode_insn+0xb91/0x5530
[  159.959490][T16246]  ? vmx_segment_cache_test_set+0x14b/0x400
[  159.961088][T16246]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  159.962704][T16246]  ? __pfx_x86_decode_insn+0x10/0x10
[  159.964155][T16246]  ? vmx_cache_reg+0x333/0x5e0
[  159.965447][T16246]  ? kvm_register_read_raw+0xe9/0x240
[  159.967057][T16246]  ? init_decode_cache+0xd/0x210
[  159.968700][T16246]  ? init_emulate_ctxt+0x338/0x510
[  159.970196][T16246]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  159.971834][T16246]  ? kvm_multiple_exception+0x44a/0xb40
[  159.973305][T16246]  x86_emulate_instruction+0x975/0x1a50
[  159.974791][T16246]  handle_ud+0x104/0x280
[  159.975953][T16246]  ? __pfx_handle_ud+0x10/0x10
[  159.977603][T16246]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  159.979727][T16246]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  159.981977][T16246]  handle_exception_nmi+0x83e/0x1410
[  159.983827][T16246]  ? __pfx_handle_exception_nmi+0x10/0x10
[  159.985822][T16246]  vmx_handle_exit+0x733/0x1f70
[  159.987590][T16246]  vcpu_run+0x3047/0x4f50
[  159.989116][T16246]  ? __pfx___mutex_trylock_common+0x10/0x10
[  159.991158][T16246]  ? __pfx_vcpu_run+0x10/0x10
[  159.992801][T16246]  ? rcu_is_watching+0x12/0xc0
[  159.994483][T16246]  ? trace_lock_acquire+0x146/0x1e0
[  159.996357][T16246]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  159.998502][T16246]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  160.000511][T16246]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  160.002488][T16246]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  160.004408][T16246]  kvm_vcpu_ioctl+0x6c7/0x1520
[  160.006049][T16246]  ? do_vfs_ioctl+0x513/0x1990
[  160.007747][T16246]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  160.009569][T16246]  ? preempt_count_add+0x76/0x150
[  160.011306][T16246]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  160.013483][T16246]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  160.015973][T16246]  ? __pfx_lock_release+0x10/0x10
[  160.017888][T16246]  ? __fget_files+0x40/0x3a0
[  160.019262][T16246]  ? selinux_file_ioctl+0x180/0x270
[  160.020767][T16246]  ? selinux_file_ioctl+0xb4/0x270
[  160.022618][T16246]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  160.024205][T16246]  __x64_sys_ioctl+0x190/0x200
[  160.025557][T16246]  do_syscall_64+0xcd/0x250
[  160.027120][T16246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.029234][T16246] RIP: 0033:0x7f7fa757e819
[  160.030776][T16246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.037520][T16246] RSP: 002b:00007f7fa844b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.040081][T16246] RAX: ffffffffffffffda RBX: 00007f7fa7735fa0 RCX: 00007f7fa757e819
[  160.042318][T16246] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  160.044821][T16246] RBP: 00007f7fa844b090 R08: 0000000000000000 R09: 0000000000000000
[  160.046945][T16246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.049060][T16246] R13: 0000000000000000 R14: 00007f7fa7735fa0 R15: 00007ffc873d3628
[  160.051177][T16246]  </TASK>
[  160.073026][T16258] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3537'.
[  160.075737][T16258] netem: invalid attributes len -16
[  160.158789][T16266] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3539'.
[  160.170319][T16266] hfsplus: unable to find HFS+ superblock
[  160.173134][T16266] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3539'.
[  160.178322][T16276] netdevsim netdevsim6 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  160.181340][T16276] netdevsim netdevsim6 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  160.184267][T16276] netdevsim netdevsim6 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  160.187194][T16276] netdevsim netdevsim6 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  160.189766][T16276] netdevsim netdevsim6 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  160.192263][T16276] netdevsim netdevsim6 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  160.194365][T16276] netdevsim netdevsim6 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  160.198071][T16276] netdevsim netdevsim6 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  160.200662][T16276] geneve2: entered promiscuous mode
[  160.202562][T16276] geneve2: entered allmulticast mode
[  160.371306][T16292] FAULT_INJECTION: forcing a failure.
[  160.371306][T16292] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.374745][T16292] CPU: 2 UID: 0 PID: 16292 Comm: syz.5.3548 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  160.377471][T16292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  160.380357][T16292] Call Trace:
[  160.381256][T16292]  <TASK>
[  160.382076][T16292]  dump_stack_lvl+0x16c/0x1f0
[  160.383341][T16292]  should_fail_ex+0x497/0x5b0
[  160.384629][T16292]  __kvm_read_guest_page+0x16b/0x210
[  160.386312][T16292]  kvm_fetch_guest_virt+0x128/0x1a0
[  160.387719][T16292]  __do_insn_fetch_bytes+0x420/0x6d0
[  160.389143][T16292]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  160.390693][T16292]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  160.392294][T16292]  ? vmx_check_intercept+0x1b8/0xaf0
[  160.393722][T16292]  x86_decode_insn+0xb91/0x5530
[  160.395020][T16292]  ? vmx_segment_cache_test_set+0x14b/0x400
[  160.396636][T16292]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  160.398217][T16292]  ? __pfx_x86_decode_insn+0x10/0x10
[  160.399635][T16292]  ? vmx_cache_reg+0x333/0x5e0
[  160.400935][T16292]  ? kvm_register_read_raw+0xe9/0x240
[  160.402364][T16292]  ? init_decode_cache+0xd/0x210
[  160.403702][T16292]  ? init_emulate_ctxt+0x338/0x510
[  160.405234][T16292]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  160.406782][T16292]  ? kvm_multiple_exception+0x44a/0xb40
[  160.408336][T16292]  x86_emulate_instruction+0x975/0x1a50
[  160.409862][T16292]  handle_ud+0x104/0x280
[  160.410992][T16292]  ? __pfx_handle_ud+0x10/0x10
[  160.412287][T16292]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  160.414021][T16292]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  160.415745][T16292]  handle_exception_nmi+0x83e/0x1410
[  160.417221][T16292]  ? __pfx_handle_exception_nmi+0x10/0x10
[  160.418746][T16292]  vmx_handle_exit+0x733/0x1f70
[  160.420071][T16292]  vcpu_run+0x3047/0x4f50
[  160.421253][T16292]  ? __pfx___mutex_trylock_common+0x10/0x10
[  160.422859][T16292]  ? __pfx_vcpu_run+0x10/0x10
[  160.424176][T16292]  ? rcu_is_watching+0x12/0xc0
[  160.425453][T16292]  ? trace_lock_acquire+0x146/0x1e0
[  160.426820][T16292]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  160.428422][T16292]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  160.429917][T16292]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  160.431418][T16292]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  160.432999][T16292]  kvm_vcpu_ioctl+0x6c7/0x1520
[  160.434285][T16292]  ? do_vfs_ioctl+0x513/0x1990
[  160.435639][T16292]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  160.437019][T16292]  ? preempt_count_add+0x76/0x150
[  160.438364][T16292]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  160.440090][T16292]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  160.441860][T16292]  ? __pfx_lock_release+0x10/0x10
[  160.443182][T16292]  ? __fget_files+0x40/0x3a0
[  160.444462][T16292]  ? selinux_file_ioctl+0x180/0x270
[  160.445825][T16292]  ? selinux_file_ioctl+0xb4/0x270
[  160.447161][T16292]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  160.448543][T16292]  __x64_sys_ioctl+0x190/0x200
[  160.449803][T16292]  do_syscall_64+0xcd/0x250
[  160.451037][T16292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.452620][T16292] RIP: 0033:0x7f4df617e819
[  160.453829][T16292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.458927][T16292] RSP: 002b:00007f4df6f56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.461186][T16292] RAX: ffffffffffffffda RBX: 00007f4df6335fa0 RCX: 00007f4df617e819
[  160.463399][T16292] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  160.465672][T16292] RBP: 00007f4df6f56090 R08: 0000000000000000 R09: 0000000000000000
[  160.467877][T16292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.470074][T16292] R13: 0000000000000000 R14: 00007f4df6335fa0 R15: 00007ffc4f4c08d8
[  160.472281][T16292]  </TASK>
[  160.473195][    C2] vkms_vblank_simulate: vblank timer overrun
[  160.499334][T16301] netlink: 'syz.1.3550': attribute type 178 has an invalid length.
[  160.597772][T16306] kvm: user requested TSC rate below hardware speed
[  160.601776][T16306] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  160.629111][   T39] audit: type=1400 audit(1732429289.585:834): avc:  denied  { watch watch_reads } for  pid=16309 comm="syz.5.3553" path="pipe:[73101]" dev="pipefs" ino=73101 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  160.636641][   T39] audit: type=1400 audit(1732429289.585:835): avc:  denied  { relabelfrom } for  pid=16309 comm="syz.5.3553" name="" dev="pipefs" ino=73102 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  160.679359][T16322] netlink: 'syz.6.3558': attribute type 1 has an invalid length.
[  160.681227][T16322] netlink: 'syz.6.3558': attribute type 1 has an invalid length.
[  160.683984][   T39] audit: type=1400 audit(1732429289.635:836): avc:  denied  { write } for  pid=16321 comm="syz.6.3558" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  160.725148][T16332] bond1: entered promiscuous mode
[  160.726507][T16332] bond1: entered allmulticast mode
[  160.727928][T16332] 8021q: adding VLAN 0 to HW filter on device bond1
[  160.734271][T16332] bond1 (unregistering): Released all slaves
[  160.745756][T16333] FAULT_INJECTION: forcing a failure.
[  160.745756][T16333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.749507][T16333] CPU: 2 UID: 0 PID: 16333 Comm: syz.6.3563 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  160.752061][T16333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  160.754754][T16333] Call Trace:
[  160.755598][T16333]  <TASK>
[  160.756350][T16333]  dump_stack_lvl+0x16c/0x1f0
[  160.757525][T16333]  should_fail_ex+0x497/0x5b0
[  160.758708][T16333]  __kvm_read_guest_page+0x16b/0x210
[  160.760067][T16333]  kvm_fetch_guest_virt+0x128/0x1a0
[  160.761327][T16333]  __do_insn_fetch_bytes+0x420/0x6d0
[  160.762659][T16333]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  160.764204][T16333]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  160.765754][T16333]  ? vmx_check_intercept+0x1b8/0xaf0
[  160.767079][T16333]  x86_decode_insn+0xb91/0x5530
[  160.768341][T16333]  ? vmx_segment_cache_test_set+0x14b/0x400
[  160.769812][T16333]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  160.771278][T16333]  ? __pfx_x86_decode_insn+0x10/0x10
[  160.772626][T16333]  ? vmx_cache_reg+0x333/0x5e0
[  160.773889][T16333]  ? kvm_register_read_raw+0xe9/0x240
[  160.775315][T16333]  ? init_decode_cache+0xd/0x210
[  160.776565][T16333]  ? init_emulate_ctxt+0x338/0x510
[  160.777865][T16333]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  160.779262][T16333]  ? kvm_multiple_exception+0x44a/0xb40
[  160.780708][T16333]  x86_emulate_instruction+0x975/0x1a50
[  160.782223][T16333]  handle_ud+0x104/0x280
[  160.783367][T16333]  ? __pfx_handle_ud+0x10/0x10
[  160.784590][T16333]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  160.786099][T16333]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  160.787676][T16333]  handle_exception_nmi+0x83e/0x1410
[  160.789023][T16333]  ? __pfx_handle_exception_nmi+0x10/0x10
[  160.790440][T16333]  vmx_handle_exit+0x733/0x1f70
[  160.791695][T16333]  vcpu_run+0x3047/0x4f50
[  160.792825][T16333]  ? __pfx___mutex_trylock_common+0x10/0x10
[  160.794388][T16333]  ? __pfx_vcpu_run+0x10/0x10
[  160.795591][T16333]  ? rcu_is_watching+0x12/0xc0
[  160.796813][T16333]  ? trace_lock_acquire+0x146/0x1e0
[  160.798150][T16333]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  160.799692][T16333]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  160.801160][T16333]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  160.802579][T16333]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  160.803986][T16333]  kvm_vcpu_ioctl+0x6c7/0x1520
[  160.805204][T16333]  ? do_vfs_ioctl+0x513/0x1990
[  160.806446][T16333]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  160.807758][T16333]  ? preempt_count_add+0x76/0x150
[  160.809039][T16333]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  160.810668][T16333]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  160.812361][T16333]  ? __pfx_lock_release+0x10/0x10
[  160.813639][T16333]  ? __fget_files+0x40/0x3a0
[  160.814821][T16333]  ? selinux_file_ioctl+0x180/0x270
[  160.816150][T16333]  ? selinux_file_ioctl+0xb4/0x270
[  160.817465][T16333]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  160.818820][T16333]  __x64_sys_ioctl+0x190/0x200
[  160.819990][T16333]  do_syscall_64+0xcd/0x250
[  160.821139][T16333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.822638][T16333] RIP: 0033:0x7fca81b7e819
[  160.823759][T16333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.828435][T16333] RSP: 002b:00007fca828cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.830467][T16333] RAX: ffffffffffffffda RBX: 00007fca81d35fa0 RCX: 00007fca81b7e819
[  160.832429][T16333] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  160.834365][T16333] RBP: 00007fca828cd090 R08: 0000000000000000 R09: 0000000000000000
[  160.836393][T16333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.838393][T16333] R13: 0000000000000000 R14: 00007fca81d35fa0 R15: 00007ffd43faca98
[  160.840374][T16333]  </TASK>
[  160.841250][    C2] vkms_vblank_simulate: vblank timer overrun
[  160.953952][   T39] audit: type=1400 audit(1732429289.905:837): avc:  denied  { create } for  pid=16341 comm="syz.6.3565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  160.958730][   T39] audit: type=1400 audit(1732429289.915:838): avc:  denied  { connect } for  pid=16341 comm="syz.6.3565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  161.005308][T16350] overlayfs: missing 'lowerdir'
[  161.055628][   T39] audit: type=1400 audit(1732429290.015:839): avc:  denied  { getopt } for  pid=16356 comm="syz.7.3571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  161.119161][T16361] FAULT_INJECTION: forcing a failure.
[  161.119161][T16361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.123091][T16361] CPU: 3 UID: 0 PID: 16361 Comm: syz.7.3572 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  161.126645][T16361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.130223][T16361] Call Trace:
[  161.131201][T16361]  <TASK>
[  161.132095][T16361]  dump_stack_lvl+0x16c/0x1f0
[  161.133423][T16361]  should_fail_ex+0x497/0x5b0
[  161.134700][T16361]  __kvm_read_guest_page+0x16b/0x210
[  161.136125][T16361]  kvm_fetch_guest_virt+0x128/0x1a0
[  161.137647][T16361]  __do_insn_fetch_bytes+0x420/0x6d0
[  161.139223][T16361]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  161.141021][T16361]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  161.142724][T16361]  ? vmx_check_intercept+0x1b8/0xaf0
[  161.144251][T16361]  x86_decode_insn+0xb91/0x5530
[  161.145835][T16361]  ? vmx_segment_cache_test_set+0x14b/0x400
[  161.147563][T16361]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  161.149360][T16361]  ? __pfx_x86_decode_insn+0x10/0x10
[  161.150980][T16361]  ? vmx_cache_reg+0x333/0x5e0
[  161.152380][T16361]  ? kvm_register_read_raw+0xe9/0x240
[  161.153570][T16368] 9pnet: Could not find request transport: fdlrfdno=nͽÓSTZM@ª—!BД†­0å…
[  161.153926][T16361]  ? init_decode_cache+0xd/0x210
[  161.157615][T16361]  ? init_emulate_ctxt+0x338/0x510
[  161.159643][T16361]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  161.161485][T16361]  ? kvm_multiple_exception+0x44a/0xb40
[  161.163078][T16361]  x86_emulate_instruction+0x975/0x1a50
[  161.164618][T16361]  handle_ud+0x104/0x280
[  161.165831][T16361]  ? __pfx_handle_ud+0x10/0x10
[  161.167222][T16361]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  161.168963][T16361]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  161.170784][T16361]  handle_exception_nmi+0x83e/0x1410
[  161.172339][T16361]  ? __pfx_handle_exception_nmi+0x10/0x10
[  161.173982][T16361]  vmx_handle_exit+0x733/0x1f70
[  161.175575][T16361]  vcpu_run+0x3047/0x4f50
[  161.176991][T16361]  ? __pfx___mutex_trylock_common+0x10/0x10
[  161.178951][T16361]  ? __pfx_vcpu_run+0x10/0x10
[  161.180319][T16361]  ? rcu_is_watching+0x12/0xc0
[  161.181909][T16361]  ? trace_lock_acquire+0x146/0x1e0
[  161.183401][T16361]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  161.185130][T16361]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  161.186773][T16361]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  161.188537][T16361]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  161.190131][T16361]  kvm_vcpu_ioctl+0x6c7/0x1520
[  161.191564][T16361]  ? do_vfs_ioctl+0x513/0x1990
[  161.192958][T16361]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  161.194459][T16361]  ? preempt_count_add+0x76/0x150
[  161.195921][T16361]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  161.197805][T16361]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  161.199790][T16361]  ? __pfx_lock_release+0x10/0x10
[  161.201294][T16361]  ? __fget_files+0x40/0x3a0
[  161.202642][T16361]  ? selinux_file_ioctl+0x180/0x270
[  161.204147][T16361]  ? selinux_file_ioctl+0xb4/0x270
[  161.205630][T16361]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  161.207118][T16361]  __x64_sys_ioctl+0x190/0x200
[  161.208913][T16361]  do_syscall_64+0xcd/0x250
[  161.210279][T16361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.212054][T16361] RIP: 0033:0x7ff80457e819
[  161.213367][T16361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.219188][T16361] RSP: 002b:00007ff8053e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.222081][T16361] RAX: ffffffffffffffda RBX: 00007ff804735fa0 RCX: 00007ff80457e819
[  161.224349][T16361] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  161.226880][T16361] RBP: 00007ff8053e8090 R08: 0000000000000000 R09: 0000000000000000
[  161.229165][T16361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  161.231460][T16361] R13: 0000000000000000 R14: 00007ff804735fa0 R15: 00007ffc2aa2bf28
[  161.233768][T16361]  </TASK>
[  161.490638][   T39] audit: type=1400 audit(1732429290.445:840): avc:  denied  { append } for  pid=16395 comm="syz.1.3583" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  161.568822][T16401] FAULT_INJECTION: forcing a failure.
[  161.568822][T16401] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.573187][T16401] CPU: 0 UID: 0 PID: 16401 Comm: syz.1.3584 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  161.575950][T16401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.578777][T16401] Call Trace:
[  161.579694][T16401]  <TASK>
[  161.580551][T16401]  dump_stack_lvl+0x16c/0x1f0
[  161.581899][T16401]  should_fail_ex+0x497/0x5b0
[  161.583238][T16401]  __kvm_read_guest_page+0x16b/0x210
[  161.584652][T16401]  kvm_fetch_guest_virt+0x128/0x1a0
[  161.586014][T16401]  __do_insn_fetch_bytes+0x420/0x6d0
[  161.587427][T16401]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  161.588952][T16401]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  161.590543][T16401]  ? vmx_check_intercept+0x1b8/0xaf0
[  161.591981][T16401]  x86_decode_insn+0xb91/0x5530
[  161.593274][T16401]  ? vmx_segment_cache_test_set+0x14b/0x400
[  161.594845][T16401]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  161.596441][T16401]  ? __pfx_x86_decode_insn+0x10/0x10
[  161.597848][T16401]  ? vmx_cache_reg+0x333/0x5e0
[  161.599145][T16401]  ? kvm_register_read_raw+0xe9/0x240
[  161.600717][T16401]  ? init_decode_cache+0xd/0x210
[  161.602091][T16401]  ? init_emulate_ctxt+0x338/0x510
[  161.603543][T16401]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  161.605090][T16401]  ? kvm_multiple_exception+0x44a/0xb40
[  161.606556][T16401]  x86_emulate_instruction+0x975/0x1a50
[  161.608033][T16401]  handle_ud+0x104/0x280
[  161.609171][T16401]  ? __pfx_handle_ud+0x10/0x10
[  161.610432][T16401]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  161.611996][T16401]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  161.613647][T16401]  handle_exception_nmi+0x83e/0x1410
[  161.615068][T16401]  ? __pfx_handle_exception_nmi+0x10/0x10
[  161.616611][T16401]  vmx_handle_exit+0x733/0x1f70
[  161.617920][T16401]  vcpu_run+0x3047/0x4f50
[  161.619070][T16401]  ? __pfx___mutex_trylock_common+0x10/0x10
[  161.620637][T16401]  ? __pfx_vcpu_run+0x10/0x10
[  161.621909][T16401]  ? rcu_is_watching+0x12/0xc0
[  161.623167][T16401]  ? trace_lock_acquire+0x146/0x1e0
[  161.624569][T16401]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  161.626252][T16401]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  161.627783][T16401]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  161.629284][T16401]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  161.630797][T16401]  kvm_vcpu_ioctl+0x6c7/0x1520
[  161.632486][T16401]  ? do_vfs_ioctl+0x513/0x1990
[  161.634029][T16401]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  161.635427][T16401]  ? preempt_count_add+0x76/0x150
[  161.636820][T16401]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  161.638556][T16401]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  161.640505][T16401]  ? __pfx_lock_release+0x10/0x10
[  161.641923][T16401]  ? __fget_files+0x40/0x3a0
[  161.643177][T16401]  ? selinux_file_ioctl+0x180/0x270
[  161.644616][T16401]  ? selinux_file_ioctl+0xb4/0x270
[  161.645972][T16401]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  161.647343][T16401]  __x64_sys_ioctl+0x190/0x200
[  161.648627][T16401]  do_syscall_64+0xcd/0x250
[  161.649859][T16401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.651683][T16401] RIP: 0033:0x7f7fa757e819
[  161.652875][T16401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.657891][T16401] RSP: 002b:00007f7fa844b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.660160][T16401] RAX: ffffffffffffffda RBX: 00007f7fa7735fa0 RCX: 00007f7fa757e819
[  161.662476][T16401] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  161.664620][T16401] RBP: 00007f7fa844b090 R08: 0000000000000000 R09: 0000000000000000
[  161.666697][T16401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  161.668787][T16401] R13: 0000000000000000 R14: 00007f7fa7735fa0 R15: 00007ffc873d3628
[  161.671154][T16401]  </TASK>
[  161.851437][T16434] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3599'.
[  161.924352][T16443] FAULT_INJECTION: forcing a failure.
[  161.924352][T16443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.928711][T16443] CPU: 3 UID: 0 PID: 16443 Comm: syz.6.3602 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  161.931541][T16443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.934592][T16443] Call Trace:
[  161.935489][T16443]  <TASK>
[  161.936271][T16443]  dump_stack_lvl+0x16c/0x1f0
[  161.937515][T16443]  should_fail_ex+0x497/0x5b0
[  161.938795][T16443]  __kvm_read_guest_page+0x16b/0x210
[  161.940216][T16443]  kvm_fetch_guest_virt+0x128/0x1a0
[  161.941572][T16443]  __do_insn_fetch_bytes+0x420/0x6d0
[  161.943059][T16443]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  161.944703][T16443]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  161.946295][T16443]  ? vmx_check_intercept+0x1b8/0xaf0
[  161.947693][T16443]  x86_decode_insn+0xb91/0x5530
[  161.949009][T16443]  ? vmx_segment_cache_test_set+0x14b/0x400
[  161.950660][T16443]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  161.952312][T16443]  ? __pfx_x86_decode_insn+0x10/0x10
[  161.953799][T16443]  ? vmx_cache_reg+0x333/0x5e0
[  161.955092][T16443]  ? kvm_register_read_raw+0xe9/0x240
[  161.956520][T16443]  ? init_decode_cache+0xd/0x210
[  161.957850][T16443]  ? init_emulate_ctxt+0x338/0x510
[  161.959238][T16443]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  161.960673][T16443]  ? kvm_multiple_exception+0x44a/0xb40
[  161.962198][T16443]  x86_emulate_instruction+0x975/0x1a50
[  161.963770][T16443]  handle_ud+0x104/0x280
[  161.965037][T16443]  ? __pfx_handle_ud+0x10/0x10
[  161.966320][T16443]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  161.968034][T16443]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  161.969851][T16443]  handle_exception_nmi+0x83e/0x1410
[  161.971360][T16443]  ? __pfx_handle_exception_nmi+0x10/0x10
[  161.973052][T16443]  vmx_handle_exit+0x733/0x1f70
[  161.974912][T16443]  vcpu_run+0x3047/0x4f50
[  161.976100][T16443]  ? bpf_trace_run1+0x29e/0x580
[  161.977404][T16443]  ? __pfx___mutex_trylock_common+0x10/0x10
[  161.978989][T16443]  ? __pfx_vcpu_run+0x10/0x10
[  161.980307][T16443]  ? rcu_is_watching+0x12/0xc0
[  161.981620][T16443]  ? trace_lock_acquire+0x146/0x1e0
[  161.983139][T16443]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  161.984749][T16443]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  161.986271][T16443]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  161.988098][T16443]  kvm_vcpu_ioctl+0x6c7/0x1520
[  161.989406][T16443]  ? do_vfs_ioctl+0x513/0x1990
[  161.990728][T16443]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  161.992493][T16443]  ? preempt_count_add+0x76/0x150
[  161.993942][T16443]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  161.995722][T16443]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  161.997598][T16443]  ? __pfx_lock_release+0x10/0x10
[  161.998994][T16443]  ? __fget_files+0x40/0x3a0
[  162.000262][T16443]  ? selinux_file_ioctl+0x180/0x270
[  162.001701][T16443]  ? selinux_file_ioctl+0xb4/0x270
[  162.003082][T16443]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  162.004506][T16443]  __x64_sys_ioctl+0x190/0x200
[  162.005807][T16443]  do_syscall_64+0xcd/0x250
[  162.007049][T16443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.008623][T16443] RIP: 0033:0x7fca81b7e819
[  162.009800][T16443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.014952][T16443] RSP: 002b:00007fca828cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.014958][ T5306] Bluetooth: hci3: command tx timeout
[  162.017289][T16443] RAX: ffffffffffffffda RBX: 00007fca81d35fa0 RCX: 00007fca81b7e819
[  162.017301][T16443] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  162.017308][T16443] RBP: 00007fca828cd090 R08: 0000000000000000 R09: 0000000000000000
[  162.017314][T16443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  162.017320][T16443] R13: 0000000000000000 R14: 00007fca81d35fa0 R15: 00007ffd43faca98
[  162.017330][T16443]  </TASK>
[  162.051167][T16449] IPv6: NLM_F_CREATE should be specified when creating new route
[  162.180686][T16462] Bluetooth: MGMT ver 1.23
[  162.266099][T16475] FAULT_INJECTION: forcing a failure.
[  162.266099][T16475] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.269864][T16475] CPU: 0 UID: 0 PID: 16475 Comm: syz.5.3615 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  162.272849][T16475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.276258][T16475] Call Trace:
[  162.277374][T16475]  <TASK>
[  162.278245][T16475]  dump_stack_lvl+0x16c/0x1f0
[  162.279629][T16475]  should_fail_ex+0x497/0x5b0
[  162.280998][T16475]  __kvm_read_guest_page+0x16b/0x210
[  162.282538][T16475]  kvm_fetch_guest_virt+0x128/0x1a0
[  162.284055][T16475]  __do_insn_fetch_bytes+0x420/0x6d0
[  162.285588][T16475]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  162.287272][T16475]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  162.288998][T16475]  ? vmx_check_intercept+0x1b8/0xaf0
[  162.290535][T16475]  x86_decode_insn+0xb91/0x5530
[  162.292240][T16475]  ? vmx_segment_cache_test_set+0x14b/0x400
[  162.293965][T16475]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  162.295698][T16475]  ? __pfx_x86_decode_insn+0x10/0x10
[  162.297224][T16475]  ? vmx_cache_reg+0x333/0x5e0
[  162.298630][T16475]  ? kvm_register_read_raw+0xe9/0x240
[  162.300203][T16475]  ? init_decode_cache+0xd/0x210
[  162.301644][T16475]  ? init_emulate_ctxt+0x338/0x510
[  162.303136][T16475]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  162.304726][T16475]  ? kvm_multiple_exception+0x44a/0xb40
[  162.306453][T16475]  x86_emulate_instruction+0x975/0x1a50
[  162.308096][T16475]  handle_ud+0x104/0x280
[  162.309348][T16475]  ? __pfx_handle_ud+0x10/0x10
[  162.310758][T16475]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  162.312495][T16475]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  162.314292][T16475]  handle_exception_nmi+0x83e/0x1410
[  162.315890][T16475]  ? __pfx_handle_exception_nmi+0x10/0x10
[  162.317545][T16475]  vmx_handle_exit+0x733/0x1f70
[  162.318981][T16475]  vcpu_run+0x3047/0x4f50
[  162.320260][T16475]  ? __pfx___mutex_trylock_common+0x10/0x10
[  162.321967][T16475]  ? __pfx_vcpu_run+0x10/0x10
[  162.323336][T16475]  ? rcu_is_watching+0x12/0xc0
[  162.324740][T16475]  ? trace_lock_acquire+0x146/0x1e0
[  162.326256][T16475]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  162.328405][T16475]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  162.330156][T16475]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  162.332025][T16475]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  162.333850][T16475]  kvm_vcpu_ioctl+0x6c7/0x1520
[  162.335238][T16475]  ? do_vfs_ioctl+0x513/0x1990
[  162.336662][T16475]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  162.338206][T16475]  ? preempt_count_add+0x76/0x150
[  162.339700][T16475]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  162.341573][T16475]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  162.343539][T16475]  ? __pfx_lock_release+0x10/0x10
[  162.345020][T16475]  ? __fget_files+0x40/0x3a0
[  162.346372][T16475]  ? selinux_file_ioctl+0x180/0x270
[  162.347896][T16475]  ? selinux_file_ioctl+0xb4/0x270
[  162.349376][T16475]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  162.350897][T16475]  __x64_sys_ioctl+0x190/0x200
[  162.352366][T16475]  do_syscall_64+0xcd/0x250
[  162.353686][T16475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.355406][T16475] RIP: 0033:0x7f4df617e819
[  162.356716][T16475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.362216][T16475] RSP: 002b:00007f4df6f56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.364606][T16475] RAX: ffffffffffffffda RBX: 00007f4df6335fa0 RCX: 00007f4df617e819
[  162.366900][T16475] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  162.369195][T16475] RBP: 00007f4df6f56090 R08: 0000000000000000 R09: 0000000000000000
[  162.371900][T16475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  162.374280][T16475] R13: 0000000000000000 R14: 00007f4df6335fa0 R15: 00007ffc4f4c08d8
[  162.376555][T16475]  </TASK>
[  162.453965][T16489] netlink: 168 bytes leftover after parsing attributes in process `syz.6.3622'.
[  162.542307][T16503] vlan3: entered allmulticast mode
[  162.544592][T16503] bridge0: port 3(vlan3) entered blocking state
[  162.547040][T16503] bridge0: port 3(vlan3) entered disabled state
[  162.549405][T16503] vlan3: entered promiscuous mode
[  162.551043][T16503] bridge0: port 3(vlan3) entered blocking state
[  162.552932][T16503] bridge0: port 3(vlan3) entered listening state
[  162.606610][T16506] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  162.704442][T16518] FAULT_INJECTION: forcing a failure.
[  162.704442][T16518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.707159][T16520] input: syz0 as /devices/virtual/input/input35
[  162.709043][T16518] CPU: 0 UID: 0 PID: 16518 Comm: syz.6.3632 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  162.714197][T16518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.714213][T16518] Call Trace:
[  162.714218][T16518]  <TASK>
[  162.714225][T16518]  dump_stack_lvl+0x16c/0x1f0
[  162.721065][T16518]  should_fail_ex+0x497/0x5b0
[  162.722694][T16518]  __kvm_read_guest_page+0x16b/0x210
[  162.724573][T16518]  kvm_fetch_guest_virt+0x128/0x1a0
[  162.726366][T16518]  __do_insn_fetch_bytes+0x420/0x6d0
[  162.728196][T16518]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  162.730170][T16518]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  162.732181][T16518]  ? vmx_check_intercept+0x1b8/0xaf0
[  162.733972][T16518]  x86_decode_insn+0xb91/0x5530
[  162.735645][T16518]  ? vmx_segment_cache_test_set+0x14b/0x400
[  162.737643][T16518]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  162.739674][T16518]  ? __pfx_x86_decode_insn+0x10/0x10
[  162.741242][T16518]  ? vmx_cache_reg+0x333/0x5e0
[  162.742624][T16518]  ? kvm_register_read_raw+0xe9/0x240
[  162.744190][T16518]  ? init_decode_cache+0xd/0x210
[  162.745631][T16518]  ? init_emulate_ctxt+0x338/0x510
[  162.747115][T16518]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  162.748776][T16518]  ? kvm_multiple_exception+0x44a/0xb40
[  162.750496][T16518]  x86_emulate_instruction+0x975/0x1a50
[  162.752193][T16518]  handle_ud+0x104/0x280
[  162.753454][T16518]  ? __pfx_handle_ud+0x10/0x10
[  162.754866][T16518]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  162.756747][T16518]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  162.758575][T16518]  handle_exception_nmi+0x83e/0x1410
[  162.760138][T16518]  ? __pfx_handle_exception_nmi+0x10/0x10
[  162.761819][T16518]  vmx_handle_exit+0x733/0x1f70
[  162.763332][T16518]  vcpu_run+0x3047/0x4f50
[  162.764610][T16518]  ? __pfx___mutex_trylock_common+0x10/0x10
[  162.766325][T16518]  ? __pfx_vcpu_run+0x10/0x10
[  162.767698][T16518]  ? rcu_is_watching+0x12/0xc0
[  162.769096][T16518]  ? trace_lock_acquire+0x146/0x1e0
[  162.770620][T16518]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  162.772380][T16518]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  162.774042][T16518]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  162.775733][T16518]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  162.777341][T16518]  kvm_vcpu_ioctl+0x6c7/0x1520
[  162.778744][T16518]  ? do_vfs_ioctl+0x513/0x1990
[  162.780162][T16518]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  162.781670][T16518]  ? preempt_count_add+0x76/0x150
[  162.783125][T16518]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  162.784999][T16518]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  162.786952][T16518]  ? __pfx_lock_release+0x10/0x10
[  162.788414][T16518]  ? __fget_files+0x40/0x3a0
[  162.789750][T16518]  ? selinux_file_ioctl+0x180/0x270
[  162.791244][T16518]  ? selinux_file_ioctl+0xb4/0x270
[  162.792732][T16518]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  162.794239][T16518]  __x64_sys_ioctl+0x190/0x200
[  162.795637][T16518]  do_syscall_64+0xcd/0x250
[  162.796963][T16518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.798675][T16518] RIP: 0033:0x7fca81b7e819
[  162.799998][T16518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.805749][T16518] RSP: 002b:00007fca828cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.808145][T16518] RAX: ffffffffffffffda RBX: 00007fca81d35fa0 RCX: 00007fca81b7e819
[  162.810272][T16518] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  162.812596][T16518] RBP: 00007fca828cd090 R08: 0000000000000000 R09: 0000000000000000
[  162.814708][T16518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  162.817003][T16518] R13: 0000000000000000 R14: 00007fca81d35fa0 R15: 00007ffd43faca98
[  162.819195][T16518]  </TASK>
[  162.866602][   T39] kauditd_printk_skb: 25 callbacks suppressed
[  162.866613][   T39] audit: type=1400 audit(1732429291.825:866): avc:  denied  { setopt } for  pid=16524 comm="syz.5.3634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  162.888772][T16526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.892621][T16526] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.936253][   T39] audit: type=1400 audit(1732429291.895:867): avc:  denied  { write } for  pid=16524 comm="syz.5.3634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  162.963132][T16533] x86/PAT: syz.1.3637:16533 freeing invalid memtype [mem 0xfed00000-0xfed00fff]
[  162.968851][T16532] x86/PAT: syz.1.3637:16532 freeing invalid memtype [mem 0xfed00000-0xfed00fff]
[  162.984670][T16538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3639'.
[  163.065596][T16549] x_tables: ip_tables: TCPMSS target: only valid for protocol 6
[  163.110024][   T39] audit: type=1400 audit(1732429292.065:868): avc:  denied  { read } for  pid=16557 comm="syz.1.3646" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  163.120949][T16558] fuse: Unknown parameter 'dd'
[  163.122955][T16558] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3646'.
[  163.203315][T16566] FAULT_INJECTION: forcing a failure.
[  163.203315][T16566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.208315][T16566] CPU: 0 UID: 0 PID: 16566 Comm: syz.1.3648 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  163.211705][T16566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.214612][T16566] Call Trace:
[  163.215967][T16566]  <TASK>
[  163.216823][T16566]  dump_stack_lvl+0x16c/0x1f0
[  163.218296][T16566]  should_fail_ex+0x497/0x5b0
[  163.219677][T16566]  __kvm_read_guest_page+0x16b/0x210
[  163.221409][T16566]  kvm_fetch_guest_virt+0x128/0x1a0
[  163.222860][T16566]  __do_insn_fetch_bytes+0x420/0x6d0
[  163.223912][T16573] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3651'.
[  163.224387][T16566]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  163.228500][T16566]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  163.230430][T16566]  ? vmx_check_intercept+0x1b8/0xaf0
[  163.232130][T16566]  x86_decode_insn+0xb91/0x5530
[  163.233524][T16566]  ? vmx_segment_cache_test_set+0x14b/0x400
[  163.235135][T16566]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  163.236807][T16566]  ? __pfx_x86_decode_insn+0x10/0x10
[  163.238284][T16566]  ? vmx_cache_reg+0x333/0x5e0
[  163.239655][T16566]  ? kvm_register_read_raw+0xe9/0x240
[  163.239996][ T5957] libceph: connect (1)[c::]:6789 error -101
[  163.241238][T16566]  ? init_decode_cache+0xd/0x210
[  163.242955][ T5957] libceph: mon0 (1)[c::]:6789 connect error
[  163.244201][T16566]  ? init_emulate_ctxt+0x338/0x510
[  163.247201][T16566]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  163.248729][T16566]  ? kvm_multiple_exception+0x44a/0xb40
[  163.250401][T16566]  x86_emulate_instruction+0x975/0x1a50
[  163.252090][T16566]  handle_ud+0x104/0x280
[  163.253322][T16566]  ? __pfx_handle_ud+0x10/0x10
[  163.254680][T16566]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  163.256748][T16566]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  163.258600][T16566]  handle_exception_nmi+0x83e/0x1410
[  163.260274][T16566]  ? __pfx_handle_exception_nmi+0x10/0x10
[  163.262063][T16566]  vmx_handle_exit+0x733/0x1f70
[  163.263563][T16566]  vcpu_run+0x3047/0x4f50
[  163.264775][T16566]  ? __pfx___mutex_trylock_common+0x10/0x10
[  163.266439][T16566]  ? __pfx_vcpu_run+0x10/0x10
[  163.267760][T16566]  ? rcu_is_watching+0x12/0xc0
[  163.269067][T16566]  ? trace_lock_acquire+0x146/0x1e0
[  163.270726][T16566]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  163.272580][T16566]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  163.274385][T16566]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  163.276252][T16566]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  163.277826][T16566]  kvm_vcpu_ioctl+0x6c7/0x1520
[  163.279201][T16566]  ? do_vfs_ioctl+0x513/0x1990
[  163.280931][T16566]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  163.282449][T16566]  ? preempt_count_add+0x76/0x150
[  163.283856][T16566]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  163.285646][T16566]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  163.287543][T16566]  ? __pfx_lock_release+0x10/0x10
[  163.288954][T16566]  ? __fget_files+0x40/0x3a0
[  163.290507][T16566]  ? selinux_file_ioctl+0x180/0x270
[  163.292512][T16566]  ? selinux_file_ioctl+0xb4/0x270
[  163.293930][T16566]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  163.295432][T16566]  __x64_sys_ioctl+0x190/0x200
[  163.296800][T16566]  do_syscall_64+0xcd/0x250
[  163.298085][T16566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.299745][T16566] RIP: 0033:0x7f7fa757e819
[  163.301025][T16566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.306416][T16566] RSP: 002b:00007f7fa844b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.308736][T16566] RAX: ffffffffffffffda RBX: 00007f7fa7735fa0 RCX: 00007f7fa757e819
[  163.311011][T16566] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  163.313290][T16566] RBP: 00007f7fa844b090 R08: 0000000000000000 R09: 0000000000000000
[  163.315500][T16566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  163.317670][T16566] R13: 0000000000000000 R14: 00007f7fa7735fa0 R15: 00007ffc873d3628
[  163.319897][T16566]  </TASK>
[  163.411975][T16580] 9pnet_fd: p9_fd_create_unix (16580): problem connecting socket: ./file0: -111
[  163.472362][   T39] audit: type=1400 audit(1732429292.425:869): avc:  denied  { map } for  pid=16585 comm="syz.1.3655" path="socket:[75413]" dev="sockfs" ino=75413 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  163.479263][ T1219] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  163.515185][ T5957] libceph: connect (1)[c::]:6789 error -101
[  163.517132][ T5957] libceph: mon0 (1)[c::]:6789 connect error
[  163.558895][T16604] atomic_op ffff888028c89198 conn xmit_atomic 0000000000000000
[  163.563042][T16604] bridge0: entered promiscuous mode
[  163.564687][T16604] bridge0: entered allmulticast mode
[  163.567402][T16604] gadgetfs: Unknown parameter 'fd'
[  163.624463][T16606] FAULT_INJECTION: forcing a failure.
[  163.624463][T16606] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.629026][T16606] CPU: 2 UID: 0 PID: 16606 Comm: syz.1.3662 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  163.631815][T16606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.634681][T16606] Call Trace:
[  163.635848][T16606]  <TASK>
[  163.636673][T16606]  dump_stack_lvl+0x16c/0x1f0
[  163.638358][T16606]  should_fail_ex+0x497/0x5b0
[  163.639754][T16606]  __kvm_read_guest_page+0x16b/0x210
[  163.641182][T16606]  kvm_fetch_guest_virt+0x128/0x1a0
[  163.642574][T16606]  __do_insn_fetch_bytes+0x420/0x6d0
[  163.643994][T16606]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  163.645604][T16606]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  163.647187][T16606]  ? rcu_is_watching+0x12/0xc0
[  163.648743][T16606]  x86_decode_insn+0xb91/0x5530
[  163.650089][T16606]  ? vmx_cache_reg+0xbb/0x5e0
[  163.651362][T16606]  ? vmx_cache_reg+0x33b/0x5e0
[  163.652687][T16606]  ? __pfx_x86_decode_insn+0x10/0x10
[  163.654116][T16606]  ? vmx_cache_reg+0x333/0x5e0
[  163.655439][T16606]  ? kvm_register_read_raw+0xe9/0x240
[  163.656903][T16606]  ? init_decode_cache+0xd/0x210
[  163.658251][T16606]  ? init_emulate_ctxt+0x338/0x510
[  163.659668][T16606]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  163.661205][T16606]  ? kvm_multiple_exception+0x44a/0xb40
[  163.662764][T16606]  x86_emulate_instruction+0x975/0x1a50
[  163.664279][T16606]  handle_ud+0x104/0x280
[  163.665452][T16606]  ? __pfx_handle_ud+0x10/0x10
[  163.666730][T16606]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  163.668342][T16606]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  163.669984][T16606]  handle_exception_nmi+0x83e/0x1410
[  163.671428][T16606]  ? __pfx_handle_exception_nmi+0x10/0x10
[  163.673238][T16606]  vmx_handle_exit+0x733/0x1f70
[  163.674546][T16606]  vcpu_run+0x3047/0x4f50
[  163.675773][T16606]  ? __pfx___mutex_trylock_common+0x10/0x10
[  163.677392][T16606]  ? __pfx_vcpu_run+0x10/0x10
[  163.678692][T16606]  ? rcu_is_watching+0x12/0xc0
[  163.679979][T16606]  ? trace_lock_acquire+0x146/0x1e0
[  163.681404][T16606]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  163.683046][T16606]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  163.684893][T16606]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  163.686540][T16606]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  163.688214][T16606]  kvm_vcpu_ioctl+0x6c7/0x1520
[  163.689726][T16606]  ? do_vfs_ioctl+0x513/0x1990
[  163.691029][T16606]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  163.692448][T16606]  ? preempt_count_add+0x76/0x150
[  163.693803][T16606]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  163.695518][T16606]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  163.697302][T16606]  ? __pfx_lock_release+0x10/0x10
[  163.698673][T16606]  ? __fget_files+0x40/0x3a0
[  163.699926][T16606]  ? selinux_file_ioctl+0x180/0x270
[  163.701332][T16606]  ? selinux_file_ioctl+0xb4/0x270
[  163.702719][T16606]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  163.704156][T16606]  __x64_sys_ioctl+0x190/0x200
[  163.705480][T16606]  do_syscall_64+0xcd/0x250
[  163.706704][T16606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.708320][T16606] RIP: 0033:0x7f7fa757e819
[  163.709513][T16606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.714630][T16606] RSP: 002b:00007f7fa844b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.716840][T16606] RAX: ffffffffffffffda RBX: 00007f7fa7735fa0 RCX: 00007f7fa757e819
[  163.718988][T16606] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  163.721130][T16606] RBP: 00007f7fa844b090 R08: 0000000000000000 R09: 0000000000000000
[  163.723228][T16606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  163.725750][T16606] R13: 0000000000000000 R14: 00007f7fa7735fa0 R15: 00007ffc873d3628
[  163.728079][T16606]  </TASK>
[  163.729095][    C2] vkms_vblank_simulate: vblank timer overrun
[  163.841560][T16611] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  163.844786][T16611] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  163.848589][T16611] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  163.851772][T16611] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  163.889799][   T39] audit: type=1400 audit(1732429292.845:870): avc:  denied  { setopt } for  pid=16614 comm="syz.1.3666" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  163.931604][   T39] audit: type=1400 audit(1732429292.885:871): avc:  denied  { map } for  pid=16621 comm="syz.1.3668" path="socket:[76225]" dev="sockfs" ino=76225 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  163.937442][   T39] audit: type=1400 audit(1732429292.885:872): avc:  denied  { accept } for  pid=16621 comm="syz.1.3668" path="socket:[76225]" dev="sockfs" ino=76225 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  163.963660][   T39] audit: type=1400 audit(1732429292.915:873): avc:  denied  { connect } for  pid=16626 comm="syz.1.3670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  163.968674][   T39] audit: type=1400 audit(1732429292.915:874): avc:  denied  { map } for  pid=16626 comm="syz.1.3670" path="pipe:[73644]" dev="pipefs" ino=73644 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  164.025218][ T6195] libceph: connect (1)[c::]:6789 error -101
[  164.027483][ T6195] libceph: mon0 (1)[c::]:6789 connect error
[  164.033245][T16631] FAULT_INJECTION: forcing a failure.
[  164.033245][T16631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.037950][T16631] CPU: 0 UID: 0 PID: 16631 Comm: syz.1.3672 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  164.040934][T16631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.044160][T16631] Call Trace:
[  164.045099][T16631]  <TASK>
[  164.046141][T16631]  dump_stack_lvl+0x16c/0x1f0
[  164.047700][T16631]  should_fail_ex+0x497/0x5b0
[  164.049279][T16631]  __kvm_read_guest_page+0x16b/0x210
[  164.050783][T16631]  kvm_fetch_guest_virt+0x128/0x1a0
[  164.052556][T16631]  __do_insn_fetch_bytes+0x420/0x6d0
[  164.054112][T16631]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  164.056057][T16631]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.058065][T16631]  ? vmx_check_intercept+0x1b8/0xaf0
[  164.058552][T16574] ceph: No mds server is up or the cluster is laggy
[  164.059985][T16631]  x86_decode_insn+0xb91/0x5530
[  164.063843][T16631]  ? vmx_segment_cache_test_set+0x14b/0x400
[  164.065939][T16631]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.068018][T16631]  ? __pfx_x86_decode_insn+0x10/0x10
[  164.069890][T16631]  ? vmx_cache_reg+0x333/0x5e0
[  164.071493][T16631]  ? kvm_register_read_raw+0xe9/0x240
[  164.072986][T16631]  ? init_decode_cache+0xd/0x210
[  164.074439][T16631]  ? init_emulate_ctxt+0x338/0x510
[  164.075829][T16631]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  164.077347][T16631]  ? kvm_multiple_exception+0x44a/0xb40
[  164.078872][T16631]  x86_emulate_instruction+0x975/0x1a50
[  164.080369][T16631]  handle_ud+0x104/0x280
[  164.081524][T16631]  ? __pfx_handle_ud+0x10/0x10
[  164.082842][T16631]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  164.084433][T16631]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  164.085031][ T5306] Bluetooth: hci3: command tx timeout
[  164.086078][T16631]  handle_exception_nmi+0x83e/0x1410
[  164.088867][T16631]  ? __pfx_handle_exception_nmi+0x10/0x10
[  164.090420][T16631]  vmx_handle_exit+0x733/0x1f70
[  164.091764][T16631]  vcpu_run+0x3047/0x4f50
[  164.092946][T16631]  ? __pfx___mutex_trylock_common+0x10/0x10
[  164.094534][T16631]  ? __pfx_vcpu_run+0x10/0x10
[  164.095814][T16631]  ? rcu_is_watching+0x12/0xc0
[  164.097116][T16631]  ? trace_lock_acquire+0x146/0x1e0
[  164.098552][T16631]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  164.100278][T16631]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  164.101873][T16631]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  164.103488][T16631]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  164.104995][T16631]  kvm_vcpu_ioctl+0x6c7/0x1520
[  164.106288][T16631]  ? do_vfs_ioctl+0x513/0x1990
[  164.107816][T16631]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.109352][T16631]  ? preempt_count_add+0x76/0x150
[  164.110779][T16631]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  164.112625][T16631]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  164.114499][T16631]  ? __pfx_lock_release+0x10/0x10
[  164.115910][T16631]  ? __fget_files+0x40/0x3a0
[  164.117191][T16631]  ? selinux_file_ioctl+0x180/0x270
[  164.118631][T16631]  ? selinux_file_ioctl+0xb4/0x270
[  164.119993][T16631]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.121411][T16631]  __x64_sys_ioctl+0x190/0x200
[  164.122730][T16631]  do_syscall_64+0xcd/0x250
[  164.123947][T16631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.125584][T16631] RIP: 0033:0x7f7fa757e819
[  164.126776][T16631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.131940][T16631] RSP: 002b:00007f7fa844b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.134180][T16631] RAX: ffffffffffffffda RBX: 00007f7fa7735fa0 RCX: 00007f7fa757e819
[  164.136328][T16631] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  164.138471][T16631] RBP: 00007f7fa844b090 R08: 0000000000000000 R09: 0000000000000000
[  164.140575][T16631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  164.142705][T16631] R13: 0000000000000000 R14: 00007f7fa7735fa0 R15: 00007ffc873d3628
[  164.144857][T16631]  </TASK>
[  164.280464][   T39] audit: type=1400 audit(1732429293.235:875): avc:  denied  { bind } for  pid=16677 comm="syz.1.3683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  164.300508][T16689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  164.305579][T16689] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.308069][T16688] __nla_validate_parse: 1 callbacks suppressed
[  164.308081][T16688] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3685'.
[  164.312578][T16689] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=259 sclass=netlink_route_socket pid=16689 comm=syz.6.3685
[  164.478854][T16707] FAULT_INJECTION: forcing a failure.
[  164.478854][T16707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.482577][T16707] CPU: 3 UID: 0 PID: 16707 Comm: syz.1.3692 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  164.485535][T16707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.485544][T16707] Call Trace:
[  164.485548][T16707]  <TASK>
[  164.485552][T16707]  dump_stack_lvl+0x16c/0x1f0
[  164.485571][T16707]  should_fail_ex+0x497/0x5b0
[  164.492900][T16707]  __kvm_read_guest_page+0x16b/0x210
[  164.492920][T16707]  kvm_fetch_guest_virt+0x128/0x1a0
[  164.492933][T16707]  __do_insn_fetch_bytes+0x420/0x6d0
[  164.497163][T16707]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  164.497177][T16707]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.497190][T16707]  ? vmx_check_intercept+0x1b8/0xaf0
[  164.497205][T16707]  x86_decode_insn+0xb91/0x5530
[  164.497215][T16707]  ? vmx_segment_cache_test_set+0x14b/0x400
[  164.497228][T16707]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.497240][T16707]  ? __pfx_x86_decode_insn+0x10/0x10
[  164.497249][T16707]  ? vmx_cache_reg+0x333/0x5e0
[  164.497258][T16707]  ? kvm_register_read_raw+0xe9/0x240
[  164.497271][T16707]  ? init_decode_cache+0xd/0x210
[  164.497279][T16707]  ? init_emulate_ctxt+0x338/0x510
[  164.497292][T16707]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  164.497305][T16707]  ? kvm_multiple_exception+0x44a/0xb40
[  164.497316][T16707]  x86_emulate_instruction+0x975/0x1a50
[  164.497331][T16707]  handle_ud+0x104/0x280
[  164.497343][T16707]  ? __pfx_handle_ud+0x10/0x10
[  164.497355][T16707]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  164.497368][T16707]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  164.497380][T16707]  handle_exception_nmi+0x83e/0x1410
[  164.497393][T16707]  ? __pfx_handle_exception_nmi+0x10/0x10
[  164.497404][T16707]  vmx_handle_exit+0x733/0x1f70
[  164.497416][T16707]  vcpu_run+0x3047/0x4f50
[  164.497429][T16707]  ? __pfx___mutex_trylock_common+0x10/0x10
[  164.497446][T16707]  ? __pfx_vcpu_run+0x10/0x10
[  164.497459][T16707]  ? rcu_is_watching+0x12/0xc0
[  164.497473][T16707]  ? trace_lock_acquire+0x146/0x1e0
[  164.497486][T16707]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  164.497498][T16707]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  164.497513][T16707]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  164.497527][T16707]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  164.497542][T16707]  kvm_vcpu_ioctl+0x6c7/0x1520
[  164.497551][T16707]  ? do_vfs_ioctl+0x513/0x1990
[  164.497565][T16707]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.497574][T16707]  ? preempt_count_add+0x76/0x150
[  164.497584][T16707]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  164.497596][T16707]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  164.497607][T16707]  ? __pfx_lock_release+0x10/0x10
[  164.497618][T16707]  ? __fget_files+0x40/0x3a0
[  164.497629][T16707]  ? selinux_file_ioctl+0x180/0x270
[  164.497638][T16707]  ? selinux_file_ioctl+0xb4/0x270
[  164.497648][T16707]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.497657][T16707]  __x64_sys_ioctl+0x190/0x200
[  164.497671][T16707]  do_syscall_64+0xcd/0x250
[  164.497681][T16707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.497695][T16707] RIP: 0033:0x7f7fa757e819
[  164.497704][T16707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.497714][T16707] RSP: 002b:00007f7fa844b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.497725][T16707] RAX: ffffffffffffffda RBX: 00007f7fa7735fa0 RCX: 00007f7fa757e819
[  164.497731][T16707] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  164.497738][T16707] RBP: 00007f7fa844b090 R08: 0000000000000000 R09: 0000000000000000
[  164.497744][T16707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  164.497750][T16707] R13: 0000000000000000 R14: 00007f7fa7735fa0 R15: 00007ffc873d3628
[  164.497758][T16707]  </TASK>
[  164.583059][T16720] pim6reg1: entered promiscuous mode
[  164.585037][T16720] pim6reg1: entered allmulticast mode
[  164.889344][T16750] FAULT_INJECTION: forcing a failure.
[  164.889344][T16750] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.893404][T16750] CPU: 0 UID: 0 PID: 16750 Comm: syz.6.3708 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  164.896252][T16750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.899093][T16750] Call Trace:
[  164.899988][T16750]  <TASK>
[  164.900779][T16750]  dump_stack_lvl+0x16c/0x1f0
[  164.902046][T16750]  should_fail_ex+0x497/0x5b0
[  164.903449][T16750]  __kvm_read_guest_page+0x16b/0x210
[  164.904827][T16750]  kvm_fetch_guest_virt+0x128/0x1a0
[  164.906223][T16750]  __do_insn_fetch_bytes+0x420/0x6d0
[  164.907594][T16750]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  164.909115][T16750]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.910672][T16750]  ? vmx_check_intercept+0x1b8/0xaf0
[  164.912102][T16750]  x86_decode_insn+0xb91/0x5530
[  164.913378][T16750]  ? vmx_segment_cache_test_set+0x14b/0x400
[  164.914968][T16750]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.916549][T16750]  ? __pfx_x86_decode_insn+0x10/0x10
[  164.917933][T16750]  ? vmx_cache_reg+0x333/0x5e0
[  164.919233][T16750]  ? kvm_register_read_raw+0xe9/0x240
[  164.920652][T16750]  ? init_decode_cache+0xd/0x210
[  164.921960][T16750]  ? init_emulate_ctxt+0x338/0x510
[  164.923333][T16750]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  164.924803][T16750]  ? kvm_multiple_exception+0x44a/0xb40
[  164.926399][T16750]  x86_emulate_instruction+0x975/0x1a50
[  164.927874][T16750]  handle_ud+0x104/0x280
[  164.929012][T16750]  ? __pfx_handle_ud+0x10/0x10
[  164.930296][T16750]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  164.931827][T16750]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  164.933458][T16750]  handle_exception_nmi+0x83e/0x1410
[  164.934849][T16750]  ? __pfx_handle_exception_nmi+0x10/0x10
[  164.936359][T16750]  vmx_handle_exit+0x733/0x1f70
[  164.937658][T16750]  vcpu_run+0x3047/0x4f50
[  164.938833][T16750]  ? __pfx___mutex_trylock_common+0x10/0x10
[  164.940425][T16750]  ? __pfx_vcpu_run+0x10/0x10
[  164.941679][T16750]  ? rcu_is_watching+0x12/0xc0
[  164.942957][T16750]  ? trace_lock_acquire+0x146/0x1e0
[  164.944353][T16750]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  164.946099][T16750]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  164.947758][T16750]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  164.949266][T16750]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  164.950744][T16750]  kvm_vcpu_ioctl+0x6c7/0x1520
[  164.952035][T16750]  ? do_vfs_ioctl+0x513/0x1990
[  164.953322][T16750]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.954709][T16750]  ? preempt_count_add+0x76/0x150
[  164.956084][T16750]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  164.957807][T16750]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  164.959714][T16750]  ? __pfx_lock_release+0x10/0x10
[  164.961055][T16750]  ? __fget_files+0x40/0x3a0
[  164.962288][T16750]  ? selinux_file_ioctl+0x180/0x270
[  164.963765][T16750]  ? selinux_file_ioctl+0xb4/0x270
[  164.965152][T16750]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.966595][T16750]  __x64_sys_ioctl+0x190/0x200
[  164.967891][T16750]  do_syscall_64+0xcd/0x250
[  164.969100][T16750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.970666][T16750] RIP: 0033:0x7fca81b7e819
[  164.971865][T16750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.977010][T16750] RSP: 002b:00007fca828cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.979216][T16750] RAX: ffffffffffffffda RBX: 00007fca81d35fa0 RCX: 00007fca81b7e819
[  164.981312][T16750] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  164.983404][T16750] RBP: 00007fca828cd090 R08: 0000000000000000 R09: 0000000000000000
[  164.985537][T16750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  164.987631][T16750] R13: 0000000000000000 R14: 00007fca81d35fa0 R15: 00007ffd43faca98
[  164.989727][T16750]  </TASK>
[  165.430053][T16775] netlink: 84 bytes leftover after parsing attributes in process `syz.7.3715'.
[  165.928520][T16790] FAULT_INJECTION: forcing a failure.
[  165.928520][T16790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.932292][T16790] CPU: 3 UID: 0 PID: 16790 Comm: syz.5.3720 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  165.935293][T16790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.938432][T16790] Call Trace:
[  165.939416][T16790]  <TASK>
[  165.940301][T16790]  dump_stack_lvl+0x16c/0x1f0
[  165.941706][T16790]  should_fail_ex+0x497/0x5b0
[  165.943104][T16790]  __kvm_read_guest_page+0x16b/0x210
[  165.944677][T16790]  kvm_fetch_guest_virt+0x128/0x1a0
[  165.946208][T16790]  __do_insn_fetch_bytes+0x420/0x6d0
[  165.947769][T16790]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  165.949475][T16790]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.951146][T16790]  ? vmx_check_intercept+0x1b8/0xaf0
[  165.952617][T16790]  x86_decode_insn+0xb91/0x5530
[  165.954057][T16790]  ? vmx_segment_cache_test_set+0x14b/0x400
[  165.955937][T16790]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.957695][T16790]  ? __pfx_x86_decode_insn+0x10/0x10
[  165.959272][T16790]  ? vmx_cache_reg+0x333/0x5e0
[  165.960702][T16790]  ? kvm_register_read_raw+0xe9/0x240
[  165.962295][T16790]  ? init_decode_cache+0xd/0x210
[  165.963766][T16790]  ? init_emulate_ctxt+0x338/0x510
[  165.965286][T16790]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  165.966890][T16790]  ? kvm_multiple_exception+0x44a/0xb40
[  165.968535][T16790]  x86_emulate_instruction+0x975/0x1a50
[  165.970164][T16790]  handle_ud+0x104/0x280
[  165.971426][T16790]  ? __pfx_handle_ud+0x10/0x10
[  165.972852][T16790]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  165.974581][T16790]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  165.976395][T16790]  handle_exception_nmi+0x83e/0x1410
[  165.977958][T16790]  ? __pfx_handle_exception_nmi+0x10/0x10
[  165.979640][T16790]  vmx_handle_exit+0x733/0x1f70
[  165.981088][T16790]  vcpu_run+0x3047/0x4f50
[  165.982378][T16790]  ? __pfx___mutex_trylock_common+0x10/0x10
[  165.984136][T16790]  ? __pfx_vcpu_run+0x10/0x10
[  165.985537][T16790]  ? rcu_is_watching+0x12/0xc0
[  165.986961][T16790]  ? trace_lock_acquire+0x146/0x1e0
[  165.988499][T16790]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  165.990266][T16790]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  165.991952][T16790]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  165.993636][T16790]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  165.995262][T16790]  kvm_vcpu_ioctl+0x6c7/0x1520
[  165.996693][T16790]  ? do_vfs_ioctl+0x513/0x1990
[  165.998136][T16790]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  165.999667][T16790]  ? preempt_count_add+0x76/0x150
[  166.001160][T16790]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  166.003062][T16790]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  166.005253][T16790]  ? __pfx_lock_release+0x10/0x10
[  166.006755][T16790]  ? __fget_files+0x40/0x3a0
[  166.008159][T16790]  ? selinux_file_ioctl+0x180/0x270
[  166.009690][T16790]  ? selinux_file_ioctl+0xb4/0x270
[  166.011198][T16790]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.012753][T16790]  __x64_sys_ioctl+0x190/0x200
[  166.013027][T16793] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.014172][T16790]  do_syscall_64+0xcd/0x250
[  166.014186][T16790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.014200][T16790] RIP: 0033:0x7f4df617e819
[  166.016748][T16793] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.017712][T16790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.030165][T16790] RSP: 002b:00007f4df6f56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.032614][T16790] RAX: ffffffffffffffda RBX: 00007f4df6335fa0 RCX: 00007f4df617e819
[  166.034927][T16790] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  166.037400][T16790] RBP: 00007f4df6f56090 R08: 0000000000000000 R09: 0000000000000000
[  166.039754][T16790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  166.042073][T16790] R13: 0000000000000000 R14: 00007f4df6335fa0 R15: 00007ffc4f4c08d8
[  166.044600][T16790]  </TASK>
[  166.174965][ T5306] Bluetooth: hci3: command tx timeout
[  166.241161][T16804] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3725'.
[  166.448936][T16823] FAULT_INJECTION: forcing a failure.
[  166.448936][T16823] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.452774][T16823] CPU: 2 UID: 0 PID: 16823 Comm: syz.5.3731 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  166.455518][T16823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.458373][T16823] Call Trace:
[  166.459276][T16823]  <TASK>
[  166.460079][T16823]  dump_stack_lvl+0x16c/0x1f0
[  166.461374][T16823]  should_fail_ex+0x497/0x5b0
[  166.462657][T16823]  __kvm_read_guest_page+0x16b/0x210
[  166.464079][T16823]  kvm_fetch_guest_virt+0x128/0x1a0
[  166.465622][T16823]  __do_insn_fetch_bytes+0x420/0x6d0
[  166.467037][T16823]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  166.468644][T16823]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.470227][T16823]  ? vmx_check_intercept+0x1b8/0xaf0
[  166.471657][T16823]  x86_decode_insn+0xb91/0x5530
[  166.472966][T16823]  ? vmx_segment_cache_test_set+0x14b/0x400
[  166.474549][T16823]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.476165][T16823]  ? __pfx_x86_decode_insn+0x10/0x10
[  166.477576][T16823]  ? vmx_cache_reg+0x333/0x5e0
[  166.478862][T16823]  ? kvm_register_read_raw+0xe9/0x240
[  166.480305][T16823]  ? init_decode_cache+0xd/0x210
[  166.481628][T16823]  ? init_emulate_ctxt+0x338/0x510
[  166.482645][T16828] netlink: 'syz.7.3733': attribute type 1 has an invalid length.
[  166.482993][T16823]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  166.486520][T16823]  ? kvm_multiple_exception+0x44a/0xb40
[  166.487929][T16828] geneve2: entered promiscuous mode
[  166.487995][T16823]  x86_emulate_instruction+0x975/0x1a50
[  166.489372][T16828] geneve2: entered allmulticast mode
[  166.490830][T16823]  handle_ud+0x104/0x280
[  166.490846][T16823]  ? __pfx_handle_ud+0x10/0x10
[  166.490859][T16823]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  166.496228][T16823]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  166.497889][T16823]  handle_exception_nmi+0x83e/0x1410
[  166.499314][T16823]  ? __pfx_handle_exception_nmi+0x10/0x10
[  166.500842][T16823]  vmx_handle_exit+0x733/0x1f70
[  166.502151][T16823]  vcpu_run+0x3047/0x4f50
[  166.503311][T16823]  ? __pfx___mutex_trylock_common+0x10/0x10
[  166.504896][T16823]  ? __pfx_vcpu_run+0x10/0x10
[  166.506335][T16823]  ? rcu_is_watching+0x12/0xc0
[  166.507630][T16823]  ? trace_lock_acquire+0x146/0x1e0
[  166.509019][T16823]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  166.510616][T16823]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  166.512146][T16823]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  166.513662][T16823]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  166.515134][T16823]  kvm_vcpu_ioctl+0x6c7/0x1520
[  166.516431][T16823]  ? do_vfs_ioctl+0x513/0x1990
[  166.517715][T16823]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.519110][T16823]  ? preempt_count_add+0x76/0x150
[  166.520463][T16823]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  166.522180][T16823]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  166.523994][T16823]  ? __pfx_lock_release+0x10/0x10
[  166.525353][T16823]  ? __fget_files+0x40/0x3a0
[  166.526593][T16823]  ? selinux_file_ioctl+0x180/0x270
[  166.527982][T16823]  ? selinux_file_ioctl+0xb4/0x270
[  166.529346][T16823]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.530802][T16823]  __x64_sys_ioctl+0x190/0x200
[  166.532238][T16823]  do_syscall_64+0xcd/0x250
[  166.533534][T16823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.535171][T16823] RIP: 0033:0x7f4df617e819
[  166.536383][T16823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.541466][T16823] RSP: 002b:00007f4df6f56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.543663][T16823] RAX: ffffffffffffffda RBX: 00007f4df6335fa0 RCX: 00007f4df617e819
[  166.545741][T16823] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  166.547848][T16823] RBP: 00007f4df6f56090 R08: 0000000000000000 R09: 0000000000000000
[  166.549942][T16823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  166.552052][T16823] R13: 0000000000000000 R14: 00007f4df6335fa0 R15: 00007ffc4f4c08d8
[  166.554163][T16823]  </TASK>
[  166.555084][    C2] vkms_vblank_simulate: vblank timer overrun
[  166.643707][ T6972] IPVS: starting estimator thread 0...
[  166.653408][T16853] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.656899][T16853] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.721533][T16872] netlink: 'syz.5.3748': attribute type 30 has an invalid length.
[  166.744935][T16851] IPVS: using max 67 ests per chain, 160800 per kthread
[  166.761355][T16877] i2c i2c-1: Invalid block write size 34
[  166.843245][T16884] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  166.846733][T16884] xt_CHECKSUM: unsupported CHECKSUM operation f4
[  166.901470][T16887] FAULT_INJECTION: forcing a failure.
[  166.901470][T16887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.905288][T16887] CPU: 2 UID: 0 PID: 16887 Comm: syz.7.3752 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  166.908241][T16887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.911281][T16887] Call Trace:
[  166.912258][T16887]  <TASK>
[  166.913112][T16887]  dump_stack_lvl+0x16c/0x1f0
[  166.914479][T16887]  should_fail_ex+0x497/0x5b0
[  166.915868][T16887]  __kvm_read_guest_page+0x16b/0x210
[  166.917389][T16887]  kvm_fetch_guest_virt+0x128/0x1a0
[  166.918890][T16887]  __do_insn_fetch_bytes+0x420/0x6d0
[  166.920424][T16887]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  166.922096][T16887]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.923803][T16887]  ? vmx_check_intercept+0x1b8/0xaf0
[  166.925329][T16887]  x86_decode_insn+0xb91/0x5530
[  166.926730][T16887]  ? vmx_segment_cache_test_set+0x14b/0x400
[  166.928439][T16887]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.930139][T16887]  ? __pfx_x86_decode_insn+0x10/0x10
[  166.931664][T16887]  ? vmx_cache_reg+0x333/0x5e0
[  166.933045][T16887]  ? kvm_register_read_raw+0xe9/0x240
[  166.934589][T16887]  ? init_decode_cache+0xd/0x210
[  166.936018][T16887]  ? init_emulate_ctxt+0x338/0x510
[  166.937493][T16887]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  166.939071][T16887]  ? kvm_multiple_exception+0x44a/0xb40
[  166.940624][T16887]  x86_emulate_instruction+0x975/0x1a50
[  166.942205][T16887]  handle_ud+0x104/0x280
[  166.943437][T16887]  ? __pfx_handle_ud+0x10/0x10
[  166.944831][T16887]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  166.946536][T16887]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  166.948321][T16887]  handle_exception_nmi+0x83e/0x1410
[  166.949848][T16887]  ? __pfx_handle_exception_nmi+0x10/0x10
[  166.951490][T16887]  vmx_handle_exit+0x733/0x1f70
[  166.952910][T16887]  vcpu_run+0x3047/0x4f50
[  166.954169][T16887]  ? __pfx___mutex_trylock_common+0x10/0x10
[  166.955938][T16887]  ? __pfx_vcpu_run+0x10/0x10
[  166.957302][T16887]  ? rcu_is_watching+0x12/0xc0
[  166.958702][T16887]  ? trace_lock_acquire+0x146/0x1e0
[  166.960212][T16887]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  166.961944][T16887]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  166.963623][T16887]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  166.965271][T16887]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  166.966868][T16887]  kvm_vcpu_ioctl+0x6c7/0x1520
[  166.968265][T16887]  ? do_vfs_ioctl+0x513/0x1990
[  166.969653][T16887]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.971151][T16887]  ? preempt_count_add+0x76/0x150
[  166.972617][T16887]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  166.974495][T16887]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  166.976479][T16887]  ? __pfx_lock_release+0x10/0x10
[  166.977947][T16887]  ? __fget_files+0x40/0x3a0
[  166.979293][T16887]  ? selinux_file_ioctl+0x180/0x270
[  166.980852][T16887]  ? selinux_file_ioctl+0xb4/0x270
[  166.982375][T16887]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.983878][T16887]  __x64_sys_ioctl+0x190/0x200
[  166.985275][T16887]  do_syscall_64+0xcd/0x250
[  166.986585][T16887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.988296][T16887] RIP: 0033:0x7ff80457e819
[  166.989584][T16887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.995069][T16887] RSP: 002b:00007ff8053e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.997460][T16887] RAX: ffffffffffffffda RBX: 00007ff804735fa0 RCX: 00007ff80457e819
[  166.999737][T16887] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  167.002003][T16887] RBP: 00007ff8053e8090 R08: 0000000000000000 R09: 0000000000000000
[  167.004270][T16887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  167.006532][T16887] R13: 0000000000000000 R14: 00007ff804735fa0 R15: 00007ffc2aa2bf28
[  167.008807][T16887]  </TASK>
[  167.009748][    C2] vkms_vblank_simulate: vblank timer overrun
[  167.391048][T16900] overlayfs: failed to resolve './file0': -2
[  167.437773][T16907] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3759'.
[  167.461514][T16911] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  167.463761][T16911] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  167.668219][T16913] FAULT_INJECTION: forcing a failure.
[  167.668219][T16913] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.672085][T16913] CPU: 3 UID: 0 PID: 16913 Comm: syz.5.3761 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  167.675079][T16913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.678236][T16913] Call Trace:
[  167.679233][T16913]  <TASK>
[  167.680115][T16913]  dump_stack_lvl+0x16c/0x1f0
[  167.681565][T16913]  should_fail_ex+0x497/0x5b0
[  167.682931][T16913]  __kvm_read_guest_page+0x16b/0x210
[  167.684487][T16913]  kvm_fetch_guest_virt+0x128/0x1a0
[  167.686003][T16913]  __do_insn_fetch_bytes+0x420/0x6d0
[  167.687542][T16913]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  167.689255][T16913]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  167.690980][T16913]  ? vmx_check_intercept+0x1b8/0xaf0
[  167.692539][T16913]  x86_decode_insn+0xb91/0x5530
[  167.693962][T16913]  ? vmx_segment_cache_test_set+0x14b/0x400
[  167.695746][T16913]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  167.697467][T16913]  ? __pfx_x86_decode_insn+0x10/0x10
[  167.699010][T16913]  ? vmx_cache_reg+0x333/0x5e0
[  167.700417][T16913]  ? kvm_register_read_raw+0xe9/0x240
[  167.701975][T16913]  ? init_decode_cache+0xd/0x210
[  167.703417][T16913]  ? init_emulate_ctxt+0x338/0x510
[  167.704927][T16913]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  167.706514][T16913]  ? kvm_multiple_exception+0x44a/0xb40
[  167.708131][T16913]  x86_emulate_instruction+0x975/0x1a50
[  167.709744][T16913]  handle_ud+0x104/0x280
[  167.710988][T16913]  ? __pfx_handle_ud+0x10/0x10
[  167.712397][T16913]  ? nested_vmx_reflect_vmexit+0x74e/0x3fb0
[  167.714115][T16913]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  167.715917][T16913]  handle_exception_nmi+0x83e/0x1410
[  167.717463][T16913]  ? __pfx_handle_exception_nmi+0x10/0x10
[  167.719124][T16913]  vmx_handle_exit+0x733/0x1f70
[  167.720588][T16913]  vcpu_run+0x3047/0x4f50
[  167.721869][T16913]  ? __pfx___mutex_trylock_common+0x10/0x10
[  167.723616][T16913]  ? __pfx_vcpu_run+0x10/0x10
[  167.725001][T16913]  ? rcu_is_watching+0x12/0xc0
[  167.726489][T16913]  ? trace_lock_acquire+0x146/0x1e0
[  167.728251][T16913]  ? trace_irq_enable.constprop.0+0xe6/0x140
[  167.729999][T16913]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  167.731690][T16913]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  167.733350][T16913]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  167.734971][T16913]  kvm_vcpu_ioctl+0x6c7/0x1520
[  167.736382][T16913]  ? do_vfs_ioctl+0x513/0x1990
[  167.737787][T16913]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  167.739318][T16913]  ? preempt_count_add+0x76/0x150
[  167.740806][T16913]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  167.742694][T16913]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  167.744686][T16913]  ? __pfx_lock_release+0x10/0x10
[  167.746161][T16913]  ? __fget_files+0x40/0x3a0
[  167.747525][T16913]  ? selinux_file_ioctl+0x180/0x270
[  167.749050][T16913]  ? selinux_file_ioctl+0xb4/0x270
[  167.750545][T16913]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  167.752086][T16913]  __x64_sys_ioctl+0x190/0x200
[  167.753498][T16913]  do_syscall_64+0xcd/0x250
[  167.754830][T16913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.756752][T16913] RIP: 0033:0x7f4df617e819
[  167.758069][T16913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.763685][T16913] RSP: 002b:00007f4df6f56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.766121][T16913] RAX: ffffffffffffffda RBX: 00007f4df6335fa0 RCX: 00007f4df617e819
[  167.768455][T16913] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  167.770761][T16913] RBP: 00007f4df6f56090 R08: 0000000000000000 R09: 0000000000000000
[  167.773094][T16913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  167.775411][T16913] R13: 0000000000000000 R14: 00007f4df6335fa0 R15: 00007ffc4f4c08d8
[  167.777847][T16913]  </TASK>
[  167.881727][T16926] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.3766'.
[  167.899892][T16928] ==================================================================
[  167.902589][T16928] BUG: KASAN: vmalloc-out-of-bounds in acpi_nfit_ctl+0x19e8/0x1cf0
[  167.905241][T16928] Read of size 4 at addr ffffc90003785038 by task syz.5.3767/16928
[  167.909365][T16928] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  167.910187][T16928] CPU: 2 UID: 0 PID: 16928 Comm: syz.5.3767 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  167.913787][T16928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.917467][T16928] Call Trace:
[  167.918617][T16928]  <TASK>
[  167.919646][T16928]  dump_stack_lvl+0x116/0x1f0
[  167.921274][T16928]  print_report+0xc3/0x620
[  167.922808][T16928]  ? __virt_addr_valid+0x5e/0x590
[  167.924512][T16928]  kasan_report+0xd9/0x110
[  167.926077][T16928]  ? acpi_nfit_ctl+0x19e8/0x1cf0
[  167.927790][T16928]  ? acpi_nfit_ctl+0x19e8/0x1cf0
[  167.929478][T16928]  acpi_nfit_ctl+0x19e8/0x1cf0
[  167.931103][T16928]  ? trace_contention_end+0xea/0x140
[  167.932902][T16928]  ? __mutex_lock+0x1cc/0xa60
[  167.934189][T16928]  ? __pfx_acpi_nfit_ctl+0x10/0x10
[  167.935523][T16928]  ? nd_ioctl+0xf7a/0x18c0
[  167.936709][T16928]  ? __pfx___mutex_lock+0x10/0x10
[  167.938040][T16928]  ? __pfx___mutex_lock+0x10/0x10
[  167.939365][T16928]  ? __might_fault+0xe3/0x190
[  167.940619][T16928]  nd_ioctl+0x13bc/0x18c0
[  167.941751][T16928]  ? __pfx_acpi_nfit_clear_to_send+0x10/0x10
[  167.943307][T16928]  ? __pfx_nd_ioctl+0x10/0x10
[  167.944546][T16928]  ? __pfx_lock_release+0x10/0x10
[  167.945866][T16928]  ? __fget_files+0x40/0x3a0
[  167.947364][T16928]  ? selinux_file_ioctl+0x180/0x270
[  167.948809][T16928]  ? selinux_file_ioctl+0xb4/0x270
[  167.950139][T16928]  ? __pfx_bus_ioctl+0x10/0x10
[  167.951502][T16928]  __x64_sys_ioctl+0x190/0x200
[  167.952752][T16928]  do_syscall_64+0xcd/0x250
[  167.953933][T16928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.955464][T16928] RIP: 0033:0x7f4df617e819
[  167.956628][T16928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.961577][T16928] RSP: 002b:00007f4df6f56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.963748][T16928] RAX: ffffffffffffffda RBX: 00007f4df6335fa0 RCX: 00007f4df617e819
[  167.965786][T16928] RDX: 0000000020000140 RSI: 00000000c008640a RDI: 0000000000000003
[  167.967843][T16928] RBP: 00007f4df61f175e R08: 0000000000000000 R09: 0000000000000000
[  167.970020][T16928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  167.972053][T16928] R13: 0000000000000000 R14: 00007f4df6335fa0 R15: 00007ffc4f4c08d8
[  167.974083][T16928]  </TASK>
[  167.974888][T16928] 
[  167.975533][T16928] The buggy address belongs to the virtual mapping at
[  167.975533][T16928]  [ffffc90003785000, ffffc90003787000) created by:
[  167.975533][T16928]  nd_ioctl+0xf14/0x18c0
[  167.979918][T16928] 
[  167.980541][T16928] The buggy address belongs to the physical page:
[  167.982184][T16928] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x59d5e
[  167.984478][T16928] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  167.986301][T16928] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  167.988551][T16928] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  167.990750][T16928] page dumped because: kasan: bad access detected
[  167.992521][T16928] page_owner tracks the page as allocated
[  167.994005][T16928] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2cc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN), pid 16928, tgid 16927 (syz.5.3767), ts 167899884358, free_ts 167455478140
[  167.998669][T16928]  post_alloc_hook+0x2d1/0x350
[  167.999928][T16928]  get_page_from_freelist+0xfce/0x2f80
[  168.001339][T16928]  __alloc_pages_noprof+0x223/0x25a0
[  168.002712][T16928]  alloc_pages_bulk_noprof+0x72b/0x10b0
[  168.004132][T16928]  alloc_pages_bulk_array_mempolicy_noprof+0x250/0x11f0
[  168.005909][T16928]  __vmalloc_node_range_noprof+0x517/0x1530
[  168.007449][T16928]  vmalloc_noprof+0x6b/0x90
[  168.008664][T16928]  nd_ioctl+0xf14/0x18c0
[  168.009773][T16928]  __x64_sys_ioctl+0x190/0x200
[  168.011025][T16928]  do_syscall_64+0xcd/0x250
[  168.012228][T16928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.013767][T16928] page last free pid 24 tgid 24 stack trace:
[  168.015356][T16928]  free_unref_page+0x661/0x1080
[  168.016634][T16928]  __folio_put+0x32a/0x450
[  168.017795][T16928]  free_page_and_swap_cache+0x249/0x2c0
[  168.019244][T16928]  tlb_remove_table_rcu+0x89/0xe0
[  168.020490][T16928]  rcu_core+0x79d/0x14d0
[  168.021517][T16928]  handle_softirqs+0x213/0x8f0
[  168.022771][T16928]  run_ksoftirqd+0x3a/0x60
[  168.023941][T16928]  smpboot_thread_fn+0x661/0xa30
[  168.025226][T16928]  kthread+0x2c1/0x3a0
[  168.026304][T16928]  ret_from_fork+0x45/0x80
[  168.027490][T16928]  ret_from_fork_asm+0x1a/0x30
[  168.028749][T16928] 
[  168.029380][T16928] Memory state around the buggy address:
[  168.030833][T16928]  ffffc90003784f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  168.032926][T16928]  ffffc90003784f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  168.034979][T16928] >ffffc90003785000: 00 00 00 00 00 00 00 03 f8 f8 f8 f8 f8 f8 f8 f8
[  168.037054][T16928]                                         ^
[  168.038604][T16928]  ffffc90003785080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  168.040687][T16928]  ffffc90003785100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  168.042776][T16928] ==================================================================
[  168.044942][    C2] vkms_vblank_simulate: vblank timer overrun
[  168.047650][T16928] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  168.049676][T16928] CPU: 3 UID: 0 PID: 16928 Comm: syz.5.3767 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  168.053157][T16928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.056087][T16928] Call Trace:
[  168.056993][T16928]  <TASK>
[  168.057960][T16928]  dump_stack_lvl+0x3d/0x1f0
[  168.059578][T16928]  panic+0x71d/0x800
[  168.060945][T16928]  ? __pfx_panic+0x10/0x10
[  168.062484][T16928]  ? rcu_is_watching+0x12/0xc0
[  168.064141][T16928]  ? preempt_schedule_thunk+0x1a/0x30
[  168.065900][T16928]  ? preempt_schedule_common+0x44/0xc0
[  168.067775][T16928]  check_panic_on_warn+0xab/0xb0
[  168.069463][T16928]  end_report+0x117/0x180
[  168.070951][T16928]  kasan_report+0xe9/0x110
[  168.072385][T16928]  ? acpi_nfit_ctl+0x19e8/0x1cf0
[  168.073692][T16928]  ? acpi_nfit_ctl+0x19e8/0x1cf0
[  168.075004][T16928]  acpi_nfit_ctl+0x19e8/0x1cf0
[  168.076293][T16928]  ? trace_contention_end+0xea/0x140
[  168.077698][T16928]  ? __mutex_lock+0x1cc/0xa60
[  168.078974][T16928]  ? __pfx_acpi_nfit_ctl+0x10/0x10
[  168.080674][T16928]  ? nd_ioctl+0xf7a/0x18c0
[  168.082199][T16928]  ? __pfx___mutex_lock+0x10/0x10
[  168.083940][T16928]  ? __pfx___mutex_lock+0x10/0x10
[  168.085675][T16928]  ? __might_fault+0xe3/0x190
[  168.087110][T16928]  nd_ioctl+0x13bc/0x18c0
[  168.088283][T16928]  ? __pfx_acpi_nfit_clear_to_send+0x10/0x10
[  168.089875][T16928]  ? __pfx_nd_ioctl+0x10/0x10
[  168.091124][T16928]  ? __pfx_lock_release+0x10/0x10
[  168.092472][T16928]  ? __fget_files+0x40/0x3a0
[  168.093752][T16928]  ? selinux_file_ioctl+0x180/0x270
[  168.095121][T16928]  ? selinux_file_ioctl+0xb4/0x270
[  168.096496][T16928]  ? __pfx_bus_ioctl+0x10/0x10
[  168.098055][T16928]  __x64_sys_ioctl+0x190/0x200
[  168.099718][T16928]  do_syscall_64+0xcd/0x250
[  168.101287][T16928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.103236][T16928] RIP: 0033:0x7f4df617e819
[  168.104785][T16928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.111088][T16928] RSP: 002b:00007f4df6f56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  168.113847][T16928] RAX: ffffffffffffffda RBX: 00007f4df6335fa0 RCX: 00007f4df617e819
[  168.116511][T16928] RDX: 0000000020000140 RSI: 00000000c008640a RDI: 0000000000000003
[  168.119182][T16928] RBP: 00007f4df61f175e R08: 0000000000000000 R09: 0000000000000000
[  168.121832][T16928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  168.124503][T16928] R13: 0000000000000000 R14: 00007f4df6335fa0 R15: 00007ffc4f4c08d8
[  168.127124][T16928]  </TASK>
[  168.128693][T16928] Kernel Offset: disabled
[  168.130132][T16928] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:21:36  Registers:
info registers vcpu 0

CPU#0
RAX=00000000001a1384 RBX=0000000000000000 RCX=ffffffff8b24ee99 RDX=ffffed100d4c6fee
RSI=ffffffff8bd0e900 RDI=ffffffff81653ce9 RBP=fffffbfff1bd2f00 RSP=ffffffff8de07e20
R8 =0000000000000000 R9 =ffffed100d4c6fed R10=ffff88806a637f6b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de97800 R14=ffffffff905f5c10 R15=0000000000000000
RIP=ffffffff8b25027f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3d4a79 CR3=000000005e0bc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df630c488 00007f4df630c480 00007f4df630c478 00007f4df630c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df6e6d100 00007f4df630c440 00007f4df6300004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df630c498 00007f4df630c490 00007f4df630c488 00007f4df630c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88801c0e64a8 RCX=ffffffff81fd5445 RDX=ffff88802a55a440
RSI=ffffffff81fd5456 RDI=0000000000000005 RBP=ffff88801c0e6460 RSP=ffffc90005ec77b0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=00000000000050a8
R12=0000000000000000 R13=0000000000000001 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff818ebb36 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f4605e67d60 CR3=0000000028bf0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f460530c6a3 00007f460530c6a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc5ad5ffa0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555739e34a8
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555573a603bd 0000555573a5fdc0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000038323935 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 22b00303ffffffff 0422a00300080022 9803010800229003 0008002288030008
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0102a01000218004 0a1000060102a800 080023a003000800 2398030008002390
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0303ffffffff0423 800303ffffffff04 22f00300080022e8 0300080022e00300
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080022d803000800 22d00303ffffffff 0422c00300080022 b80300080022b003
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03ffffffff0422a0 0300080022980301 0800229003000800 2288030008002280
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85067aa5 RDI=ffffffff9ab05bc0 RBP=ffffffff9ab05b80 RSP=ffffc90003b8f598
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303963666666
R12=0000000000000000 R13=000000000000002e R14=ffffffff85067a40 R15=0000000000000000
RIP=ffffffff85067acf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4df6f566c0 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f4df6f55f98 CR3=000000005e0bc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df630c488 00007f4df630c480 00007f4df630c478 00007f4df630c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df6e6d100 00007f4df630c440 00007f4df630c458 00007f4df630c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df630c498 00007f4df630c490 00007f4df630c488 00007f4df630c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000001832b4 RBX=0000000000000003 RCX=ffffffff8b24ee99 RDX=ffffed100d526fee
RSI=ffffffff8bd0e900 RDI=ffffffff81653ce9 RBP=ffffed1003ad4488 RSP=ffffc900001a7e08
R8 =0000000000000000 R9 =ffffed100d526fed R10=ffff88806a937f6b R11=0000000000000000
R12=0000000000000003 R13=ffff88801d6a2440 R14=ffffffff905f5c10 R15=0000000000000000
RIP=ffffffff8b25027f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f7fa7564300 CR3=0000000053a06000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 230500040007ab0e 6d9c59001800003f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4df61f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e776f6e6b6e7500 6f6c6c3332302500 657a697320740004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b524a4b4e4b5000 4a49491617150000 405f4c560551464a 5751560541444700
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7213e849e2cd4533 962b44fa78118a09 6f975fc6f9c3e524 65a579a7c28eff14
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f7fc802c0f9c7b70 d86e03d0d3149689 3a4f61532b9a3bea 772fdd5a325d7e06
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ba02e9a0ee1dc889 70327bc6a307e799 aa6a4beeb3ba5c94 73c30c44644113d9
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 94ac6f760da47934 372a23a5c68ae5c8 ab402438e7fc3abc 7d817e68057bba11
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000