last executing test programs:

3.320356181s ago: executing program 2 (id=1502):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x10, 0x3}) (fail_nth: 1)

3.060283832s ago: executing program 2 (id=1506):
r0 = socket$inet6(0xa, 0x80006, 0xfffffffe)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="87cb00000000e200"], 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0), 0x0, 0x4001c00)

2.936102541s ago: executing program 2 (id=1510):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = syz_io_uring_setup(0x3ea8, &(0x7f0000000480)={0x0, 0x105cc6, 0x1, 0x0, 0x382}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x80, &(0x7f0000000280)="1a00000002000000", 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f00000102c0)={0x2020, 0x0, <r6=>0x0}, 0xfffffe5d)
lsetxattr$security_evm(&(0x7f00000000c0)='./file0/../file0/file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x3)
write$FUSE_INIT(r5, &(0x7f0000000380)={0x50, 0x0, r6, {0x7, 0x2b, 0x0, 0x8400040, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}}, 0x50)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='fd\x00')
r8 = memfd_create(&(0x7f0000000480)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdb\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\xf8hC\xcb\xf8\xc6\xd2\x86\x84\xa7\xf4\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYSp\xa5\xfd\ny\xdfS\xdbU\xf8l\xb5b\x83\x00\x00\x00\x00\xfc\x83\x18\xe46\x8a\x029\x19\x8fjC\xce\xa7S\x81\xd5\xda\x05\x00\xe3A_\x05XCk\x1d\x1cC\x97r\x93\xd6t\x81b\xc7x\xab\xa2\xf0\av\x88\x10\x00\xeaF\xa9!\xfc\x1c\xbf7q\xcf\xed&\x96\xa6\x1c_\xff\xb4\x00X\x1b\xedw\xc1\x00\x00\x00\x00\xe0T\x1f\xbc\x85\xd1Z\xa9\x01Z\xc2\xb0\f\x9a\x16\xa5?\xf74\x88\xeez@a\xa2\x83S\xc1\v\xe7\xdf\x80\xe4\x9c\xf5f\x94j@\xb1\xcfh\xc5g\x02\xc6 \x02\x00\x00\x00\x88\xee\x0f\xf5J*\xb3\xe8iWTav\xff\xd9\xb0C\x1e\xbe\x97\xc8$-\x8d)\xe8\\\x8e;I\xde\x8a\x8f\x0fq\x06\xee\xb9\xc1\xf1)\xa0\xd9T\xec\x8b\x85I\x87OZ\xd8\"4\x87\xb1\xed?:\x84S\xb9\xbf\xab#\xd0N\x8f\x1ey7\x9286p\x10u=\xa6\xdc9|\xb6\xa8\rE\xfbu6S\xef\x8cp\xe1\x7f{\xeb\xfe%\x19 h\x82\xc8Q\xd7\xabO\xb5\xc8\x1b\x99&\x80d\xa4jl=\x90T\xf5ZB\xdalk\xf4\xe8\xb4\xedq\x91\xdf\x9c\xdab\x16\x97\xa0\xae\xf8\xf3\xff\xa3\xc3?\x83\x990\xb0\xa3X,\x02\x14m\xb5\xcb\xca\xf2\vC\xcd2X\xef\x94f$\xca\xf5\xb4X\x9cj\x04\xc0\x879\xcft\x1b\xa4@)\xb6\x16\x8d\xb13K\xfd\n0P+\xec\xf8E\xb96\xb51\xc1\xce,\xc9\xab\x84\x19\x9e\xcc\xf8\xdf\xcb\xa6Q\xd5;\x00\x1c\xd0ht\x01\xfe\xb7\x81\xaas\xe8={.\x91\xe9x\xa18\xa6\x97\xf3\xa8,\xba\xd9\xf9I\x8d\xa5\xfe\xff\xa9\x14\xe9\xbd\x15u(B', 0x0)
write(r8, &(0x7f0000002140)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r8, 0x0)
readlinkat(r7, &(0x7f0000000040)='./file1\x00', &(0x7f00000021c0)=""/102372, 0x18fe4)
link(&(0x7f0000000280)='./file0/../file0/file0\x00', 0x0)
syz_fuse_handle_req(r5, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e5", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffffffffffffffe}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x101a02, 0x0)
pwritev(r9, &(0x7f0000002240)=[{&(0x7f00000001c0)="fd", 0x4}], 0x1, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000), 0xffffffffffffff41)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x12})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r2, 0x114, &(0x7f00000000c0), 0x0, 0x4)
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2.639177575s ago: executing program 3 (id=1521):
socket$l2tp6(0xa, 0x2, 0x73)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000001000500057807000000000008000900030000001400200000000000000000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0)

2.540438572s ago: executing program 3 (id=1522):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
rt_tgsigqueueinfo(0x0, 0x0, 0x7, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x2d, 0x101, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)

2.340424546s ago: executing program 3 (id=1523):
socket(0x2b, 0x80801, 0x1)
r0 = socket$inet(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = syz_io_uring_setup(0x70e4, &(0x7f0000000800)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x44, 0x0, @fd, 0x4, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan1\x00'})
ioctl$SIOCX25SSUBSCRIP(0xffffffffffffffff, 0x89e1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, 0x2000004, 0x0, 0x0, 0x1f00, 0x39, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x2, 0x200008, 0x5, 0x20000}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r8], 0x4c}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000010000108000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="b40200000000000008001b"], 0x28}}, 0x0)
r11 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x8000021e}, &(0x7f00000001c0)=<r12=>0x0, 0x0)
syz_io_uring_submit(r12, 0x0, 0x0)
io_uring_enter(r11, 0x47fa, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r11, 0x6711, 0x7db3, 0x0, 0x0, 0x0)
syz_io_uring_submit(r12, 0x0, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r7, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x2001, 0x424d1ce352e194c2})
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0x58, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r5, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x3, 0x5, 0x7, 0x10, 0xfff, 0x3}, [@TCA_NETEM_LOSS={0x4}, @TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0x58}}, 0x0)

2.007304062s ago: executing program 2 (id=1526):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYRES32=r5, @ANYRES32=0x0, @ANYBLOB="a7ffa8880000005a4e21dc80480001800c000700010000000c0000000c0009000010000006000000100006000500000005000000040000000c000400010000000900000010167c000600ff7f0000c0000000050000004c00018010000200fcffffff2d020000090000000c00070000000000520000000c0007009b7200000200000014000a008c0000000000000009000000000000000c00090001000000ff0f0000e80001800c000500f8ffffff000000000c0009001c000000040000000c000300960600000b00000090000c801400010000100000010500000600000081000000140001000101000049090000ff0700008100000014000100040000007b0e000007000000810000001400010082000000f20b000040000000810000001400010000000000ab0a0000e90300008100000014000100008000006f0b0000ff0f00008100000014000100050000008d040000000200008aa800000c000500fdffffff010000000c00050004000000050000000c00050056010000070000000c000900ff0000001c0000004001018040000c8014000100f20c0000960500005f90000088a800001400010009000000130f00000001000088a800001400010007000000a9080000ff070000056b00000c00030009000000060000000c000700f8fffffffeffffffcc000c801400010000040000a607000003000000000000001400010008000000980800000d00000088a800001400010004000000b0070000ff01000088a8000014000100dc000000560100000001000081000000140001000000000012030000070000008100003d1400010009000000620000000c00000002000000140001000e000000a8030000030000008100000014000100aa000000760f0000080000008100000014000100050000009e0300000600000088a8000014000100070000000a0700000400000088a800000c00040010000000030000000c00030000000000000400000800d0dc6f2813064d9aeddf09ad0da766ceb83f713098441b97731ded41910f2c3832063c962dc5847b43539b7824f2f18762085ff45a43553a23a8d1d6f566d49fe24f71a8e32cc29968efabe9d6e41b057e7bc19d9d1540bc2e197ab9ec0646e59b13be7de90828c792cd93b40d4b73bd8b0e2dfb8613debe94581661f5051a0210355a433e177f141c49accba0ce630516083817a0dfbdc01f29cc", @ANYBLOB, @ANYBLOB], 0x2e8}}, 0x4040044)
r6 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r7], 0x5c}}, 0x40)

1.900525654s ago: executing program 1 (id=1529):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) (async, rerun: 32)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (rerun: 32)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async, rerun: 64)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x80080, 0x0) (rerun: 64)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) (async, rerun: 32)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x20002) (async, rerun: 32)
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ff81000000000000000000be7ba9bd"], 0x1c}}, 0x0)
recvmmsg$unix(r4, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000300)=""/151, 0x97}, {&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000740)=""/254, 0xfe}], 0x3}}], 0x3, 0x0, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10) (async, rerun: 64)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200)) (rerun: 64)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) (async)
read$msr(r2, 0x0, 0x0) (async)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x800) (async)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000940)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x0, 0x7}, {}, {0x5, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40095}, 0x800) (async)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
preadv2(r8, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x0) (async)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x82801, 0x0) (async, rerun: 32)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000700)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0108a3ccf9d75f7c22860b000000080003002b9505dbd55bee825477016529fbdee8378fa586f9696380eb893f8ea24db1551378b422289a165b28986349a1af374995d59d55de2cc011654c92b2e662a0968f8be0efef7eb3d0ee8c96ace6f026e781765be683960300f31a74eacdce6ee3aa37e5dae71df80c3253acda577487a64e68b636469eaa3dee7219dfcc45022c3aac92fdb535603a607abfdabe6f03305ee03f42de6c0142802ccd544a898f568b45713e13cd8700b20731d149fbddcc25cb1adf4ea52fbcf2575275a4d1344b1ca8ff672a2ae7920828ec", @ANYRES32=r10, @ANYBLOB="10005080040006000500020000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x44}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xd, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000800000000000000004000000180100002020702500000000002020207b1af8ff00000000bfa108000000000047010000f6ffffffb702000008001000b703000000000000850000005d00000095"], &(0x7f0000000300)='GPL\x00', 0x1}, 0x94)

1.641352154s ago: executing program 3 (id=1531):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x7, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x2d, 0x101, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)

1.641207388s ago: executing program 2 (id=1532):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = openat$cgroup_pressure(r0, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000340)={'some', 0x20, 0x7, 0x20, 0xff}, 0x2f)
r2 = openat$cgroup_pressure(r0, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
ppoll(&(0x7f0000000180)=[{r1}], 0x1, 0x0, 0x0, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000340)={'some', 0x20, 0x4, 0x20, 0xffffa}, 0x2f)
close(r1)
close(r2)

1.521198616s ago: executing program 1 (id=1533):
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/oss_mixer\x00', 0x202, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000000c0)={0x84, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, &(0x7f0000000040))

909.75701ms ago: executing program 0 (id=1535):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x409464ed, &(0x7f00000000c0)={'c6xdigio\x00', [0x4f27, 0x2, 0x10000, 0x4, 0x4, 0x0, 0x8, 0x7, 0xa, 0x0, 0x2, 0x1, 0x1, 0x800, 0x6, 0xb4c, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x1, 0x0, 0xfffffff8]})

909.479906ms ago: executing program 0 (id=1536):
symlinkat(&(0x7f0000001040)='./cgroup\x00', 0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00')
r0 = memfd_create(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r2, 0x89e3, 0x0)
gettid()
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f024})
r4 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000100)={0x2, @vbi={0x9, 0x7, 0x7ffffffd, 0x4f565559, [0x1000, 0x1000007], [0x9, 0xffb], 0x108}})
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x80, 0x43}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="240000000a00008000001400070000ec1000"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x13, 0x4, &(0x7f0000000300)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1b, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
mount$tmpfs(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)

830.931909ms ago: executing program 0 (id=1537):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000fc0), 0x0, 0x0, 0x0})

830.586521ms ago: executing program 0 (id=1538):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000340)=<r0=>0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000000)={0x980914, 0x2})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(0xffffffffffffffff, 0xf502, 0x0)
r3 = fsopen(0x0, 0x0)
ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000002c0)=0x19)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = io_uring_setup(0x6001, 0x0)
close_range(r5, r5, 0x0)
bind$unix(r4, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r4, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r6, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
socket$unix(0x1, 0x1, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)

825.872915ms ago: executing program 3 (id=1539):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)

738.34218ms ago: executing program 3 (id=1540):
pipe(&(0x7f0000000580)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff}) (async)
fanotify_init(0x200, 0x0)
splice(r0, 0x0, r2, 0x0, 0x8007fff, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0xfffffffffffffd2d}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x16, 0x20000000, 0x0, 0xfffffffc}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004051}, 0x0)

738.188134ms ago: executing program 2 (id=1541):
socket$netlink(0x10, 0x3, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
syz_usb_connect(0x0, 0x24, &(0x7f0000000940)={{0x12, 0x1, 0x0, 0xa6, 0xff, 0x5, 0x40, 0xabcd, 0xcdee, 0x5b9, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x9c, 0x0, 0x0, 0x1, 0x3, 0x51}}]}}]}}, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000080000000140012800a00010076786c616e0042000400028008000a00", @ANYRES64=r0], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)

151.169579ms ago: executing program 1 (id=1542):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x8034, 0x2, 0x2}, 0x18, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/address_bits', 0x0, 0x0)
unshare(0x8000000) (async)
r1 = semget$private(0x0, 0x4000, 0x555) (async)
semtimedop(0x0, &(0x7f0000000c80)=[{0x2, 0x8, 0x1800}], 0x1, 0x0) (async)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000080)={'syz0\x00', {}, 0x7ff, [0x0, 0x3, 0x3ff, 0x8, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000000, 0x99, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xedc0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x0, 0x0, 0x0, 0x10000, 0x40003, 0x0, 0xc0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0xffffffff], [0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffc, 0x8ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x1], [0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x800, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7, 0x84, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
ioctl$UI_DEV_CREATE(r2, 0x5501)
unshare(0x2c040000) (async)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000680)=[0x0, 0xff, 0x2, 0x8, 0x9]) (async, rerun: 32)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) (rerun: 32)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYRES64], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r4}, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r5, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000045c0)=ANY=[@ANYBLOB="40100000", @ANYRES16=r6, @ANYBLOB="010000000000000000000c0000001410038004100400fc654c187d6eb5f0ca15095cc8787b50b96435ad3147dd10e867248d37187c2a131a62d105462ce34d5cf8ded36159aea612a3460534d8c298556e91590238f40dd2c7148d365ab6cdd5f2a7f74bac8d59f731c655a46917f18b28ed05e58b70287d26677601258a5c0ab9f679e2e520228c3a1f1aede04c6ba82cc38cc2ab6b35a24fb20e032dedf6f6caf4bfea5435f746f746fd46ca192e3744eb6908b358c10833bf484237ba654641e6186a45957c6345e61ea620fdc74383ce1df4a24e7044bae596f018736424a5bfa438865044e7026fa37a3540fadd0e89d87aecd3bc127e0cb10274991d6127224a0f2a4ef19e2c4dedbe45f2471abcc38c584ead0e3df3f9211022b2421fb6b327361e8f58f2b73134fc5444b350ede95ecef5bbbf9950e75c9f772a3ff0180d2cfac287228709726a6abbab2971982de7f1a9149d71dcbfd212e89ff17cf284b7f8ad82a469cb1c1e3d9d1d3689271c8dad0ba89dda651d4242062ac0bc5877e397236fa9476ac5fac7c2c896babca09d74720004cd0e634327de4fd87ed72ae069c095d2c70caed52e3335478c1c3719925e24f2fd7755baebd5cde385727a0f0440dd3b662248c43ff5afc4f186ff0051ba8eaa07623b79c4bb6985f14c5ac15041a6ff7584f921982e5414481d4db4c76798d70a59b5aeccb6e7882aefe70993758b55b4dc4039c2b1c98452113aaf23ccdf68cb6eff6e048f9da6f39a2def3caaf80cdcbadb83b029b8738391f02fec90c8a8b6f036aae8ceaff5dca7d3e0098423fedc676c6774ab0e6a72bd246c0b3004d1988f802b846d62ca59e9a63ce12814176ec4380e1cf29d27e7b2f7e7eadcaae8f182498ad32e67323fe6ef9508fec40dd38897652053ef92e44a909060c237890c196f0c26ab10248f999001f6231813a81313971bea77a5470f312d9e5957899adc99e430e4010a3a341482c51fb71c23c3cdf92303c7580c73775f9a74685a61ce9849eaca52b97ee7ffe2e672dc1be5267c285a102711b1b5d81d6dbb76494f2892fd4f85244ade3cdd3809fd5fdfce5157fc1658f0bceb379489732583707c170fc6392aa4f5b94843aeb18da58e0156e029c2b722918b1b3dc7c151cb9c248ddd18423629b53cd4b0ab2693b0df29c88c04657f4eccdc41357de8186fdc0ec86f92950734975921a2fde57c3e7176b57c871d76ff8a8f36520b67e64930cf34bcde9ad92d057a359ca022b646df18e2b7202845bd8ac4be5e5ebae436dc4b93dfaaf2778a53e7e4be937e83dac7d1d481bdbd8081ab0ac08af067e62580bbdbf397cbc629db9b023734b6fad7824d1a8b3257c1c18d6ebc928140060f004ec484b183560f830a1eb0c527c8600bb2600d761e847454e677aa29486aa407a9e9a5e9dc9542de038e3e55fdfec13184cdb16716556f972eef5c56230c43d146c86a9147265c309a279db6d138647920410896c5397c5f83634fa5e92b5161f786482d84830864388b91c2c1e3e9f9f038d5fa66f7fe904e14df0a60d46066c6b1f37cec6e13c35832f512be21da21a5921b81cc452b0076c2ec10fd5481cd0e1ca917b40cb3aa839b120ce6eb9773e942b74ececac6bdcd22eb8dd6cd9f148e0ebe5ef3094f42adc39bc5ca2259e1eab5059ccf5e82bb57b97d4d13a90747299b2e6b64f962aabf222e4f287503181de3c3a68fb2b0068583f3b97e40ce06e9805a7121eccac0527b8f1b18a62762efe0a9ce4114b7d1ba942bc93533ee0b1bd7f0a607207b976dfa1fbe3ce0868e7f4e31b41a0aada0ac6b291aefe22ea5338f07e57b981b8e4e4a121f231d2f46989fd5dd09a7c1d198f5886b4f1a222eccdabff096a81fef3c9e497621128562880938fe05a1f1c4da81daba55bf326f1e3a1712d79f01fbef2ee230615d4e454be67f0ad4dc2bfffaecbb683742925738b45854ab713ae548b9709e9ea2e28224ef466bced79e3ec6c163d45db187bc01c75afa85f78003927dcd122086acc8dd1b1224de41d62b83e34083dd39fe68aa5a479ba403f5dbddf9b763ca521b7efca6234be16484f1e0112d963672a6d24cdac15e80bcb82b3b22231670c41fe7e8a0a083b6df768e7fb0d94a004f8372f5cf8b9b45cc679eb67828a94d0ffabfe09d95ad2789cb8657f7ea86a46260416a72e6fc7b44e549a2e39fe015c7647cc0bec15fa63d26894be1cc5326331e7e0b1c505934182accf049bab033b026d48fda51de740afc0666e6c891e0c5192f4b2df21493477ff45319d7d8b816f0b73ccfa12d6846362feb4b85063ca42e950eb577c630300dc52698a38ca19cbbb398404a1e8e27d0be49985e59caef03da096d1ccbeed73bd7c9588325b747ab77f4d7c1c1f18388ce1771882ee680ed737ad197ff92f1052e5e79f6ffa5b85ba3fac5db13e0d0046c9dca0ab4b74b20299ba6bdd758940e088df31e1382cee6901503299028467a864d27affae30fd9aef5a6ff948c052124511a75a46d5a316e28fb6c5bfac787be5833c63c535557235b0e09f9a78a338aa8864613fca77a7e252d1975af2c4a6bcc969d1e20e3cd4dfc1b2fe34b70fd7804dbfde4fa4d950e5fb4eb926dece9e4601b12efe322bb42ac808158fef0a26900000000726654987e7de20d1e41e82c607c33c6bae7bb234744b51dc683d5857afd6ba8246cebc734e393806ef102a6baaf04f3a7c3cb888d5830e1c6ae170c5c920e806b4f518be4416b216cdf9b1658a412d9e4eab6c9b20ce99960f27e77fdf9a2e98b35c63859f9db6bdcbef1001a19e12e41370f9358531987851ab64c250e68a8569ace4418e2118caff7d3d4caf1c87bc50a8ae75770fdae88a8490c041b39d08190d8b7c908caddd66331a508929d53dd6bc2dbc86f97115ff0a364b70f96918e6ed354c97e59ea5e2c7b149cd51d7c85a27ac658e78b99326857858df0ac0ee240cbb6ee9d9ee6c2c2ff7c29dd25fd337dc08bddeb50305ed48b9f5d89c55ffedde29ce0412ea8e2c976f961eb0c4966d2a8be0b657a5e51048a8a10005c488e1f637ce208a35b5aed0c2067465191dc42ebf6e4853cc89998bdf2ef755f38a3cd985b62df36a5ebc3b47df32423ee46857f9db9d756ff69ecd4ef2f307dcaefd4a1f399543952df972269c28200df8ebacad4eed1c00b9ce9841799bea583cafdeaa8d4a371a8ae55d8ffe4846833985975d8b234adff63eace9d2c4d1680c370827ebe1831ef311077607e8c4920506e03528861085dcfdb918f1efe91420c390fbca0a38377e1635c402ec1c34eddae986ffa8756b27f6c340907bae99f4a6b328fca8177b4dfaceea5ad3ceb901dbcefc15ded322bece4e750969e81935764ebe88749464af7e692e3d324c519b456013daae93bd63215540380a7fe08f0e050cdeb25db2a8b9b6f5720ad1e7d2c5b6d609712eccd321d6211fb642a4cdf72504aabd017a9b4827d1e0e0264435a5e1045dbe33834968d2db503972995559b1efe1b9ce475405118346b63f637b1abf8e8374e7100d6b41c9c672d2b244c7a82ffb882522efd9e903fc69db14c469685780005843856c6623591f305d383eae55a1a1d5619dfff0027413f26fa6a793a348ba8b192e1b088745a2175d55517a75d4b63cce41cc0dcaca9002cd37a1ccc6710ba2a099297b0824f976919e8abf3b1510b1305a95241fefbd036afa9d4538affc82f005d29b9f2c0e60d6c20f673b8ca28cb088e1e89efe334f25ffe1a3fb3581e5aa63b9a4a49f269b5538788aacbbc04d49902ae2af1f59d2484ab6ba7a9b477be0d92e221fc48cdbc00bef7125bfe36f9afb1cbd58fef21625ec99ffd2e35fb00767e3f22dba7d36163203cfaf1860a8b1afe0d878ea00fe08f68fd592a6395fb357acbdc2834c8ac85571527dbf1dbaaccede3d583e2b9bf076737716785f44aebc7ba917fb426d5541adff1e75836ab70fb0b43565ab5e24c5902879f31701cc006b4ee2f57be0916cf0b6cd489c4fa9129031a4af75a00048f20eb962f0c6f68cda0d7756a4e83f7d065c4a00b8263d95f6b979507b7ca01735e83a5e5ff0b76f077ef6e4c1150f9202b5311a231b76111d48a387e09075edb2448fb19d2869ae420ada8ee7577fe980ed7e057dc963c0a98db790bb5b7920220f8a55213b6530637b832abdf3c6fefdefb712a2c2c9eba8087ce39335ddabdadb86f493061e593981c6b2d70b4bac3b58885787c46f85c1022f5ff6cec16ba227aa5dac2e0be30522c08369f18d170b9cb454f3ebf86d1e923fdd65245d8e0c476bfedddcb772453f4d0e70d059e79b8811c379c9eff6e45d99f81186930b32b24cdcb906a41fe29c147ed834b37e77800a33c15e65d121ee85a924ef6bbc1c8f4a423fbc5d14645a08178227f4c7f111fa318823a6c075ddf9e131c9bca8d56dec4a68fbab9a0c1a128880d8b4dec59b89ec33c19eb76f09f31ad730cba735b60deba54c399119949e45af4de5c758281945fe6b6a25ac1cd57a81b48f11a6575e79b82e529d4ba1b2a1175cfa03ef6d149b165195fa64736b302e28ee6444368fb395a2d89c8747348b546a07ed0306682971539f0031d88ffa020d0b3d40369e0a3d2238293a75a155eb5c0749f64ed37a9af5be26d5a4322a55a23c33d176280bd0e4c5168f2e66bca925304d0f32074f5e68d7c43f9e2e3f14a6bcf3e77e6b71737131c3e90208072e37c8a6cad1cabd756aa694e85b86256ce13b43541a26438374b6029ee461d223ed34ed1e9a3e580cec7b2b41bc9823b3729e683f079a498636d022799dd94c5e870b6aa7f3d36fb51ffb6c5e317fcde6b5ae45073f8e90ee0fc1fa0641ff6f0b789dcc6df2fe9a3b5e6ed9d2be3403f5af96e7c6019b0a0ce4f8342323638a52c121956de068069fe5c44946b5023e1db7742fec29cb749bcdc09d795b683c553dbae1298540b2cf1bc3e5e52adf252bca47ba2182c80541daf1d11b1c67675171e69c1abe3c0bc3a0f2d1a6e2165ca1647c394970a404a6002621a258cef01e2ca12a138888dace9ad06d2f0c0209f286c11b289626aa557cc201560651054a6042e84c6fc5e345e2f702d61851fed5ffa36ade652f76db815dabb7b8eee016ea0836d0086f2a2f7bd1c4a4ceb1d706817b41347a891c34b45eb06a9ecb19041d5a39f050cb0413662dc4700385fac2e1823e1ce4d08c66692fde0862a057f2aa2425d511735fff53d0e3d88bfb245e7724ba4ba8452e469862d333dad5c63bfa778809c043132db3a57e122d0495441f7a07034a3ac1024b8fc063694d8316c29639cb6605ff362a853f976c763f6d10e4e0972760e60f08acdd8a73607e7311819fe24ad8b670bbf0adede086f91bd0839ce37927f43a263e3e8369932db9ab786ba66e1bba664bfa8aa50d98ed18fc90e560933c2e8da72757a4539756740a73c41180cf97fde47cf3e9e6005302459d831eea7a03157e0c3178776e4d4add3999b9a1efca7c99b8234ff9d33492431dd9bd0814301ee49260e30b8b6afc46ce8a733bc9d7850c789e5e98cdefbfb11131a85bc24e75453a16c6780ab4229b985d1fe7a255f71cfe18398e881d493ded88300b54f6c4a5567fd84a6e1f11835433448a00420ab1b3a49fcc0e9938da52b68f9409c94a0de61f0beb69532c4f7a11fae6a9ffd10db7de01e3272448b517ad795a06f3fef8148b7196cb81a80aed42e395c1ac346dd27f9bce87661e19f957a17d54d59b68e023c1516ae9ba4d75f18d4b8fc7e9fe6f74e38597b0e52000000000008000200fd7f00000400010018000180140002007665746830"], 0x1040}}, 0x0)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f0000000300), 0x10) (async, rerun: 64)
r8 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r10=>0x0}) (async)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r10, {0x1}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) (async)
landlock_restrict_self(r0, 0x7) (async, rerun: 64)
r11 = fsopen(&(0x7f0000000080)='omfs\x00', 0x1) (rerun: 64)
fsconfig$FSCONFIG_SET_STRING(r11, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0) (async)
landlock_restrict_self(0xffffffffffffffff, 0x4) (async)
r12 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r12, &(0x7f0000000080)=[{&(0x7f0000000340)='L', 0x1}], 0x1, 0x87fffff, 0x7, 0x4)

91.32344ms ago: executing program 0 (id=1543):
r0 = openat$vmci(0xffffff9c, &(0x7f0000001180), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000000c0)={@hyper})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f00000010c0)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xde23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0xffffffff, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa], 0x1, 0x400})

91.15159ms ago: executing program 0 (id=1544):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'c6xdigio\x00', [0x4f27, 0x2, 0x10000, 0x4, 0x4, 0x0, 0x8, 0x7, 0xa, 0x0, 0x2, 0x1, 0x1, 0x800, 0x6, 0xb4c, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x1, 0x0, 0xfffffff8]}) (fail_nth: 4)

91.020202ms ago: executing program 1 (id=1545):
symlinkat(&(0x7f0000001040)='./cgroup\x00', 0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00')
r0 = memfd_create(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r2, 0x89e3, 0x0)
gettid()
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f024})
r4 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000100)={0x2, @vbi={0x9, 0x7, 0x7ffffffd, 0x4f565559, [0x1000, 0x1000007], [0x9, 0xffb], 0x108}})
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x80, 0x43}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="240000000a00008000001400070000ec1000"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x13, 0x4, &(0x7f0000000300)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1b, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
mount$tmpfs(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)

196.597µs ago: executing program 1 (id=1546):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_LEAVE_OCB(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r0, 0x100, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x2, 0x7}}}}, ["", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000140)=""/30, &(0x7f0000000180)=0x1e) (async)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, './file0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r1, 0x89f5, &(0x7f00000002c0)={'sit0\x00', &(0x7f0000000200)={@rand_addr=0x64010100, 0x0, 0x0, 0x90, 0x0, [{@multicast1}, {@multicast1}, {@initdev}, {@initdev}, {@initdev}, {@empty}, {@private}, {@initdev}, {}]}}) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r1) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan0\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wpan3\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r3, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x50, r4, 0x0, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x44)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r7, 0x84, 0x12, &(0x7f0000000540)=0x8, 0x4) (async)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f00000005c0), r3)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000600)=<r9=>0x0)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r3, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x11002}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x34, r8, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x3}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0xa}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x5db}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x80) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FLUSH_PMKSA(r1, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x28, r2, 0x8, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x5, 0x35}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x14}, 0x1) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000880)=<r11=>0x0) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000008c0)=<r12=>0x0)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r3, &(0x7f00000009c0)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x54, r8, 0x0, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xffffffffffffffff}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x2}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r12}]}, 0x54}, 0x1, 0x0, 0x0, 0x8010}, 0x6) (async)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r1, 0x3312, 0xffffffffffffffff)
r13 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000a40), 0xffffffffffffffff)
sendmsg$NLBL_CALIPSO_C_LIST(r3, &(0x7f0000000b40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x44, r13, 0x8, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x44005) (async)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000bc0), r1)
sendmsg$TIPC_NL_LINK_SET(r14, &(0x7f0000000e80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000c00)={0x210, r15, 0xb03, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xd2a4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1ff}]}, @TIPC_NLA_SOCK={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfff}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x6a}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x5c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffffe}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xe6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x83a1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x10000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}]}, @TIPC_NLA_SOCK={0x48, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10000}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}]}]}, @TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NODE={0xd0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "96359abcea77e577162c090a6a62d5f29ce227b960ff11a31d01cd313444c53293b2"}}, @TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "bc10e89df3e2eae3c88dc20710011487941ae5364cb68f3dfc918074"}}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "2e532570f6956f205241fafa94a1822fba07d94d"}}]}]}, 0x210}, 0x1, 0x0, 0x0, 0x4}, 0x800) (async)
read(r7, &(0x7f0000000ec0)=""/23, 0x17)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r3, &(0x7f0000001000)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f40)={0x5c, r4, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SEC_DEVICE={0xc, 0x2e, 0x0, 0x1, [@NL802154_DEV_ATTR_KEY_MODE={0x8, 0x6, 0x1}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_SEC_DEVICE={0x20, 0x2e, 0x0, 0x1, [@NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}, @NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x9}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r1, &(0x7f0000001100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001080)={0x14, r2, 0x4, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x1)

0s ago: executing program 1 (id=1547):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x7, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x2d, 0x101, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)

kernel console output (not intermixed with test programs):

83464][ T7885]  should_failslab+0xc2/0x120
[  123.783477][ T7885]  __kmalloc_noprof+0xd2/0x510
[  123.783490][ T7885]  tomoyo_realpath_from_path+0xc2/0x6e0
[  123.783507][ T7885]  ? tomoyo_profile+0x47/0x60
[  123.783518][ T7885]  tomoyo_path_number_perm+0x245/0x580
[  123.783530][ T7885]  ? tomoyo_path_number_perm+0x237/0x580
[  123.783544][ T7885]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  123.783557][ T7885]  ? find_held_lock+0x2b/0x80
[  123.783582][ T7885]  ? find_held_lock+0x2b/0x80
[  123.783594][ T7885]  ? hook_file_ioctl_common+0x145/0x410
[  123.783607][ T7885]  ? __fget_files+0x20e/0x3c0
[  123.783620][ T7885]  security_file_ioctl+0x9b/0x240
[  123.783636][ T7885]  __x64_sys_ioctl+0xb7/0x210
[  123.783653][ T7885]  do_syscall_64+0xcd/0x4c0
[  123.783666][ T7885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.783676][ T7885] RIP: 0033:0x7f57ebd8ebe9
[  123.783685][ T7885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.783695][ T7885] RSP: 002b:00007f57ecb87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  123.783706][ T7885] RAX: ffffffffffffffda RBX: 00007f57ebfb5fa0 RCX: 00007f57ebd8ebe9
[  123.783712][ T7885] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003
[  123.783719][ T7885] RBP: 00007f57ecb87090 R08: 0000000000000000 R09: 0000000000000000
[  123.783724][ T7885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.783730][ T7885] R13: 00007f57ebfb6038 R14: 00007f57ebfb5fa0 R15: 00007ffd0d5db3c8
[  123.783743][ T7885]  </TASK>
[  123.783747][ T7885] ERROR: Out of memory at tomoyo_realpath_from_path.
[  123.942737][   T54] usb 7-1: GET_CAPABILITIES returned 0
[  123.945602][   T54] usbtmc 7-1:16.0: can't read capabilities
[  124.024968][ T7894] lo speed is unknown, defaulting to 1000
[  124.146569][   T54] usb 7-1: USB disconnect, device number 7
[  124.475010][ T7921] FAULT_INJECTION: forcing a failure.
[  124.475010][ T7921] name failslab, interval 1, probability 0, space 0, times 0
[  124.478936][ T7921] CPU: 2 UID: 0 PID: 7921 Comm: syz.1.594 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  124.478951][ T7921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  124.478957][ T7921] Call Trace:
[  124.478960][ T7921]  <TASK>
[  124.478965][ T7921]  dump_stack_lvl+0x16c/0x1f0
[  124.478978][ T7921]  should_fail_ex+0x512/0x640
[  124.478989][ T7921]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  124.479007][ T7921]  should_failslab+0xc2/0x120
[  124.479019][ T7921]  __kmalloc_cache_noprof+0x6a/0x3e0
[  124.479035][ T7921]  ? kvm_dev_ioctl+0x13ce/0x1af0
[  124.479048][ T7921]  kvm_dev_ioctl+0x13ce/0x1af0
[  124.479063][ T7921]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  124.479076][ T7921]  ? selinux_file_ioctl+0x180/0x270
[  124.479091][ T7921]  ? selinux_file_ioctl+0xb4/0x270
[  124.479106][ T7921]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  124.479117][ T7921]  __x64_sys_ioctl+0x18b/0x210
[  124.479134][ T7921]  do_syscall_64+0xcd/0x4c0
[  124.479146][ T7921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.479157][ T7921] RIP: 0033:0x7f0e38f8ebe9
[  124.479165][ T7921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.479175][ T7921] RSP: 002b:00007f0e39e4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  124.479185][ T7921] RAX: ffffffffffffffda RBX: 00007f0e391b5fa0 RCX: 00007f0e38f8ebe9
[  124.479192][ T7921] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003
[  124.479198][ T7921] RBP: 00007f0e39e4a090 R08: 0000000000000000 R09: 0000000000000000
[  124.479204][ T7921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  124.479209][ T7921] R13: 00007f0e391b6038 R14: 00007f0e391b5fa0 R15: 00007ffefcb42018
[  124.479222][ T7921]  </TASK>
[  124.616861][ T7927] netlink: 4 bytes leftover after parsing attributes in process `syz.3.597'.
[  124.665156][ T5378] Dev loop2: unable to read RDB block 7
[  124.667574][ T5378]  loop2: AHDI p2 p3
[  124.669132][ T5378] loop2: partition table partially beyond EOD, truncated
[  124.672013][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  124.718005][ T5378] Dev loop2: unable to read RDB block 7
[  124.719796][ T5378]  loop2: AHDI p2 p3
[  124.721035][ T5378] loop2: partition table partially beyond EOD, truncated
[  124.723322][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  124.762320][ T7941] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.764390][    T9] tipc: Node number set to 1
[  124.790496][ T7943] netlink: 16 bytes leftover after parsing attributes in process `syz.1.605'.
[  124.830401][ T7941] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.922862][ T7958] netlink: 36 bytes leftover after parsing attributes in process `syz.1.610'.
[  124.928868][ T7941] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.959112][ T7960] netlink: 'syz.1.611': attribute type 1 has an invalid length.
[  124.971269][ T7960] 8021q: adding VLAN 0 to HW filter on device bond4
[  124.996504][ T7941] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.064753][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.072450][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.079923][ T1145] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.087702][ T1145] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.144138][   T54] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  125.294181][   T54] usb 5-1: Using ep0 maxpacket: 8
[  125.297078][   T54] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  125.300097][   T54] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  125.303080][   T54] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  125.306361][   T54] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  125.310365][   T54] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  125.313253][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.519577][   T54] usb 5-1: usb_control_msg returned -71
[  125.524233][   T54] usbtmc 5-1:16.0: can't read capabilities
[  125.531083][   T54] usb 5-1: USB disconnect, device number 12
[  125.567033][ T5378] Dev loop2: unable to read RDB block 7
[  125.568908][ T5378]  loop2: AHDI p2 p3
[  125.570169][ T5378] loop2: partition table partially beyond EOD, truncated
[  125.572501][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  125.587784][   T40] kauditd_printk_skb: 119 callbacks suppressed
[  125.587794][   T40] audit: type=1400 audit(1754769569.099:547): avc:  denied  { read write } for  pid=7970 comm="syz.2.615" name="vhost-vsock" dev="devtmpfs" ino=1301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  125.597437][   T40] audit: type=1400 audit(1754769569.099:548): avc:  denied  { open } for  pid=7970 comm="syz.2.615" path="/dev/vhost-vsock" dev="devtmpfs" ino=1301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  125.604909][   T40] audit: type=1400 audit(1754769569.099:549): avc:  denied  { setopt } for  pid=7970 comm="syz.2.615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  125.616902][ T5378] Dev loop2: unable to read RDB block 7
[  125.618686][ T5378]  loop2: AHDI p2 p3
[  125.620097][ T5378] loop2: partition table partially beyond EOD, truncated
[  125.622484][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  125.643941][   T40] audit: type=1400 audit(1754769569.149:550): avc:  denied  { create } for  pid=7973 comm="syz.2.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  125.645067][ T7974] syz.2.616 uses old SIOCAX25GETINFO
[  125.651432][   T40] audit: type=1400 audit(1754769569.159:551): avc:  denied  { ioctl } for  pid=7973 comm="syz.2.616" path="socket:[15999]" dev="sockfs" ino=15999 ioctlcmd=0x89e9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  125.670218][   T40] audit: type=1400 audit(1754769569.179:552): avc:  denied  { read } for  pid=7973 comm="syz.2.616" path="socket:[17094]" dev="sockfs" ino=17094 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  125.682531][ T7974] netlink: 4 bytes leftover after parsing attributes in process `syz.2.616'.
[  125.696867][ T5378] Dev loop2: unable to read RDB block 7
[  125.698661][ T5378]  loop2: AHDI p2 p3
[  125.699928][ T5378] loop2: partition table partially beyond EOD, truncated
[  125.702178][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  125.706537][ T7977] netlink: 'syz.2.617': attribute type 1 has an invalid length.
[  125.752074][ T7977] 8021q: adding VLAN 0 to HW filter on device bond3
[  125.755605][ T7977] bond2: (slave bond3): making interface the new active one
[  125.758078][ T7977] bond2: (slave bond3): Enslaving as an active interface with an up link
[  125.804760][ T5378] Dev loop2: unable to read RDB block 7
[  125.806554][ T5378]  loop2: AHDI p2 p3
[  125.807841][ T5378] loop2: partition table partially beyond EOD, truncated
[  125.810109][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  125.897058][ T5378] Dev loop2: unable to read RDB block 7
[  125.898857][ T5378]  loop2: AHDI p2 p3
[  125.900121][ T5378] loop2: partition table partially beyond EOD, truncated
[  125.902363][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  125.937510][ T5378] Dev loop2: unable to read RDB block 7
[  125.939549][ T5378]  loop2: AHDI p2 p3
[  125.940794][ T5378] loop2: partition table partially beyond EOD, truncated
[  125.943074][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  125.967281][   T40] audit: type=1400 audit(1754769569.479:553): avc:  denied  { mount } for  pid=7986 comm="syz.2.621" name="/" dev="9p" ino=35913891 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  125.974723][   T40] audit: type=1400 audit(1754769569.489:554): avc:  denied  { add_name } for  pid=7986 comm="syz.2.621" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  125.979851][ T7987] FAULT_INJECTION: forcing a failure.
[  125.979851][ T7987] name failslab, interval 1, probability 0, space 0, times 0
[  125.981377][   T40] audit: type=1400 audit(1754769569.489:555): avc:  denied  { create } for  pid=7986 comm="syz.2.621" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  125.985302][ T7987] CPU: 3 UID: 0 PID: 7987 Comm: syz.2.621 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  125.985317][ T7987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.985324][ T7987] Call Trace:
[  125.985328][ T7987]  <TASK>
[  125.985332][ T7987]  dump_stack_lvl+0x16c/0x1f0
[  125.985346][ T7987]  should_fail_ex+0x512/0x640
[  125.985357][ T7987]  ? __kvmalloc_node_noprof+0x124/0x620
[  125.985376][ T7987]  should_failslab+0xc2/0x120
[  125.985388][ T7987]  __kvmalloc_node_noprof+0x137/0x620
[  125.985406][ T7987]  ? want_pages_array+0x90/0xe0
[  125.985420][ T7987]  ? want_pages_array+0x90/0xe0
[  125.985431][ T7987]  want_pages_array+0x90/0xe0
[  125.985443][ T7987]  __iov_iter_get_pages_alloc+0xbf4/0x20a0
[  125.985459][ T7987]  ? trace_kmem_cache_alloc+0x28/0xc0
[  125.985473][ T7987]  ? radix_tree_node_alloc.constprop.0+0x1e8/0x350
[  125.985490][ T7987]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[  125.985504][ T7987]  ? radix_tree_node_alloc.constprop.0+0x1b8/0x350
[  125.985522][ T7987]  ? delete_node+0x207/0x8d0
[  125.985538][ T7987]  iov_iter_get_pages_alloc2+0x53/0xf0
[  125.985552][ T7987]  p9_get_mapped_pages.part.0.constprop.0+0x4e6/0x850
[  125.985570][ T7987]  ? p9pdu_vwritef+0x658/0x1d30
[  125.985583][ T7987]  ? __pfx_p9_get_mapped_pages.part.0.constprop.0+0x10/0x10
[  125.985603][ T7987]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  125.985619][ T7987]  p9_virtio_zc_request+0x9ca/0x1510
[  125.985634][ T7987]  ? p9pdu_vwritef+0x658/0x1d30
[  125.985649][ T7987]  ? __pfx_p9pdu_writef+0x10/0x10
[  125.985662][ T7987]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  125.985678][ T7987]  ? __pfx_p9_tag_alloc+0x10/0x10
[  125.985691][ T7987]  ? trace_9p_protocol_dump+0x190/0x210
[  125.985705][ T7987]  ? rcu_is_watching+0x12/0xc0
[  125.985718][ T7987]  ? p9_client_prepare_req+0x112/0x4d0
[  125.985729][ T7987]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  125.985742][ T7987]  ? __lock_acquire+0x62e/0x1ce0
[  125.985760][ T7987]  p9_client_zc_rpc.constprop.0+0x29c/0x880
[  125.985775][ T7987]  ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10
[  125.985794][ T7987]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  125.985810][ T7987]  p9_client_read_once+0x3d2/0x860
[  125.985825][ T7987]  ? __pfx_p9_client_read_once+0x10/0x10
[  125.985838][ T7987]  ? __lock_acquire+0xb97/0x1ce0
[  125.985857][ T7987]  p9_client_read+0x13f/0x1b0
[  125.985871][ T7987]  v9fs_issue_read+0x117/0x390
[  125.985885][ T7987]  ? __pfx_v9fs_issue_read+0x10/0x10
[  125.985898][ T7987]  ? netfs_unbuffered_read_iter_locked+0x7e7/0x15c0
[  125.985912][ T7987]  ? iov_iter_advance+0x380/0x6c0
[  125.985926][ T7987]  netfs_unbuffered_read_iter_locked+0xaca/0x15c0
[  125.985945][ T7987]  netfs_unbuffered_read_iter+0xc5/0x100
[  125.985959][ T7987]  v9fs_file_read_iter+0xbf/0x100
[  125.985973][ T7987]  copy_splice_read+0x618/0xc20
[  125.985987][ T7987]  ? __pfx_copy_splice_read+0x10/0x10
[  125.986002][ T7987]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  125.986013][ T7987]  ? register_lock_class+0x41/0x4c0
[  125.986037][ T7987]  v9fs_file_splice_read+0xc8/0xe0
[  125.986051][ T7987]  ? __pfx_v9fs_file_splice_read+0x10/0x10
[  125.986064][ T7987]  do_splice_read+0x282/0x370
[  125.986076][ T7987]  splice_direct_to_actor+0x2a1/0xa30
[  125.986088][ T7987]  ? __pfx_direct_splice_actor+0x10/0x10
[  125.986101][ T7987]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  125.986111][ T7987]  ? get_pid_task+0xfc/0x250
[  125.986124][ T7987]  do_splice_direct+0x174/0x240
[  125.986135][ T7987]  ? __pfx_do_splice_direct+0x10/0x10
[  125.986146][ T7987]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  125.986158][ T7987]  ? rw_verify_area+0xcf/0x6c0
[  125.986176][ T7987]  do_sendfile+0xb06/0xe50
[  125.986187][ T7987]  ? __pfx_do_sendfile+0x10/0x10
[  125.986202][ T7987]  __x64_sys_sendfile64+0x154/0x220
[  125.986216][ T7987]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  125.986233][ T7987]  do_syscall_64+0xcd/0x4c0
[  125.986245][ T7987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.986255][ T7987] RIP: 0033:0x7f331a58ebe9
[  125.986264][ T7987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.986274][ T7987] RSP: 002b:00007f33187f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  125.986285][ T7987] RAX: ffffffffffffffda RBX: 00007f331a7b5fa0 RCX: 00007f331a58ebe9
[  125.986291][ T7987] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  125.986297][ T7987] RBP: 00007f33187f6090 R08: 0000000000000000 R09: 0000000000000000
[  125.986303][ T7987] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000002
[  125.986309][ T7987] R13: 00007f331a7b6038 R14: 00007f331a7b5fa0 R15: 00007fff19aea4b8
[  125.986322][ T7987]  </TASK>
[  125.987469][ T7987] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000l4'
[  125.991452][   T40] audit: type=1400 audit(1754769569.489:556): avc:  denied  { associate } for  pid=7986 comm="syz.2.621" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  126.184457][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  126.212183][ T5378] Dev loop2: unable to read RDB block 7
[  126.213978][ T5378]  loop2: AHDI p2 p3
[  126.216325][ T5378] loop2: partition table partially beyond EOD, truncated
[  126.218554][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  126.258467][ T5378] Dev loop2: unable to read RDB block 7
[  126.260253][ T5378]  loop2: AHDI p2 p3
[  126.261431][ T5378] loop2: partition table partially beyond EOD, truncated
[  126.263648][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  126.417018][ T5378] Dev loop2: unable to read RDB block 7
[  126.418811][ T5378]  loop2: AHDI p2 p3
[  126.420059][ T5378] loop2: partition table partially beyond EOD, truncated
[  126.422331][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  126.427933][ T8000] netlink: 4 bytes leftover after parsing attributes in process `syz.2.626'.
[  126.495895][ T5378] Dev loop2: unable to read RDB block 7
[  126.497679][ T5378]  loop2: AHDI p2 p3
[  126.498940][ T5378] loop2: partition table partially beyond EOD, truncated
[  126.501179][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  126.507018][ T8002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.627'.
[  126.824614][   T60] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  127.165329][ T5378] Dev loop2: unable to read RDB block 7
[  127.167105][ T5378]  loop2: AHDI p2 p3
[  127.168659][ T5378] loop2: partition table partially beyond EOD, truncated
[  127.170927][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  127.173870][ T8009] =======================================================
[  127.173870][ T8009] WARNING: The mand mount option has been deprecated and
[  127.173870][ T8009]          and is ignored by this kernel. Remove the mand
[  127.173870][ T8009]          option from the mount to silence this warning.
[  127.173870][ T8009] =======================================================
[  127.200332][ T5378] Dev loop2: unable to read RDB block 7
[  127.202542][ T5378]  loop2: AHDI p2 p3
[  127.204680][ T5378] loop2: partition table partially beyond EOD, truncated
[  127.207203][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  127.403572][ T5378] Dev loop2: unable to read RDB block 7
[  127.405580][ T5378]  loop2: AHDI p2 p3
[  127.406962][ T5378] loop2: partition table partially beyond EOD, truncated
[  127.409283][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  127.472163][ T8016] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000l4'
[  127.504258][   T29] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  127.664226][   T29] usb 5-1: Using ep0 maxpacket: 8
[  127.667702][   T29] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  127.670642][   T29] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  127.673595][   T29] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  127.677677][   T29] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  127.681736][   T29] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  127.686431][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.689857][ T5378] Dev loop2: unable to read RDB block 7
[  127.691642][ T5378]  loop2: AHDI p2 p3
[  127.692890][ T5378] loop2: partition table partially beyond EOD, truncated
[  127.695314][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  127.700227][ T8018] /dev/sg0: Can't lookup blockdev
[  127.740909][ T5378] Dev loop2: unable to read RDB block 7
[  127.742875][ T5378]  loop2: AHDI p2 p3
[  127.744249][ T5378] loop2: partition table partially beyond EOD, truncated
[  127.746534][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  127.751463][ T8022] loop6: detected capacity change from 0 to 524288000
[  127.814798][ T8022] support for the xor transformation has been removed.
[  127.847855][ T5378] Dev loop2: unable to read RDB block 7
[  127.849626][ T5378]  loop2: AHDI p2 p3
[  127.850895][ T5378] loop2: partition table partially beyond EOD, truncated
[  127.853186][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  127.893380][   T29] usb 5-1: usb_control_msg returned -71
[  127.895700][   T29] usbtmc 5-1:16.0: can't read capabilities
[  127.901336][   T29] usb 5-1: USB disconnect, device number 13
[  127.977099][ T5378] Dev loop2: unable to read RDB block 7
[  127.978912][ T5378]  loop2: AHDI p2 p3
[  127.980168][ T5378] loop2: partition table partially beyond EOD, truncated
[  127.982444][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  128.839688][ T5378] Dev loop2: unable to read RDB block 7
[  128.841589][ T5378]  loop2: AHDI p2 p3
[  128.842966][ T5378] loop2: partition table partially beyond EOD, truncated
[  128.847338][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  128.886514][ T5378] Dev loop2: unable to read RDB block 7
[  128.888402][ T5378]  loop2: AHDI p2 p3
[  128.889653][ T5378] loop2: partition table partially beyond EOD, truncated
[  128.892052][ T5378] loop2: p3 start 335544320 is beyond EOD, truncated
[  128.966483][ T8067] Bluetooth: MGMT ver 1.23
[  129.134226][   T24] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  129.284220][   T24] usb 7-1: Using ep0 maxpacket: 8
[  129.287716][   T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  129.291068][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  129.295249][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  129.298696][   T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  129.303298][   T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  129.307016][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.522409][   T24] usb 7-1: usb_control_msg returned -71
[  129.524226][   T24] usbtmc 7-1:16.0: can't read capabilities
[  129.530698][   T24] usb 7-1: USB disconnect, device number 8
[  129.685329][   T63] Bluetooth: unknown link type 42
[  129.687120][   T63] Bluetooth: hci1: connection err: -111
[  130.344135][   T29] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  130.512853][   T29] usb 7-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.517323][   T29] usb 7-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.521638][   T29] usb 7-1: config 0 interface 0 has no altsetting 0
[  130.584977][   T29] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  130.590516][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.595102][   T29] usb 7-1: config 0 descriptor??
[  131.224430][ T1145] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  131.298069][   T29] usb 7-1: string descriptor 0 read error: -22
[  131.325510][   T40] kauditd_printk_skb: 29 callbacks suppressed
[  131.325524][   T40] audit: type=1400 audit(1754769574.839:586): avc:  denied  { create } for  pid=8123 comm="syz.0.679" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  131.388838][ T8125] random: crng reseeded on system resumption
[  131.394723][   T40] audit: type=1400 audit(1754769574.899:587): avc:  denied  { append } for  pid=8123 comm="syz.0.679" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  131.402046][   T40] audit: type=1400 audit(1754769574.899:588): avc:  denied  { open } for  pid=8123 comm="syz.0.679" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  131.567761][   T29] uclogic 0003:256C:006D.0006: interface is invalid, ignoring
[  131.883286][   T29] usb 7-1: USB disconnect, device number 9
[  132.050645][ T8139] sctp: [Deprecated]: syz.0.685 (pid 8139) Use of struct sctp_assoc_value in delayed_ack socket option.
[  132.050645][ T8139] Use struct sctp_sack_info instead
[  132.101172][   T40] audit: type=1400 audit(1754769575.609:589): avc:  denied  { bind } for  pid=8143 comm="syz.0.687" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  132.107629][   T40] audit: type=1400 audit(1754769575.609:590): avc:  denied  { connect } for  pid=8143 comm="syz.0.687" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  132.113809][   T40] audit: type=1400 audit(1754769575.609:591): avc:  denied  { create } for  pid=8143 comm="syz.0.687" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  132.120150][   T40] audit: type=1400 audit(1754769575.609:592): avc:  denied  { write } for  pid=8143 comm="syz.0.687" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  132.331255][ T8162] sctp: [Deprecated]: syz.1.695 (pid 8162) Use of struct sctp_assoc_value in delayed_ack socket option.
[  132.331255][ T8162] Use struct sctp_sack_info instead
[  132.587540][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  132.589756][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  132.594554][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  133.109882][   T40] audit: type=1400 audit(1754769576.619:593): avc:  denied  { read } for  pid=8169 comm="syz.3.697" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  133.119223][   T40] audit: type=1400 audit(1754769576.619:594): avc:  denied  { open } for  pid=8169 comm="syz.3.697" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  133.126931][   T40] audit: type=1400 audit(1754769576.619:595): avc:  denied  { ioctl } for  pid=8169 comm="syz.3.697" path="/dev/usbmon0" dev="devtmpfs" ino=737 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  133.704699][ T7023] net_ratelimit: 2 callbacks suppressed
[  133.704711][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.865345][ T1145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.041641][ T8254] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.045601][ T8254] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.049125][ T8254] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.051896][ T8254] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.055355][ T8254] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.058152][ T8254] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.060913][ T8254] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.063531][ T8254] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.126731][ T8259] netlink: 8 bytes leftover after parsing attributes in process `syz.2.739'.
[  135.092663][ T8291] netlink: 8 bytes leftover after parsing attributes in process `syz.0.750'.
[  135.309441][ T8312] netlink: 8 bytes leftover after parsing attributes in process `syz.3.759'.
[  135.831743][ T8350] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8350 comm=syz.2.776
[  135.946256][   T63] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  136.265369][ T7086] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  136.929769][ T8396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.797'.
[  137.132083][ T8408] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8408 comm=syz.2.803
[  137.840423][ T8435] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8435 comm=syz.0.815
[  138.032995][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  138.033005][   T40] audit: type=1326 audit(1754769581.539:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8443 comm="syz.0.819" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57ebd8ebe9 code=0x0
[  138.354544][   T60] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  138.405178][ T8469] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8469 comm=syz.1.830
[  138.608555][ T8482] sctp: [Deprecated]: syz.1.836 (pid 8482) Use of struct sctp_assoc_value in delayed_ack socket option.
[  138.608555][ T8482] Use struct sctp_sack_info instead
[  138.904451][ T1026] net_ratelimit: 1496 callbacks suppressed
[  138.904486][ T1026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.919676][ T8491] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8491 comm=syz.2.840
[  139.076122][   T40] audit: type=1400 audit(1754769582.589:601): avc:  denied  { write } for  pid=8502 comm="syz.2.846" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  139.083197][   T40] audit: type=1400 audit(1754769582.589:602): avc:  denied  { open } for  pid=8502 comm="syz.2.846" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  139.090946][   T40] audit: type=1400 audit(1754769582.589:603): avc:  denied  { ioctl } for  pid=8502 comm="syz.2.846" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  139.624393][ T7086] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  139.954278][ T1026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  140.013027][ T8586] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8586 comm=syz.1.882
[  140.196882][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  140.404177][ T6012] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  140.554139][ T6012] usb 7-1: Using ep0 maxpacket: 8
[  140.557120][ T6012] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  140.560123][ T6012] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  140.563208][ T6012] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  140.566960][ T6012] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  140.570992][ T6012] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  140.573863][ T6012] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.779421][ T6012] usb 7-1: GET_CAPABILITIES returned 0
[  140.781216][ T6012] usbtmc 7-1:16.0: can't read capabilities
[  140.792052][   T63] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  140.980223][ T6012] usb 7-1: USB disconnect, device number 10
[  141.004239][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  141.161991][ T8643] sctp: [Deprecated]: syz.1.908 (pid 8643) Use of struct sctp_assoc_value in delayed_ack socket option.
[  141.161991][ T8643] Use struct sctp_sack_info instead
[  141.511082][ T8649] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8649 comm=syz.2.909
[  141.549296][ T1156] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  141.854193][ T6012] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  141.984204][ T6012] usb 7-1: device descriptor read/64, error -71
[  142.028064][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.059362][ T8671] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8671 comm=syz.3.920
[  142.115754][ T8679] sctp: [Deprecated]: syz.3.925 (pid 8679) Use of struct sctp_assoc_value in delayed_ack socket option.
[  142.115754][ T8679] Use struct sctp_sack_info instead
[  142.151173][   T63] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  142.234099][ T6012] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  142.291255][ T8698] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8698 comm=syz.1.932
[  142.364120][ T6012] usb 7-1: device descriptor read/64, error -71
[  142.439032][   T63] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  142.474312][ T6012] usb usb7-port1: attempt power cycle
[  142.834508][   T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.864119][ T6012] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  143.025138][ T8724] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8724 comm=syz.3.943
[  143.088798][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.387115][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.405233][ T6012] usb 7-1: device descriptor read/8, error -71
[  143.431224][ T8738] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.600631][   T63] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  143.644172][ T6012] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  143.675793][ T6012] usb 7-1: device descriptor read/8, error -71
[  143.785312][ T6012] usb usb7-port1: unable to enumerate USB device
[  143.864155][   T54] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  144.076193][   T54] usb 6-1: Using ep0 maxpacket: 8
[  144.079859][   T54] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  144.083719][   T54] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  144.087822][   T54] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  144.091612][   T54] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  144.096626][   T54] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  144.100106][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.114391][   T34] net_ratelimit: 1 callbacks suppressed
[  144.114416][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.114655][   T60] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  144.306320][   T54] usb 6-1: GET_CAPABILITIES returned 0
[  144.308593][   T54] usbtmc 6-1:16.0: can't read capabilities
[  144.507492][   T54] usb 6-1: USB disconnect, device number 13
[  144.894002][ T8787] sctp: [Deprecated]: syz.0.972 (pid 8787) Use of struct sctp_assoc_value in delayed_ack socket option.
[  144.894002][ T8787] Use struct sctp_sack_info instead
[  144.923129][ T8792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.926427][ T8792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.929098][ T8792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.931683][ T8792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.934335][ T8792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.936911][ T8792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.939563][ T8792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.942117][ T8792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.946158][ T8792] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.045175][ T8800] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8800 comm=syz.3.977
[  145.076347][ T8806] netlink: 16 bytes leftover after parsing attributes in process `syz.3.979'.
[  145.684173][   T34] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  145.840717][ T8825] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8825 comm=syz.0.988
[  145.844729][   T34] usb 6-1: Using ep0 maxpacket: 8
[  145.848691][   T34] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  145.851767][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  145.854906][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  145.858071][   T34] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  145.862064][   T34] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  145.865277][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.058220][ T8838] sctp: [Deprecated]: syz.2.994 (pid 8838) Use of struct sctp_assoc_value in delayed_ack socket option.
[  146.058220][ T8838] Use struct sctp_sack_info instead
[  146.071069][   T34] usb 6-1: GET_CAPABILITIES returned 0
[  146.072864][   T34] usbtmc 6-1:16.0: can't read capabilities
[  146.200704][ T8847] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8847 comm=syz.0.997
[  146.273003][   T29] usb 6-1: USB disconnect, device number 14
[  147.138668][   T63] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[  147.305371][ T1145] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  147.503643][ T8900] binder: BINDER_SET_CONTEXT_MGR already set
[  147.506981][ T8900] binder: 8898:8900 ioctl 4018620d 200000004a80 returned -16
[  147.554106][ T8908] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1023'.
[  147.957838][ T8919] binder: 8918:8919 ioctl c0306201 2000000001c0 returned -14
[  148.129663][ T8931] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1032'.
[  148.376960][   T40] audit: type=1326 audit(1754769591.889:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8940 comm="syz.0.1037" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57ebd8ebe9 code=0x0
[  148.444508][ T8952] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1042'.
[  148.523445][ T8958] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8958 comm=syz.1.1045
[  148.551631][ T8962] binder: BINDER_SET_CONTEXT_MGR already set
[  148.553552][ T8962] binder: 8960:8962 ioctl 4018620d 200000004a80 returned -16
[  148.724974][ T8968] sctp: [Deprecated]: syz.3.1050 (pid 8968) Use of struct sctp_assoc_value in delayed_ack socket option.
[  148.724974][ T8968] Use struct sctp_sack_info instead
[  148.804116][ T1026] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  148.934151][ T1026] usb 6-1: device descriptor read/64, error -71
[  149.167398][   T40] audit: type=1400 audit(1754769592.679:605): avc:  denied  { create } for  pid=8975 comm="syz.0.1053" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  149.182755][   T40] audit: type=1400 audit(1754769592.689:606): avc:  denied  { unlink } for  pid=5964 comm="syz-executor" name="file0" dev="tmpfs" ino=1533 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  149.184166][ T1026] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  149.251295][ T8981] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=8981 comm=syz.0.1055
[  149.314730][ T1026] usb 6-1: device descriptor read/64, error -71
[  149.316826][   T34] net_ratelimit: 2233 callbacks suppressed
[  149.316836][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.425363][ T1026] usb usb6-port1: attempt power cycle
[  149.432394][ T8990] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1059'.
[  149.566572][   T40] audit: type=1326 audit(1754769593.079:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8991 comm="syz.0.1060" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57ebd8ebe9 code=0x0
[  149.704456][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.764211][ T1026] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  149.784741][ T1026] usb 6-1: device descriptor read/8, error -71
[  149.864522][   T60] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  150.024175][ T1026] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  150.044621][ T1026] usb 6-1: device descriptor read/8, error -71
[  150.154391][ T1026] usb usb6-port1: unable to enumerate USB device
[  150.344443][ T1026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.424337][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.456006][ T9006] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  150.557017][ T9011] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1068'.
[  150.707687][   T40] audit: type=1326 audit(1754769594.219:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9018 comm="syz.0.1072" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57ebd8ebe9 code=0x0
[  151.384699][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  151.871474][ T9054] binder: BINDER_SET_CONTEXT_MGR already set
[  151.873428][ T9054] binder: 9053:9054 ioctl 4018620d 200000004a80 returned -16
[  152.024211][ T6012] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  152.154179][ T6012] usb 5-1: device descriptor read/64, error -71
[  152.199922][ T9071] sctp: [Deprecated]: syz.1.1103 (pid 9071) Use of struct sctp_assoc_value in delayed_ack socket option.
[  152.199922][ T9071] Use struct sctp_sack_info instead
[  152.404124][ T6012] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  152.424256][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  152.424311][   T60] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  152.544211][ T6012] usb 5-1: device descriptor read/64, error -71
[  152.650364][ T9079] binder: BINDER_SET_CONTEXT_MGR already set
[  152.652358][ T9079] binder: 9078:9079 ioctl 4018620d 200000004a80 returned -16
[  152.664847][ T6012] usb usb5-port1: attempt power cycle
[  152.754618][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  152.777981][   T40] audit: type=1400 audit(1754769596.289:609): avc:  denied  { remount } for  pid=9082 comm="syz.3.1100" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  152.779345][ T9084] tmpfs: Cannot change global quota limit on remount
[  152.783983][   T40] audit: type=1400 audit(1754769596.289:610): avc:  denied  { mount } for  pid=9082 comm="syz.3.1100" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  152.794447][ T9083] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  152.798140][ T9083] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.1100'.
[  152.810923][   T40] audit: type=1400 audit(1754769596.319:611): avc:  denied  { unmount } for  pid=5965 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  152.832280][ T9086] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  152.835555][ T9086] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  153.024147][ T6012] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  153.044589][ T6012] usb 5-1: device descriptor read/8, error -71
[  153.053424][ T9102] binder: BINDER_SET_CONTEXT_MGR already set
[  153.056162][ T9102] binder: 9101:9102 ioctl 4018620d 200000004a80 returned -16
[  153.083584][ T9104] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9104 comm=syz.1.1110
[  153.117380][   T63] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  153.294192][ T6012] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  153.325817][ T6012] usb 5-1: device descriptor read/8, error -71
[  153.445250][ T6012] usb usb5-port1: unable to enumerate USB device
[  153.873099][   T40] audit: type=1326 audit(1754769597.379:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9132 comm="syz.2.1123" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f331a58ebe9 code=0x0
[  154.151025][ T9150] sctp: [Deprecated]: syz.3.1129 (pid 9150) Use of struct sctp_assoc_value in delayed_ack socket option.
[  154.151025][ T9150] Use struct sctp_sack_info instead
[  154.344882][ T1149] net_ratelimit: 2235 callbacks suppressed
[  154.344893][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  154.514414][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.256774][ T9201] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9201 comm=syz.1.1149
[  155.294150][ T6012] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  155.444759][ T6012] usb 5-1: Using ep0 maxpacket: 8
[  155.448389][ T6012] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  155.453539][ T6012] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  155.456817][ T6012] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  155.460359][ T6012] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  155.466463][ T6012] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  155.469370][ T6012] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.488834][ T9214] netlink: 'syz.2.1155': attribute type 7 has an invalid length.
[  155.544975][ T1026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.611096][ T9222] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9222 comm=syz.2.1158
[  155.625057][ T1145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.625160][ T1149] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  155.681781][ T6012] usb 5-1: GET_CAPABILITIES returned 0
[  155.683660][ T6012] usbtmc 5-1:16.0: can't read capabilities
[  155.882557][ T6012] usb 5-1: USB disconnect, device number 18
[  156.012409][ T9245] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9245 comm=syz.1.1168
[  156.095554][ T9251] lo speed is unknown, defaulting to 1000
[  156.104694][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.125997][   T40] audit: type=1400 audit(1754769599.639:613): avc:  denied  { ioctl } for  pid=9250 comm="syz.1.1171" path="socket:[30237]" dev="sockfs" ino=30237 ioctlcmd=0x52c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  156.166546][   T40] audit: type=1400 audit(1754769599.679:614): avc:  denied  { mount } for  pid=9250 comm="syz.1.1171" name="/" dev="autofs" ino=29571 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  156.173735][   T40] audit: type=1400 audit(1754769599.679:615): avc:  denied  { ioctl } for  pid=9250 comm="syz.1.1171" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  156.262386][   T40] audit: type=1326 audit(1754769599.769:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9259 comm="syz.2.1173" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f331a58ebe9 code=0x0
[  156.272576][   T40] audit: type=1400 audit(1754769599.779:617): avc:  denied  { unmount } for  pid=5966 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  156.344026][ T9267] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1182'.
[  156.356209][ T9265] overlayfs: conflicting lowerdir path
[  156.357866][   T40] audit: type=1400 audit(1754769599.869:618): avc:  denied  { unlink } for  pid=9264 comm="syz.2.1175" name="#9" dev="tmpfs" ino=1531 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  156.373097][ T9265] comedi comedi3: s526: I/O port conflict (0x4,64)
[  156.475114][ T9275] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1186'.
[  156.515815][   T40] audit: type=1400 audit(1754769600.029:619): avc:  denied  { write } for  pid=9277 comm="syz.1.1178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  156.522206][   T40] audit: type=1400 audit(1754769600.029:620): avc:  denied  { nlmsg_write } for  pid=9277 comm="syz.1.1178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  156.555302][ T9282] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9282 comm=syz.0.1179
[  156.584765][ T1026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.720920][ T9292] overlayfs: conflicting lowerdir path
[  156.726900][ T9292] comedi comedi3: s526: I/O port conflict (0x4,64)
[  156.767158][ T9294] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1188'.
[  156.821913][   T40] audit: type=1400 audit(1754769600.329:621): avc:  denied  { write } for  pid=9298 comm="syz.0.1190" path="socket:[30354]" dev="sockfs" ino=30354 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  156.911573][ T9300] batman_adv: batadv0: Adding interface: ipvlan2
[  156.913644][ T9300] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.922215][ T9300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.926508][ T9300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.929587][ T9300] batman_adv: batadv0: Interface activated: ipvlan2
[  156.940533][ T9299] batman_adv: batadv0: Adding interface: ipvlan3
[  156.942719][ T9299] batman_adv: batadv0: The MTU of interface ipvlan3 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.950645][ T9299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.953997][ T9299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.957410][ T9299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  156.960554][ T9299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.961642][ T9308] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9308 comm=syz.2.1193
[  156.963736][ T9299] batman_adv: batadv0: Interface activated: ipvlan3
[  157.075608][ T9319] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1197'.
[  157.119511][ T9321] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.123045][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.260190][ T9329] netfs: Couldn't get user pages (rc=-14)
[  157.348374][ T9334] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9334 comm=syz.3.1203
[  157.509923][ T9341] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1207'.
[  157.625844][ T1026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.809861][ T9354] usb usb9: usbfs: process 9354 (syz.2.1213) did not claim interface 15 before use
[  157.887297][ T9358] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9358 comm=syz.3.1214
[  157.998894][ T9367] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1218'.
[  158.139689][ T9381] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9381 comm=syz.3.1224
[  158.184966][ T1156] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  158.341723][ T9394] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1228'.
[  158.664384][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.694574][ T9407] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9407 comm=syz.0.1234
[  158.756811][ T9409] binder: 9408:9409 ioctl 4018620d 0 returned -22
[  159.009731][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  159.009801][   T40] audit: type=1400 audit(1754769602.519:628): avc:  denied  { bind } for  pid=9416 comm="syz.2.1238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  159.372482][ T9437] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9437 comm=syz.2.1247
[  159.394455][   T12] net_ratelimit: 1 callbacks suppressed
[  159.394466][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.435400][ T9445] FAULT_INJECTION: forcing a failure.
[  159.435400][ T9445] name failslab, interval 1, probability 0, space 0, times 0
[  159.440765][ T9445] CPU: 2 UID: 0 PID: 9445 Comm: syz.1.1250 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  159.440780][ T9445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.440787][ T9445] Call Trace:
[  159.440792][ T9445]  <TASK>
[  159.440796][ T9445]  dump_stack_lvl+0x16c/0x1f0
[  159.440827][ T9445]  should_fail_ex+0x512/0x640
[  159.440843][ T9445]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  159.440856][ T9445]  should_failslab+0xc2/0x120
[  159.440869][ T9445]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  159.440880][ T9445]  ? __d_alloc+0x32/0xae0
[  159.440895][ T9445]  __d_alloc+0x32/0xae0
[  159.440906][ T9445]  ? bpf_ksym_find+0x127/0x1c0
[  159.440921][ T9445]  d_alloc_parallel+0x111/0x1480
[  159.440939][ T9445]  ? unwind_get_return_address+0x59/0xa0
[  159.440952][ T9445]  ? arch_stack_walk+0xa6/0x100
[  159.440965][ T9445]  ? look_up_lock_class+0x59/0x150
[  159.440975][ T9445]  ? __pfx_d_alloc_parallel+0x10/0x10
[  159.440993][ T9445]  ? lockdep_init_map_type+0x5c/0x280
[  159.441010][ T9445]  ? lockdep_init_map_type+0x5c/0x280
[  159.441029][ T9445]  __lookup_slow+0x193/0x460
[  159.441045][ T9445]  ? __pfx___lookup_slow+0x10/0x10
[  159.441063][ T9445]  ? pcpu_next_md_free_region+0xd0/0x380
[  159.441082][ T9445]  ? pcpu_next_md_free_region+0xd0/0x380
[  159.441097][ T9445]  ? d_lookup+0xe7/0x190
[  159.441115][ T9445]  lookup_noperm+0xe1/0x110
[  159.441130][ T9445]  simple_start_creating+0xd1/0x1b0
[  159.441143][ T9445]  start_creating.part.0+0x82/0x190
[  159.441157][ T9445]  __debugfs_create_file+0xa7/0x6b0
[  159.441171][ T9445]  debugfs_create_file_full+0x41/0x60
[  159.441185][ T9445]  kvm_dev_ioctl+0x153f/0x1af0
[  159.441201][ T9445]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  159.441214][ T9445]  ? selinux_file_ioctl+0x180/0x270
[  159.441229][ T9445]  ? selinux_file_ioctl+0xb4/0x270
[  159.441243][ T9445]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  159.441255][ T9445]  __x64_sys_ioctl+0x18b/0x210
[  159.441271][ T9445]  do_syscall_64+0xcd/0x4c0
[  159.441283][ T9445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.441294][ T9445] RIP: 0033:0x7f0e38f8ebe9
[  159.441303][ T9445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.441313][ T9445] RSP: 002b:00007f0e39e4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  159.441324][ T9445] RAX: ffffffffffffffda RBX: 00007f0e391b5fa0 RCX: 00007f0e38f8ebe9
[  159.441330][ T9445] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003
[  159.441336][ T9445] RBP: 00007f0e39e4a090 R08: 0000000000000000 R09: 0000000000000000
[  159.441342][ T9445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  159.441348][ T9445] R13: 00007f0e391b6038 R14: 00007f0e391b5fa0 R15: 00007ffefcb42018
[  159.441361][ T9445]  </TASK>
[  159.714782][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  160.277737][   T40] audit: type=1400 audit(1754769603.789:629): avc:  denied  { bind } for  pid=9476 comm="syz.0.1263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  160.564144][   T34] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  160.724236][   T34] usb 5-1: Using ep0 maxpacket: 32
[  160.727224][   T34] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.730358][   T34] usb 5-1: config 0 has no interfaces?
[  160.733585][   T34] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  160.736487][   T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.738968][   T34] usb 5-1: Product: syz
[  160.740283][   T34] usb 5-1: Manufacturer: syz
[  160.741764][   T34] usb 5-1: SerialNumber: syz
[  160.744351][ T7086] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  160.744775][   T34] usb 5-1: config 0 descriptor??
[  160.754907][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.009434][ T6012] usb 5-1: USB disconnect, device number 19
[  161.013271][ T9487] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1268'.
[  161.037514][   T63] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  161.059574][   T40] audit: type=1400 audit(1754769604.569:630): avc:  denied  { listen } for  pid=9490 comm="syz.2.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  161.060054][ T9493] netlink: 'syz.1.1271': attribute type 1 has an invalid length.
[  161.066535][   T40] audit: type=1400 audit(1754769604.569:631): avc:  denied  { accept } for  pid=9490 comm="syz.2.1270" path="socket:[31536]" dev="sockfs" ino=31536 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  161.076698][   T40] audit: type=1400 audit(1754769604.569:632): avc:  denied  { ioctl } for  pid=9490 comm="syz.2.1270" path="socket:[31529]" dev="sockfs" ino=31529 ioctlcmd=0x8907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  161.087003][ T9493] 8021q: adding VLAN 0 to HW filter on device bond5
[  161.115538][ T9500] binder: BINDER_SET_CONTEXT_MGR already set
[  161.117453][ T9500] binder: 9499:9500 ioctl 4018620d 200000004a80 returned -16
[  161.384558][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.646531][ T9520] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1282'.
[  161.672831][ T9522] netlink: 'syz.0.1283': attribute type 1 has an invalid length.
[  161.694892][ T9522] 8021q: adding VLAN 0 to HW filter on device bond4
[  161.697906][ T9522] bond3: (slave bond4): making interface the new active one
[  161.700861][ T9522] bond3: (slave bond4): Enslaving as an active interface with an up link
[  161.784588][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.860872][ T9528] selinux_netlink_send: 1 callbacks suppressed
[  161.860884][ T9528] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9528 comm=syz.0.1285
[  161.983919][   T40] audit: type=1400 audit(1754769605.489:633): avc:  denied  { map } for  pid=9533 comm="syz.2.1288" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  162.070715][ T9540] FAULT_INJECTION: forcing a failure.
[  162.070715][ T9540] name failslab, interval 1, probability 0, space 0, times 0
[  162.074999][ T9540] CPU: 3 UID: 0 PID: 9540 Comm: syz.2.1291 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  162.075015][ T9540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.075021][ T9540] Call Trace:
[  162.075026][ T9540]  <TASK>
[  162.075030][ T9540]  dump_stack_lvl+0x116/0x1f0
[  162.075060][ T9540]  should_fail_ex+0x512/0x640
[  162.075078][ T9540]  ? virtqueue_add_sgs+0x76c/0x1c70
[  162.075088][ T9540]  should_failslab+0xc2/0x120
[  162.075100][ T9540]  __kmalloc_noprof+0xd2/0x510
[  162.075114][ T9540]  virtqueue_add_sgs+0x76c/0x1c70
[  162.075128][ T9540]  ? __pfx_virtqueue_add_sgs+0x10/0x10
[  162.075137][ T9540]  ? __virt_addr_valid+0x81/0x610
[  162.075151][ T9540]  ? __phys_addr+0xe8/0x180
[  162.075165][ T9540]  ? pack_sg_list_p.constprop.0+0x254/0x2d0
[  162.075184][ T9540]  p9_virtio_zc_request+0x61f/0x1510
[  162.075205][ T9540]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  162.075220][ T9540]  ? __pfx_p9_tag_alloc+0x10/0x10
[  162.075233][ T9540]  ? trace_9p_protocol_dump+0x190/0x210
[  162.075247][ T9540]  ? rcu_is_watching+0x12/0xc0
[  162.075260][ T9540]  ? p9_client_prepare_req+0x112/0x4d0
[  162.075271][ T9540]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  162.075284][ T9540]  ? __lock_acquire+0x62e/0x1ce0
[  162.075301][ T9540]  p9_client_zc_rpc.constprop.0+0x29c/0x880
[  162.075316][ T9540]  ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10
[  162.075336][ T9540]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  162.075351][ T9540]  p9_client_read_once+0x3d2/0x860
[  162.075366][ T9540]  ? __pfx_p9_client_read_once+0x10/0x10
[  162.075380][ T9540]  ? __lock_acquire+0xb97/0x1ce0
[  162.075398][ T9540]  p9_client_read+0x13f/0x1b0
[  162.075412][ T9540]  v9fs_issue_read+0x117/0x390
[  162.075427][ T9540]  ? __pfx_v9fs_issue_read+0x10/0x10
[  162.075444][ T9540]  ? netfs_unbuffered_read_iter_locked+0x7e7/0x15c0
[  162.075459][ T9540]  ? iov_iter_advance+0x380/0x6c0
[  162.075474][ T9540]  netfs_unbuffered_read_iter_locked+0xaca/0x15c0
[  162.075492][ T9540]  netfs_unbuffered_read_iter+0xc5/0x100
[  162.075506][ T9540]  v9fs_file_read_iter+0xbf/0x100
[  162.075520][ T9540]  copy_splice_read+0x618/0xc20
[  162.075534][ T9540]  ? __pfx_copy_splice_read+0x10/0x10
[  162.075549][ T9540]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  162.075560][ T9540]  ? register_lock_class+0x41/0x4c0
[  162.075579][ T9540]  v9fs_file_splice_read+0xc8/0xe0
[  162.075593][ T9540]  ? __pfx_v9fs_file_splice_read+0x10/0x10
[  162.075607][ T9540]  do_splice_read+0x282/0x370
[  162.075618][ T9540]  splice_direct_to_actor+0x2a1/0xa30
[  162.075630][ T9540]  ? __pfx_direct_splice_actor+0x10/0x10
[  162.075643][ T9540]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  162.075653][ T9540]  ? get_pid_task+0xfc/0x250
[  162.075666][ T9540]  do_splice_direct+0x174/0x240
[  162.075676][ T9540]  ? __pfx_do_splice_direct+0x10/0x10
[  162.075687][ T9540]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  162.075700][ T9540]  ? rw_verify_area+0xcf/0x6c0
[  162.075717][ T9540]  do_sendfile+0xb06/0xe50
[  162.075729][ T9540]  ? __pfx_do_sendfile+0x10/0x10
[  162.075743][ T9540]  __x64_sys_sendfile64+0x154/0x220
[  162.075757][ T9540]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  162.075774][ T9540]  do_syscall_64+0xcd/0x4c0
[  162.075786][ T9540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.075797][ T9540] RIP: 0033:0x7f331a58ebe9
[  162.075806][ T9540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.075816][ T9540] RSP: 002b:00007f33187f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  162.075826][ T9540] RAX: ffffffffffffffda RBX: 00007f331a7b5fa0 RCX: 00007f331a58ebe9
[  162.075833][ T9540] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  162.075839][ T9540] RBP: 00007f33187f6090 R08: 0000000000000000 R09: 0000000000000000
[  162.075845][ T9540] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000002
[  162.075851][ T9540] R13: 00007f331a7b6038 R14: 00007f331a7b5fa0 R15: 00007fff19aea4b8
[  162.075864][ T9540]  </TASK>
[  162.135614][ T6012] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  162.143619][ T9543] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000l4'
[  162.184360][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.304398][ T6012] usb 5-1: Using ep0 maxpacket: 32
[  162.307262][ T6012] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  162.310958][ T6012] usb 5-1: config 0 has no interfaces?
[  162.314692][ T6012] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  162.317789][ T6012] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.320563][ T6012] usb 5-1: Product: syz
[  162.322071][ T6012] usb 5-1: Manufacturer: syz
[  162.323698][ T6012] usb 5-1: SerialNumber: syz
[  162.327362][ T6012] usb 5-1: config 0 descriptor??
[  162.368575][ T9550] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9550 comm=syz.1.1294
[  162.589267][ T6012] usb 5-1: USB disconnect, device number 20
[  162.706547][ T9564] binder: 9563:9564 ioctl c0306201 0 returned -14
[  162.821286][   T40] audit: type=1400 audit(1754769606.329:634): avc:  denied  { bind } for  pid=9570 comm="syz.3.1303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  162.828108][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.964319][   T40] audit: type=1400 audit(1754769606.479:635): avc:  denied  { getopt } for  pid=9575 comm="syz.3.1305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  162.964321][ T1026] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  163.033975][ T9577] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000l4'
[  163.115958][ T9579] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9579 comm=syz.0.1306
[  163.134119][ T1026] usb 6-1: Using ep0 maxpacket: 8
[  163.136961][ T1026] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  163.140310][ T1026] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  163.147841][ T1026] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  163.150967][ T1026] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  163.155169][ T1026] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  163.158004][ T1026] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.304745][   T60] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  163.308419][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.363754][ T1026] usb 6-1: GET_CAPABILITIES returned 0
[  163.365566][ T1026] usbtmc 6-1:16.0: can't read capabilities
[  163.416992][ T9593] binder: 9591:9593 ioctl c0306201 0 returned -14
[  163.440620][ T9597] loop6: detected capacity change from 0 to 524288000
[  163.494295][ T9597] support for the xor transformation has been removed.
[  163.502905][ T9604] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.506319][ T9604] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.565898][ T6012] usb 6-1: USB disconnect, device number 19
[  163.674102][ T1026] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  163.684879][   T40] audit: type=1400 audit(1754769607.199:636): avc:  denied  { create } for  pid=9615 comm="syz.3.1321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  163.692376][   T40] audit: type=1400 audit(1754769607.199:637): avc:  denied  { bind } for  pid=9615 comm="syz.3.1321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  163.832131][ T1026] usb 5-1: Using ep0 maxpacket: 32
[  163.835154][ T1026] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  163.839819][ T1026] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  163.842706][ T1026] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.845341][ T1026] usb 5-1: Product: syz
[  163.846732][ T1026] usb 5-1: Manufacturer: syz
[  163.848287][ T1026] usb 5-1: SerialNumber: syz
[  163.851015][ T1026] usb 5-1: config 0 descriptor??
[  163.886746][ T9632] 9pnet_virtio: no channels available for device 127.0.0.1
[  164.095741][ T9635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1328'.
[  164.118928][   T10] usb 5-1: USB disconnect, device number 21
[  164.193025][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  164.193037][   T40] audit: type=1326 audit(1754769607.699:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.1.1329" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e38f8ebe9 code=0x0
[  164.222547][ T9651] FAULT_INJECTION: forcing a failure.
[  164.222547][ T9651] name failslab, interval 1, probability 0, space 0, times 0
[  164.226844][ T9651] CPU: 3 UID: 0 PID: 9651 Comm: syz.3.1331 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  164.226859][ T9651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.226866][ T9651] Call Trace:
[  164.226869][ T9651]  <TASK>
[  164.226873][ T9651]  dump_stack_lvl+0x16c/0x1f0
[  164.226888][ T9651]  should_fail_ex+0x512/0x640
[  164.226900][ T9651]  ? fs_reclaim_acquire+0xae/0x150
[  164.226915][ T9651]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  164.226931][ T9651]  should_failslab+0xc2/0x120
[  164.226944][ T9651]  __kmalloc_noprof+0xd2/0x510
[  164.226957][ T9651]  tomoyo_realpath_from_path+0xc2/0x6e0
[  164.226974][ T9651]  ? tomoyo_profile+0x47/0x60
[  164.226985][ T9651]  tomoyo_path_number_perm+0x245/0x580
[  164.226997][ T9651]  ? tomoyo_path_number_perm+0x237/0x580
[  164.227011][ T9651]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  164.227025][ T9651]  ? find_held_lock+0x2b/0x80
[  164.227050][ T9651]  ? find_held_lock+0x2b/0x80
[  164.227061][ T9651]  ? hook_file_ioctl_common+0x145/0x410
[  164.227075][ T9651]  ? __fget_files+0x20e/0x3c0
[  164.227089][ T9651]  security_file_ioctl+0x9b/0x240
[  164.227104][ T9651]  __x64_sys_ioctl+0xb7/0x210
[  164.227121][ T9651]  do_syscall_64+0xcd/0x4c0
[  164.227133][ T9651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.227144][ T9651] RIP: 0033:0x7f55edb8ebe9
[  164.227152][ T9651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.227162][ T9651] RSP: 002b:00007f55eeac1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.227173][ T9651] RAX: ffffffffffffffda RBX: 00007f55eddb5fa0 RCX: 00007f55edb8ebe9
[  164.227179][ T9651] RDX: 0000200000000100 RSI: 0000000040806685 RDI: 0000000000000004
[  164.227185][ T9651] RBP: 00007f55eeac1090 R08: 0000000000000000 R09: 0000000000000000
[  164.227191][ T9651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.227197][ T9651] R13: 00007f55eddb6038 R14: 00007f55eddb5fa0 R15: 00007ffc77cf8238
[  164.227210][ T9651]  </TASK>
[  164.227215][ T9651] ERROR: Out of memory at tomoyo_realpath_from_path.
[  164.914411][ T7023] net_ratelimit: 744 callbacks suppressed
[  164.914424][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.120065][   T63] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  165.214316][   T10] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  165.224423][ T7086] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.364358][   T10] usb 5-1: Using ep0 maxpacket: 8
[  165.367273][   T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  165.370350][   T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  165.373347][   T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  165.376514][   T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  165.380586][   T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  165.383421][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.434131][   T24] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  165.584183][   T24] usb 6-1: Using ep0 maxpacket: 32
[  165.587066][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  165.588819][   T10] usb 5-1: GET_CAPABILITIES returned 0
[  165.591692][   T24] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  165.592004][   T10] usbtmc 5-1:16.0: can't read capabilities
[  165.594994][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.595007][   T24] usb 6-1: Product: syz
[  165.595014][   T24] usb 6-1: Manufacturer: syz
[  165.595021][   T24] usb 6-1: SerialNumber: syz
[  165.597060][   T24] usb 6-1: config 0 descriptor??
[  165.791420][ T7023] usb 5-1: USB disconnect, device number 22
[  165.878946][   T29] usb 6-1: USB disconnect, device number 20
[  165.944742][   T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.344978][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.424993][   T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.504321][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  166.514013][   T40] audit: type=1326 audit(1754769610.019:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9683 comm="syz.1.1344" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e38f8ebe9 code=0x0
[  166.590135][ T9695] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9695 comm=syz.0.1348
[  166.864198][ T7023] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  166.988051][ T1026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.024137][ T7023] usb 5-1: Using ep0 maxpacket: 8
[  167.027208][ T7023] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  167.030291][ T7023] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  167.033451][ T7023] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  167.036613][ T7023] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  167.040569][ T7023] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  167.043417][ T7023] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.184317][    T9] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  167.249769][ T7023] usb 5-1: GET_CAPABILITIES returned 0
[  167.251714][ T7023] usbtmc 5-1:16.0: can't read capabilities
[  167.334335][    T9] usb 7-1: Using ep0 maxpacket: 32
[  167.337195][    T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  167.341844][    T9] usb 7-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  167.344998][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.347519][    T9] usb 7-1: Product: syz
[  167.348844][    T9] usb 7-1: Manufacturer: syz
[  167.350311][    T9] usb 7-1: SerialNumber: syz
[  167.352994][    T9] usb 7-1: config 0 descriptor??
[  167.431634][   T40] audit: type=1400 audit(1754769610.939:643): avc:  denied  { create } for  pid=9710 comm="syz.3.1355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  167.451861][   T29] usb 5-1: USB disconnect, device number 23
[  167.619289][   T29] usb 7-1: USB disconnect, device number 15
[  168.034277][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.147910][ T9716] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1355'.
[  168.148943][ T9727] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9727 comm=syz.2.1359
[  168.205119][   T40] audit: type=1326 audit(1754769611.719:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9732 comm="syz.2.1363" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f331a58ebe9 code=0x0
[  168.425750][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  168.425953][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.432430][ T6012] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.435266][ T6012] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.435530][    T9] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  168.554138][   T24] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  168.724313][   T24] usb 6-1: Using ep0 maxpacket: 8
[  168.727213][   T24] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  168.730271][   T24] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  168.733322][   T24] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  168.736586][   T24] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  168.740726][   T24] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  168.743788][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.949511][   T24] usb 6-1: GET_CAPABILITIES returned 0
[  168.951384][   T24] usbtmc 6-1:16.0: can't read capabilities
[  169.157433][    T9] usb 6-1: USB disconnect, device number 21
[  169.737891][ T9756] netlink: 1347 bytes leftover after parsing attributes in process `syz.2.1370'.
[  169.743057][ T9756] hugetlbfs: Bad value for 'uid'
[  169.745182][ T9756] hugetlbfs: Bad value for 'uid'
[  170.115233][ T7023] net_ratelimit: 2 callbacks suppressed
[  170.115246][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.259534][ T9764] afs: Unknown parameter 'a
'
[  170.504803][ T5971] Bluetooth: hci1: command 0x0406 tx timeout
[  170.506532][ T5976] Bluetooth: hci2: command 0x0406 tx timeout
[  170.579725][   T40] audit: type=1326 audit(1754769614.089:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9772 comm="syz.2.1376" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f331a58ebe9 code=0x0
[  170.730986][ T9775] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9775 comm=syz.1.1377
[  170.759810][ T9777] FAULT_INJECTION: forcing a failure.
[  170.759810][ T9777] name failslab, interval 1, probability 0, space 0, times 0
[  170.764802][ T9777] CPU: 2 UID: 0 PID: 9777 Comm: syz.1.1378 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  170.764829][ T9777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.764835][ T9777] Call Trace:
[  170.764839][ T9777]  <TASK>
[  170.764844][ T9777]  dump_stack_lvl+0x16c/0x1f0
[  170.764876][ T9777]  should_fail_ex+0x512/0x640
[  170.764892][ T9777]  ? __kmalloc_noprof+0xbf/0x510
[  170.764904][ T9777]  ? kernfs_fop_write_iter+0x237/0x510
[  170.764915][ T9777]  should_failslab+0xc2/0x120
[  170.764930][ T9777]  __kmalloc_noprof+0xd2/0x510
[  170.764947][ T9777]  kernfs_fop_write_iter+0x237/0x510
[  170.764960][ T9777]  vfs_write+0x7d3/0x11d0
[  170.764971][ T9777]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  170.764982][ T9777]  ? __pfx___mutex_lock+0x10/0x10
[  170.764998][ T9777]  ? __pfx_vfs_write+0x10/0x10
[  170.765017][ T9777]  ksys_write+0x12a/0x250
[  170.765027][ T9777]  ? __pfx_ksys_write+0x10/0x10
[  170.765042][ T9777]  do_syscall_64+0xcd/0x4c0
[  170.765054][ T9777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.765065][ T9777] RIP: 0033:0x7f0e38f8ebe9
[  170.765074][ T9777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.765084][ T9777] RSP: 002b:00007f0e39e4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  170.765095][ T9777] RAX: ffffffffffffffda RBX: 00007f0e391b5fa0 RCX: 00007f0e38f8ebe9
[  170.765101][ T9777] RDX: 000000000000002f RSI: 0000200000000340 RDI: 0000000000000004
[  170.765107][ T9777] RBP: 00007f0e39e4a090 R08: 0000000000000000 R09: 0000000000000000
[  170.765113][ T9777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.765119][ T9777] R13: 00007f0e391b6038 R14: 00007f0e391b5fa0 R15: 00007ffefcb42018
[  170.765132][ T9777]  </TASK>
[  170.984965][ T1145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.154350][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.426323][ T9802] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9802 comm=syz.1.1389
[  171.474610][ T1145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.531949][ T9821] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1396'.
[  171.569811][   T40] audit: type=1326 audit(1754769615.079:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9824 comm="syz.1.1398" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e38f8ebe9 code=0x0
[  171.704293][    T9] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  171.854116][ T7023] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  171.864126][    T9] usb 7-1: Using ep0 maxpacket: 8
[  171.866960][    T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  171.869910][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  171.872809][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  171.876104][    T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  171.880060][    T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  171.882852][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.015812][ T7023] usb 5-1: config 0 has an invalid interface number: 156 but max is 0
[  172.018427][ T7023] usb 5-1: config 0 has no interface number 0
[  172.020420][ T7023] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  172.023262][ T7023] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.027129][ T7023] usb 5-1: config 0 descriptor??
[  172.030432][ T7023] gspca_main: spca561-2.14.0 probing abcd:cdee
[  172.088452][    T9] usb 7-1: GET_CAPABILITIES returned 0
[  172.090224][    T9] usbtmc 7-1:16.0: can't read capabilities
[  172.184512][   T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.237965][ T9827] vxlan0: entered promiscuous mode
[  172.239883][ T9827] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  172.242337][   T60] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  172.245263][   T60] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  172.248148][   T60] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  172.249251][ T7023] spca561 5-1:0.156: probe with driver spca561 failed with error -22
[  172.250627][   T60] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  172.253676][ T7023] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  172.257877][ T7023] usb 5-1: MIDIStreaming interface descriptor not found
[  172.264627][   T60] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  172.270302][ T7023] usb 5-1: USB disconnect, device number 24
[  172.289502][  T839] usb 7-1: USB disconnect, device number 16
[  172.416615][   T40] audit: type=1400 audit(1754769615.929:647): avc:  denied  { setopt } for  pid=9829 comm="syz.1.1400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  172.424219][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.424493][   T40] audit: type=1400 audit(1754769615.939:648): avc:  denied  { read } for  pid=9829 comm="syz.1.1400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  172.432821][   T40] audit: type=1400 audit(1754769615.939:649): avc:  denied  { ioctl } for  pid=9829 comm="syz.1.1400" path="pid:[4026532866]" dev="nsfs" ino=4026532866 ioctlcmd=0xb706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  172.457376][ T9833] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9833 comm=syz.1.1401
[  172.623664][ T9839] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  172.691452][   T40] audit: type=1400 audit(1754769616.199:650): avc:  denied  { create } for  pid=9844 comm="syz.1.1407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  172.730641][ T9847] fuse: Bad value for 'fd'
[  172.733436][   T40] audit: type=1326 audit(1754769616.239:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9846 comm="syz.1.1408" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e38f8ebe9 code=0x0
[  172.913149][ T9862] FAULT_INJECTION: forcing a failure.
[  172.913149][ T9862] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  172.917301][ T9862] CPU: 0 UID: 0 PID: 9862 Comm: syz.0.1415 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  172.917321][ T9862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  172.917328][ T9862] Call Trace:
[  172.917331][ T9862]  <TASK>
[  172.917335][ T9862]  dump_stack_lvl+0x16c/0x1f0
[  172.917350][ T9862]  should_fail_ex+0x512/0x640
[  172.917363][ T9862]  _copy_from_user+0x2e/0xd0
[  172.917378][ T9862]  do_devconfig_ioctl+0x11c/0x710
[  172.917392][ T9862]  ? __mutex_lock+0x1c4/0x10b0
[  172.917404][ T9862]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  172.917427][ T9862]  ? find_held_lock+0x2b/0x80
[  172.917443][ T9862]  comedi_unlocked_ioctl+0x165d/0x2f00
[  172.917462][ T9862]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  172.917480][ T9862]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  172.917494][ T9862]  ? do_vfs_ioctl+0x128/0x14f0
[  172.917511][ T9862]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  172.917526][ T9862]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  172.917547][ T9862]  ? hook_file_ioctl_common+0x145/0x410
[  172.917561][ T9862]  ? selinux_file_ioctl+0x180/0x270
[  172.917575][ T9862]  ? selinux_file_ioctl+0xb4/0x270
[  172.917590][ T9862]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  172.917606][ T9862]  __x64_sys_ioctl+0x18b/0x210
[  172.917623][ T9862]  do_syscall_64+0xcd/0x4c0
[  172.917635][ T9862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.917646][ T9862] RIP: 0033:0x7f57ebd8ebe9
[  172.917655][ T9862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.917665][ T9862] RSP: 002b:00007f57ecb87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  172.917675][ T9862] RAX: ffffffffffffffda RBX: 00007f57ebfb5fa0 RCX: 00007f57ebd8ebe9
[  172.917682][ T9862] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003
[  172.917688][ T9862] RBP: 00007f57ecb87090 R08: 0000000000000000 R09: 0000000000000000
[  172.917694][ T9862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.917700][ T9862] R13: 00007f57ebfb6038 R14: 00007f57ebfb5fa0 R15: 00007ffd0d5db3c8
[  172.917712][ T9862]  </TASK>
[  172.919012][ T9864] binder: 9863:9864 ioctl 4018620d 0 returned -22
[  173.137300][ T9876] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.1421'.
[  173.224273][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.314114][   T53] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  173.396972][ T9890] binder: 9889:9890 ioctl 4018620d 0 returned -22
[  173.420772][ T9892] FAULT_INJECTION: forcing a failure.
[  173.420772][ T9892] name failslab, interval 1, probability 0, space 0, times 0
[  173.424831][ T9892] CPU: 3 UID: 0 PID: 9892 Comm: syz.2.1428 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  173.424846][ T9892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  173.424853][ T9892] Call Trace:
[  173.424856][ T9892]  <TASK>
[  173.424861][ T9892]  dump_stack_lvl+0x16c/0x1f0
[  173.424875][ T9892]  should_fail_ex+0x512/0x640
[  173.424887][ T9892]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  173.424900][ T9892]  should_failslab+0xc2/0x120
[  173.424911][ T9892]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  173.424922][ T9892]  ? alloc_inode+0x61/0x240
[  173.424939][ T9892]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  173.424951][ T9892]  alloc_inode+0x61/0x240
[  173.424966][ T9892]  new_inode+0x22/0x1c0
[  173.424981][ T9892]  __debugfs_create_file+0x11c/0x6b0
[  173.424996][ T9892]  debugfs_create_file_full+0x41/0x60
[  173.425010][ T9892]  kvm_dev_ioctl+0x153f/0x1af0
[  173.425026][ T9892]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  173.425038][ T9892]  ? selinux_file_ioctl+0x180/0x270
[  173.425054][ T9892]  ? selinux_file_ioctl+0xb4/0x270
[  173.425068][ T9892]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  173.425080][ T9892]  __x64_sys_ioctl+0x18b/0x210
[  173.425096][ T9892]  do_syscall_64+0xcd/0x4c0
[  173.425108][ T9892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.425119][ T9892] RIP: 0033:0x7f331a58ebe9
[  173.425128][ T9892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.425138][ T9892] RSP: 002b:00007f33187f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  173.425149][ T9892] RAX: ffffffffffffffda RBX: 00007f331a7b5fa0 RCX: 00007f331a58ebe9
[  173.425155][ T9892] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003
[  173.425161][ T9892] RBP: 00007f33187f6090 R08: 0000000000000000 R09: 0000000000000000
[  173.425167][ T9892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  173.425173][ T9892] R13: 00007f331a7b6038 R14: 00007f331a7b5fa0 R15: 00007fff19aea4b8
[  173.425186][ T9892]  </TASK>
[  173.425189][ T9892] debugfs: out of free dentries, can not create file 'remote_tlb_flush'
[  173.514103][   T53] usb 5-1: Using ep0 maxpacket: 8
[  173.516909][   T53] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  173.519927][   T53] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  173.522946][   T53] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  173.526150][   T53] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  173.530317][   T53] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  173.533125][   T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.582848][ T9896] mmap: syz.1.1430 (9896) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  173.621981][ T9899] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9899 comm=syz.1.1431
[  173.740088][   T53] usb 5-1: GET_CAPABILITIES returned 0
[  173.742058][   T53] usbtmc 5-1:16.0: can't read capabilities
[  173.945982][    T9] usb 5-1: USB disconnect, device number 25
[  174.195370][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  174.274841][   T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.333263][ T9918] fuse: Bad value for 'fd'
[  174.341245][   T40] audit: type=1326 audit(1754769617.849:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9917 comm="syz.2.1439" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f331a58ebe9 code=0x0
[  174.423410][ T9920] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9920 comm=syz.1.1440
[  174.516912][ T9928] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.520808][ T9928] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.560838][   T40] audit: type=1400 audit(1754769618.069:653): avc:  denied  { bind } for  pid=9931 comm="syz.3.1446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  174.567108][   T40] audit: type=1400 audit(1754769618.069:654): avc:  denied  { node_bind } for  pid=9931 comm="syz.3.1446" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  174.597560][ T9934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1447'.
[  174.688216][ T9928] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.691527][ T9928] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.759985][ T9928] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.763274][ T9928] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.876407][ T9928] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.879757][ T9928] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.988430][ T1145] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  174.991299][ T1145] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.002511][ T1145] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  175.005665][ T1145] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.024427][ T1145] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  175.027131][ T1145] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.043949][ T1145] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  175.047050][ T1145] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.206374][ T9941] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=9941 comm=syz.2.1450
[  175.314667][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  175.474817][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  175.524270][   T24] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  175.674104][   T24] usb 7-1: Using ep0 maxpacket: 8
[  175.674130][   T54] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  175.676934][   T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  175.681203][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  175.684290][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  175.687518][   T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  175.691611][   T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  175.694514][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.824134][   T54] usb 6-1: Using ep0 maxpacket: 32
[  175.827145][   T54] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  175.830321][   T54] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  175.835944][   T54] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  175.838735][   T54] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.841201][   T54] usb 6-1: Product: syz
[  175.842545][   T54] usb 6-1: Manufacturer: syz
[  175.844010][   T54] usb 6-1: SerialNumber: syz
[  175.846864][   T54] usb 6-1: config 0 descriptor??
[  175.899867][   T24] usb 7-1: GET_CAPABILITIES returned 0
[  175.901641][   T24] usbtmc 7-1:16.0: can't read capabilities
[  176.105054][ T5970] usb 7-1: USB disconnect, device number 17
[  176.114371][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.121402][    T9] usb 6-1: USB disconnect, device number 22
[  176.344533][   T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.504538][   T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.628473][   T40] audit: type=1400 audit(1754769620.139:655): avc:  denied  { read write } for  pid=9952 comm="syz.2.1456" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  176.628635][ T9953] ata1.00: invalid multi_count 1 ignored
[  176.638341][   T40] audit: type=1400 audit(1754769620.139:656): avc:  denied  { open } for  pid=9952 comm="syz.2.1456" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  176.645746][   T40] audit: type=1400 audit(1754769620.139:657): avc:  denied  { ioctl } for  pid=9952 comm="syz.2.1456" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  177.264248][ T7023] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  177.384424][ T1026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.414137][ T7023] usb 7-1: Using ep0 maxpacket: 8
[  177.417860][ T7023] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  177.420907][ T7023] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  177.423989][ T7023] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  177.427247][ T7023] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  177.431256][ T7023] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  177.434210][ T7023] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.642885][ T7023] usb 7-1: GET_CAPABILITIES returned 0
[  177.645278][ T7023] usbtmc 7-1:16.0: can't read capabilities
[  177.785678][    T9] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  177.843237][ T5970] usb 7-1: USB disconnect, device number 18
[  177.934125][    T9] usb 6-1: Using ep0 maxpacket: 32
[  177.936959][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  177.941363][    T9] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  177.944360][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.946824][    T9] usb 6-1: Product: syz
[  177.948135][    T9] usb 6-1: Manufacturer: syz
[  177.949583][    T9] usb 6-1: SerialNumber: syz
[  177.952152][    T9] usb 6-1: config 0 descriptor??
[  177.956255][    T9] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input10
[  177.962477][   T40] audit: type=1400 audit(1754769621.469:658): avc:  denied  { read } for  pid=5363 comm="acpid" name="mouse2" dev="devtmpfs" ino=3032 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  177.969473][   T40] audit: type=1400 audit(1754769621.469:659): avc:  denied  { open } for  pid=5363 comm="acpid" path="/dev/input/mouse2" dev="devtmpfs" ino=3032 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  177.970138][    T9] usbtouchscreen 6-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -8
[  177.976756][   T40] audit: type=1400 audit(1754769621.469:660): avc:  denied  { ioctl } for  pid=5363 comm="acpid" path="/dev/input/mouse2" dev="devtmpfs" ino=3032 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  177.989377][    T9] usbtouchscreen 6-1:0.0: probe with driver usbtouchscreen failed with error -8
[  178.024393][   T60] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  178.218624][ T5970] usb 6-1: USB disconnect, device number 23
[  178.396652][   T40] audit: type=1400 audit(1754769621.909:661): avc:  denied  { mount } for  pid=9986 comm="syz.3.1470" name="/" dev="ramfs" ino=38970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  178.406129][ T9987] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1470'.
[  178.424399][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.514498][ T5970] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.583063][ T9993] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.587097][ T9993] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.746833][ T9999] FAULT_INJECTION: forcing a failure.
[  178.746833][ T9999] name failslab, interval 1, probability 0, space 0, times 0
[  178.750880][ T9999] CPU: 3 UID: 0 PID: 9999 Comm: syz.1.1473 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  178.750895][ T9999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.750902][ T9999] Call Trace:
[  178.750906][ T9999]  <TASK>
[  178.750910][ T9999]  dump_stack_lvl+0x16c/0x1f0
[  178.750940][ T9999]  should_fail_ex+0x512/0x640
[  178.750956][ T9999]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  178.750969][ T9999]  should_failslab+0xc2/0x120
[  178.750981][ T9999]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  178.750992][ T9999]  ? __alloc_skb+0x2b2/0x380
[  178.751011][ T9999]  __alloc_skb+0x2b2/0x380
[  178.751027][ T9999]  ? __pfx___alloc_skb+0x10/0x10
[  178.751044][ T9999]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  178.751059][ T9999]  netlink_alloc_large_skb+0x69/0x130
[  178.751071][ T9999]  netlink_sendmsg+0x6a1/0xdd0
[  178.751084][ T9999]  ? __pfx_netlink_sendmsg+0x10/0x10
[  178.751100][ T9999]  ____sys_sendmsg+0xa98/0xc70
[  178.751114][ T9999]  ? copy_msghdr_from_user+0x10a/0x160
[  178.751124][ T9999]  ? __pfx_____sys_sendmsg+0x10/0x10
[  178.751143][ T9999]  ___sys_sendmsg+0x134/0x1d0
[  178.751154][ T9999]  ? __pfx____sys_sendmsg+0x10/0x10
[  178.751175][ T9999]  ? __mutex_unlock_slowpath+0x100/0x800
[  178.751194][ T9999]  __sys_sendmsg+0x16d/0x220
[  178.751204][ T9999]  ? __pfx___sys_sendmsg+0x10/0x10
[  178.751222][ T9999]  do_syscall_64+0xcd/0x4c0
[  178.751234][ T9999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.751246][ T9999] RIP: 0033:0x7f0e38f8ebe9
[  178.751255][ T9999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.751266][ T9999] RSP: 002b:00007f0e39e4a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  178.751276][ T9999] RAX: ffffffffffffffda RBX: 00007f0e391b5fa0 RCX: 00007f0e38f8ebe9
[  178.751283][ T9999] RDX: 0000000000004000 RSI: 0000200000000740 RDI: 0000000000000004
[  178.751289][ T9999] RBP: 00007f0e39e4a090 R08: 0000000000000000 R09: 0000000000000000
[  178.751295][ T9999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.751301][ T9999] R13: 00007f0e391b6038 R14: 00007f0e391b5fa0 R15: 00007ffefcb42018
[  178.751313][ T9999]  </TASK>
[  178.842510][T10001] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=10001 comm=syz.1.1474
[  178.905676][T10005] binder: 10004:10005 ioctl c0306201 2000000001c0 returned -14
[  178.992075][T10008] FAULT_INJECTION: forcing a failure.
[  178.992075][T10008] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  178.996723][T10008] CPU: 2 UID: 0 PID: 10008 Comm: syz.3.1477 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  178.996739][T10008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.996745][T10008] Call Trace:
[  178.996749][T10008]  <TASK>
[  178.996753][T10008]  dump_stack_lvl+0x16c/0x1f0
[  178.996780][T10008]  should_fail_ex+0x512/0x640
[  178.996794][T10008]  _copy_from_user+0x2e/0xd0
[  178.996808][T10008]  copy_msghdr_from_user+0x98/0x160
[  178.996820][T10008]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  178.996837][T10008]  ___sys_sendmsg+0xfe/0x1d0
[  178.996847][T10008]  ? __pfx____sys_sendmsg+0x10/0x10
[  178.996869][T10008]  ? __mutex_unlock_slowpath+0x100/0x800
[  178.996885][T10008]  __sys_sendmsg+0x16d/0x220
[  178.996895][T10008]  ? __pfx___sys_sendmsg+0x10/0x10
[  178.996910][T10008]  ? fput+0x9b/0xd0
[  178.996927][T10008]  do_syscall_64+0xcd/0x4c0
[  178.996939][T10008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.996949][T10008] RIP: 0033:0x7f55edb8ebe9
[  178.996958][T10008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.996968][T10008] RSP: 002b:00007f55eeac1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  178.996979][T10008] RAX: ffffffffffffffda RBX: 00007f55eddb5fa0 RCX: 00007f55edb8ebe9
[  178.996985][T10008] RDX: 0000000000000800 RSI: 00002000000001c0 RDI: 0000000000000003
[  178.996991][T10008] RBP: 00007f55eeac1090 R08: 0000000000000000 R09: 0000000000000000
[  178.996997][T10008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.997003][T10008] R13: 00007f55eddb6038 R14: 00007f55eddb5fa0 R15: 00007ffc77cf8238
[  178.997026][T10008]  </TASK>
[  179.024005][T10010] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1478'.
[  179.301225][T10019] binder: 10018:10019 ioctl c0306201 0 returned -14
[  179.356598][T10026] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=10026 comm=syz.0.1484
[  179.544581][ T5970] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  179.704170][ T5970] usb 7-1: Using ep0 maxpacket: 32
[  179.707098][ T5970] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  179.711798][ T5970] usb 7-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  179.717593][ T5970] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.720144][ T5970] usb 7-1: Product: syz
[  179.721641][ T5970] usb 7-1: Manufacturer: syz
[  179.723160][ T5970] usb 7-1: SerialNumber: syz
[  179.726089][ T5970] usb 7-1: config 0 descriptor??
[  179.730062][ T5970] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input11
[  179.734523][ T5970] usbtouchscreen 7-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -8
[  179.747120][   T40] audit: type=1400 audit(1754769623.259:662): avc:  denied  { read } for  pid=10042 comm="syz.3.1491" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  179.747474][ T5970] usbtouchscreen 7-1:0.0: probe with driver usbtouchscreen failed with error -8
[  179.757138][   T40] audit: type=1400 audit(1754769623.259:663): avc:  denied  { open } for  pid=10042 comm="syz.3.1491" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  179.766065][   T40] audit: type=1400 audit(1754769623.279:664): avc:  denied  { write } for  pid=10042 comm="syz.3.1491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  179.944615][ T1145] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  179.989619][ T5970] usb 7-1: USB disconnect, device number 19
[  180.118881][T10059] FAULT_INJECTION: forcing a failure.
[  180.118881][T10059] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.122936][T10059] CPU: 1 UID: 0 PID: 10059 Comm: syz.3.1497 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  180.122952][T10059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  180.122959][T10059] Call Trace:
[  180.122963][T10059]  <TASK>
[  180.122967][T10059]  dump_stack_lvl+0x16c/0x1f0
[  180.122994][T10059]  should_fail_ex+0x512/0x640
[  180.123012][T10059]  _copy_from_iter+0x29f/0x16f0
[  180.123029][T10059]  ? __pfx__copy_from_iter+0x10/0x10
[  180.123043][T10059]  ? rcu_is_watching+0x12/0xc0
[  180.123057][T10059]  ? trace_kmalloc+0x2b/0xd0
[  180.123069][T10059]  ? __kmalloc_noprof+0x242/0x510
[  180.123083][T10059]  kernfs_fop_write_iter+0x19a/0x510
[  180.123096][T10059]  vfs_write+0x7d3/0x11d0
[  180.123108][T10059]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  180.123119][T10059]  ? __pfx___mutex_lock+0x10/0x10
[  180.123134][T10059]  ? __pfx_vfs_write+0x10/0x10
[  180.123153][T10059]  ksys_write+0x12a/0x250
[  180.123163][T10059]  ? __pfx_ksys_write+0x10/0x10
[  180.123177][T10059]  do_syscall_64+0xcd/0x4c0
[  180.123189][T10059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.123200][T10059] RIP: 0033:0x7f55edb8ebe9
[  180.123208][T10059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.123218][T10059] RSP: 002b:00007f55eeac1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  180.123232][T10059] RAX: ffffffffffffffda RBX: 00007f55eddb5fa0 RCX: 00007f55edb8ebe9
[  180.123238][T10059] RDX: 000000000000002f RSI: 0000200000000340 RDI: 0000000000000004
[  180.123244][T10059] RBP: 00007f55eeac1090 R08: 0000000000000000 R09: 0000000000000000
[  180.123250][T10059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.123260][T10059] R13: 00007f55eddb6038 R14: 00007f55eddb5fa0 R15: 00007ffc77cf8238
[  180.123273][T10059]  </TASK>
[  180.504572][ T7023] net_ratelimit: 1489 callbacks suppressed
[  180.504583][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.636455][T10072] 9pnet_virtio: no channels available for device syz
[  180.666136][T10072] FAULT_INJECTION: forcing a failure.
[  180.666136][T10072] name failslab, interval 1, probability 0, space 0, times 0
[  180.674162][T10072] CPU: 1 UID: 0 PID: 10072 Comm: syz.2.1502 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  180.674178][T10072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  180.674185][T10072] Call Trace:
[  180.674189][T10072]  <TASK>
[  180.674194][T10072]  dump_stack_lvl+0x16c/0x1f0
[  180.674209][T10072]  should_fail_ex+0x512/0x640
[  180.674224][T10072]  ? fs_reclaim_acquire+0xae/0x150
[  180.674239][T10072]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  180.674254][T10072]  should_failslab+0xc2/0x120
[  180.674273][T10072]  __kmalloc_noprof+0xd2/0x510
[  180.674287][T10072]  tomoyo_realpath_from_path+0xc2/0x6e0
[  180.674303][T10072]  ? tomoyo_profile+0x47/0x60
[  180.674314][T10072]  tomoyo_path_number_perm+0x245/0x580
[  180.674327][T10072]  ? tomoyo_path_number_perm+0x237/0x580
[  180.674340][T10072]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  180.674367][T10072]  ? find_held_lock+0x2b/0x80
[  180.674380][T10072]  ? hook_file_ioctl_common+0x145/0x410
[  180.674393][T10072]  ? __fget_files+0x20e/0x3c0
[  180.674407][T10072]  security_file_ioctl+0x9b/0x240
[  180.674423][T10072]  __x64_sys_ioctl+0xb7/0x210
[  180.674440][T10072]  do_syscall_64+0xcd/0x4c0
[  180.674453][T10072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.674464][T10072] RIP: 0033:0x7f331a58ebe9
[  180.674474][T10072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.674484][T10072] RSP: 002b:00007f33187f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  180.674495][T10072] RAX: ffffffffffffffda RBX: 00007f331a7b5fa0 RCX: 00007f331a58ebe9
[  180.674501][T10072] RDX: 0000200000000040 RSI: 00000000c008ae67 RDI: 0000000000000004
[  180.674507][T10072] RBP: 00007f33187f6090 R08: 0000000000000000 R09: 0000000000000000
[  180.674514][T10072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.674521][T10072] R13: 00007f331a7b6038 R14: 00007f331a7b5fa0 R15: 00007fff19aea4b8
[  180.674534][T10072]  </TASK>
[  180.674538][T10072] ERROR: Out of memory at tomoyo_realpath_from_path.
[  180.829469][T10076] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=10076 comm=syz.1.1505
[  180.959780][T10087] netlink: 'syz.0.1509': attribute type 1 has an invalid length.
[  181.198201][T10100] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1514'.
[  181.254784][T10107] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=10107 comm=syz.3.1517
[  181.354796][T10117] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1521'.
[  181.544526][   T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.547170][   T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.677773][T10122] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  181.680119][T10122] IPv6: NLM_F_CREATE should be set when creating new route
[  181.692479][T10122] lo: entered allmulticast mode
[  181.699523][T10122] tunl0: entered allmulticast mode
[  181.703597][T10122] gre0: entered allmulticast mode
[  181.725400][T10122] gretap0: entered allmulticast mode
[  181.731110][T10122] erspan0: entered allmulticast mode
[  181.735228][T10122] ip_vti0: entered allmulticast mode
[  181.740983][T10122] ip6_vti0: entered allmulticast mode
[  181.746306][T10122] sit0: entered allmulticast mode
[  181.751475][T10122] ip6tnl0: entered allmulticast mode
[  181.758975][T10122] ip6gre0: entered allmulticast mode
[  181.772591][T10122] ip6gretap0: entered allmulticast mode
[  181.775875][T10122] bridge0: entered allmulticast mode
[  181.777892][T10122] vcan0: entered allmulticast mode
[  181.791815][T10122] bond0: entered allmulticast mode
[  181.793471][T10122] bond_slave_0: entered allmulticast mode
[  181.795489][T10122] bond_slave_1: entered allmulticast mode
[  181.802481][T10122] team0: entered allmulticast mode
[  181.805267][T10122] team_slave_0: entered allmulticast mode
[  181.807080][T10122] team_slave_1: entered allmulticast mode
[  181.811055][T10122] dummy0: entered allmulticast mode
[  181.821539][T10122] nlmon0: entered allmulticast mode
[  181.823972][T10122] caif0: entered allmulticast mode
[  181.827777][T10122] batadv0: entered allmulticast mode
[  181.833120][T10122] veth0: entered allmulticast mode
[  181.839257][T10122] veth1: entered allmulticast mode
[  181.846943][T10122] wg0: entered allmulticast mode
[  181.854947][T10122] wg1: entered allmulticast mode
[  181.861902][T10122] wg2: entered allmulticast mode
[  181.866797][T10122] veth0_to_bridge: entered allmulticast mode
[  181.876550][T10122] veth1_to_bridge: entered allmulticast mode
[  181.895504][T10122] veth0_to_bond: entered allmulticast mode
[  181.904299][T10122] veth1_to_bond: entered allmulticast mode
[  181.919556][T10122] veth0_to_team: entered allmulticast mode
[  181.928746][T10122] veth1_to_team: entered allmulticast mode
[  181.937195][T10122] veth0_to_batadv: entered allmulticast mode
[  181.939475][T10135] netlink: 'syz.2.1526': attribute type 1 has an invalid length.
[  181.946168][T10122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  181.956118][T10122] veth1_to_batadv: entered allmulticast mode
[  181.961328][T10122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  181.966787][T10122] batadv_slave_1: entered allmulticast mode
[  181.967243][T10137] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=10137 comm=syz.1.1527
[  181.975778][T10122] xfrm0: entered allmulticast mode
[  181.988208][T10122] veth0_to_hsr: entered allmulticast mode
[  182.003872][T10122] hsr_slave_0: entered allmulticast mode
[  182.013681][T10122] veth1_to_hsr: entered allmulticast mode
[  182.020646][T10122] hsr_slave_1: entered allmulticast mode
[  182.028338][T10122] hsr0: entered allmulticast mode
[  182.032945][T10122] veth1_virt_wifi: entered allmulticast mode
[  182.044717][T10122] veth0_virt_wifi: entered allmulticast mode
[  182.049110][T10122] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  182.058125][T10122] veth1_vlan: entered allmulticast mode
[  182.066774][T10122] veth0_vlan: entered allmulticast mode
[  182.094659][T10122] vlan0: entered allmulticast mode
[  182.097265][T10122] vlan1: entered allmulticast mode
[  182.099569][T10122] macvlan0: entered allmulticast mode
[  182.106931][T10122] macvlan1: entered allmulticast mode
[  182.112410][T10122] ipvlan0: entered allmulticast mode
[  182.116991][T10122] ipvlan1: entered allmulticast mode
[  182.119988][T10122] veth1_macvtap: entered allmulticast mode
[  182.126450][T10122] veth0_macvtap: entered allmulticast mode
[  182.132377][T10122] macvtap0: entered allmulticast mode
[  182.136410][T10122] macsec0: entered allmulticast mode
[  182.142662][T10122] geneve0: entered allmulticast mode
[  182.148210][T10122] geneve1: entered allmulticast mode
[  182.159462][T10122] mac80211_hwsim hwsim3 wlan0: entered allmulticast mode
[  182.168070][T10122] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  182.174598][T10122] bridge1: entered allmulticast mode
[  182.176384][T10122] veth2: entered allmulticast mode
[  182.178133][T10122] veth3: entered allmulticast mode
[  182.179806][T10122] netdevsim netdevsim3 eth0: entered allmulticast mode
[  182.182000][T10122] netdevsim netdevsim3 eth1: entered allmulticast mode
[  182.185114][T10122] netdevsim netdevsim3 eth2: entered allmulticast mode
[  182.188154][T10122] netdevsim netdevsim3 eth3: entered allmulticast mode
[  182.190382][T10122] mac80211_hwsim hwsim28 wlan2: entered allmulticast mode
[  182.255237][T10135] 8021q: adding VLAN 0 to HW filter on device bond4
[  182.266808][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  182.266817][   T40] audit: type=1326 audit(1754769625.779:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm="syz.0.1530" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57ebd8ebe9 code=0x0
[  182.267846][   T13] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.278346][   T13] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.281002][   T13] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.283792][   T13] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.644159][ T5970] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  182.814186][ T5970] usb 6-1: Using ep0 maxpacket: 8
[  182.817045][ T5970] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  182.820062][ T5970] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  182.823388][ T5970] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  182.826833][ T5970] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  182.830858][ T5970] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  182.833663][ T5970] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.040813][ T5970] usb 6-1: GET_CAPABILITIES returned 0
[  183.042736][ T5970] usbtmc 6-1:16.0: can't read capabilities
[  183.059042][T10164] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=10164 comm=syz.0.1536
[  183.246094][T10129] usb 6-1: USB disconnect, device number 24
[  183.307786][T10176] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1540'.
[  183.444226][T10126] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  183.596126][T10126] usb 7-1: config 0 has an invalid interface number: 156 but max is 0
[  183.598686][T10126] usb 7-1: config 0 has no interface number 0
[  183.600592][T10126] usb 7-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  183.603385][T10126] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.608668][T10126] usb 7-1: config 0 descriptor??
[  183.613205][T10126] gspca_main: spca561-2.14.0 probing abcd:cdee
[  183.785266][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  183.786131][T10180] input input12: cannot allocate more than FF_MAX_EFFECTS effects
[  183.787399][   T40] audit: type=1400 audit(1754769627.299:668): avc:  denied  { read } for  pid=10178 comm="syz.1.1542" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  183.787430][   T40] audit: type=1400 audit(1754769627.299:669): avc:  denied  { ioctl } for  pid=10178 comm="syz.1.1542" path="/dev/uinput" dev="devtmpfs" ino=943 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  183.815960][T10180] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1542'.
[  183.820820][T10173] vxlan0: entered allmulticast mode
[  183.822754][T10173] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  183.825666][   T12] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  183.828266][   T12] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  183.830999][   T12] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  183.833834][   T12] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  183.837221][T10126] spca561 7-1:0.156: probe with driver spca561 failed with error -22
[  183.840259][T10126] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  183.842580][T10126] usb 7-1: MIDIStreaming interface descriptor not found
[  183.853142][T10126] usb 7-1: USB disconnect, device number 20
[  183.856801][T10188] FAULT_INJECTION: forcing a failure.
[  183.856801][T10188] name failslab, interval 1, probability 0, space 0, times 0
[  183.860590][T10188] CPU: 2 UID: 0 PID: 10188 Comm: syz.0.1544 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  183.860605][T10188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.860612][T10188] Call Trace:
[  183.860616][T10188]  <TASK>
[  183.860620][T10188]  dump_stack_lvl+0x16c/0x1f0
[  183.860633][T10188]  should_fail_ex+0x512/0x640
[  183.860645][T10188]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  183.860663][T10188]  should_failslab+0xc2/0x120
[  183.860675][T10188]  __kmalloc_cache_noprof+0x6a/0x3e0
[  183.860690][T10188]  ? __pfx___mutex_lock+0x10/0x10
[  183.860702][T10188]  ? __request_region+0x5c/0xf0
[  183.860719][T10188]  __request_region+0x5c/0xf0
[  183.860736][T10188]  comedi_request_region+0x6d/0x1c0
[  183.860749][T10188]  c6xdigio_attach+0x52/0x4b0
[  183.860762][T10188]  comedi_device_attach+0x3b3/0x900
[  183.860776][T10188]  do_devconfig_ioctl+0x1b1/0x710
[  183.860790][T10188]  ? __mutex_lock+0x1c4/0x10b0
[  183.860801][T10188]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  183.860822][T10188]  ? find_held_lock+0x2b/0x80
[  183.860837][T10188]  comedi_unlocked_ioctl+0x165d/0x2f00
[  183.860857][T10188]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  183.860875][T10188]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  183.860888][T10188]  ? do_vfs_ioctl+0x128/0x14f0
[  183.860905][T10188]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  183.860920][T10188]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  183.860941][T10188]  ? hook_file_ioctl_common+0x145/0x410
[  183.860955][T10188]  ? selinux_file_ioctl+0x180/0x270
[  183.860969][T10188]  ? selinux_file_ioctl+0xb4/0x270
[  183.860984][T10188]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  183.861000][T10188]  __x64_sys_ioctl+0x18b/0x210
[  183.861016][T10188]  do_syscall_64+0xcd/0x4c0
[  183.861028][T10188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.861039][T10188] RIP: 0033:0x7f57ebd8ebe9
[  183.861047][T10188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.861057][T10188] RSP: 002b:00007f57ecb87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  183.861067][T10188] RAX: ffffffffffffffda RBX: 00007f57ebfb5fa0 RCX: 00007f57ebd8ebe9
[  183.861074][T10188] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003
[  183.861080][T10188] RBP: 00007f57ecb87090 R08: 0000000000000000 R09: 0000000000000000
[  183.861086][T10188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.861092][T10188] R13: 00007f57ebfb6038 R14: 00007f57ebfb5fa0 R15: 00007ffd0d5db3c8
[  183.861105][T10188]  </TASK>
[  183.861110][T10188] comedi comedi3: c6xdigio: I/O port conflict (0x4f27,3)
[  183.870486][T10189] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=10189 comm=syz.1.1545
[  183.870816][T10188] ==================================================================
[  183.913357][   T40] audit: type=1400 audit(1754769627.409:670): avc:  denied  { read } for  pid=10190 comm="syz.1.1546" path="socket:[36750]" dev="sockfs" ino=36750 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  183.914276][T10188] BUG: KASAN: slab-use-after-free in sysfs_remove_file_ns+0x63/0x70
[  183.914304][T10188] Read of size 8 at addr ffff888036d51a30 by task syz.0.1544/10188
[  183.914316][T10188] 
[  183.914324][T10188] CPU: 2 UID: 0 PID: 10188 Comm: syz.0.1544 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  183.914342][T10188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.914351][T10188] Call Trace:
[  183.914357][T10188]  <TASK>
[  183.914362][T10188]  dump_stack_lvl+0x116/0x1f0
[  183.914377][T10188]  print_report+0xcd/0x630
[  183.914393][T10188]  ? __virt_addr_valid+0x81/0x610
[  183.914413][T10188]  ? __phys_addr+0xe8/0x180
[  183.914434][T10188]  ? sysfs_remove_file_ns+0x63/0x70
[  183.914450][T10188]  kasan_report+0xe0/0x110
[  183.914468][T10188]  ? sysfs_remove_file_ns+0x63/0x70
[  183.914487][T10188]  sysfs_remove_file_ns+0x63/0x70
[  183.914504][T10188]  driver_remove_file+0x4a/0x60
[  183.914524][T10188]  bus_remove_driver+0x224/0x2c0
[  183.914556][T10188]  driver_unregister+0x76/0xb0
[  183.914574][T10188]  comedi_device_detach_locked+0x12f/0xa50
[  183.914593][T10188]  comedi_device_detach+0x67/0xb0
[  183.914607][T10188]  comedi_device_attach+0x43d/0x900
[  183.914620][T10188]  do_devconfig_ioctl+0x1b1/0x710
[  183.914637][T10188]  ? __mutex_lock+0x1c4/0x10b0
[  183.914652][T10188]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  183.914672][T10188]  ? find_held_lock+0x2b/0x80
[  183.914691][T10188]  comedi_unlocked_ioctl+0x165d/0x2f00
[  183.914715][T10188]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  183.914739][T10188]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  183.914757][T10188]  ? do_vfs_ioctl+0x128/0x14f0
[  183.914779][T10188]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  183.914802][T10188]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  183.914828][T10188]  ? hook_file_ioctl_common+0x145/0x410
[  183.914845][T10188]  ? selinux_file_ioctl+0x180/0x270
[  183.914865][T10188]  ? selinux_file_ioctl+0xb4/0x270
[  183.914885][T10188]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  183.914907][T10188]  __x64_sys_ioctl+0x18b/0x210
[  183.914929][T10188]  do_syscall_64+0xcd/0x4c0
[  183.914945][T10188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.914960][T10188] RIP: 0033:0x7f57ebd8ebe9
[  183.914973][T10188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.914988][T10188] RSP: 002b:00007f57ecb87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  183.915003][T10188] RAX: ffffffffffffffda RBX: 00007f57ebfb5fa0 RCX: 00007f57ebd8ebe9
[  183.915013][T10188] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003
[  183.915023][T10188] RBP: 00007f57ecb87090 R08: 0000000000000000 R09: 0000000000000000
[  183.915032][T10188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.915041][T10188] R13: 00007f57ebfb6038 R14: 00007f57ebfb5fa0 R15: 00007ffd0d5db3c8
[  183.915056][T10188]  </TASK>
[  183.915061][T10188] 
[  184.045338][T10188] Allocated by task 10106:
[  184.053484][T10188]  kasan_save_stack+0x33/0x60
[  184.054981][T10188]  kasan_save_track+0x14/0x30
[  184.056464][T10188]  __kasan_kmalloc+0xaa/0xb0
[  184.057920][T10188]  __kmalloc_noprof+0x223/0x510
[  184.059461][T10188]  security_inode_init_security+0x13f/0x390
[  184.061309][T10188]  shmem_symlink+0x135/0x9f0
[  184.062800][T10188]  vfs_symlink+0x400/0x680
[  184.064212][T10188]  do_symlinkat+0x261/0x310
[  184.065650][T10188]  __x64_sys_symlinkat+0x93/0xc0
[  184.067220][T10188]  do_syscall_64+0xcd/0x4c0
[  184.068652][T10188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.070498][T10188] 
[  184.071269][T10188] Freed by task 10106:
[  184.072574][T10188]  kasan_save_stack+0x33/0x60
[  184.074067][T10188]  kasan_save_track+0x14/0x30
[  184.075554][T10188]  kasan_save_free_info+0x3b/0x60
[  184.077139][T10188]  __kasan_slab_free+0x60/0x70
[  184.078653][T10188]  kfree+0x2b4/0x4d0
[  184.079890][T10188]  security_inode_init_security+0x2eb/0x390
[  184.081731][T10188]  shmem_symlink+0x135/0x9f0
[  184.083204][T10188]  vfs_symlink+0x400/0x680
[  184.084620][T10188]  do_symlinkat+0x261/0x310
[  184.086055][T10188]  __x64_sys_symlinkat+0x93/0xc0
[  184.087623][T10188]  do_syscall_64+0xcd/0x4c0
[  184.089050][T10188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.090901][T10188] 
[  184.091693][T10188] The buggy address belongs to the object at ffff888036d51a00
[  184.091693][T10188]  which belongs to the cache kmalloc-256 of size 256
[  184.095959][T10188] The buggy address is located 48 bytes inside of
[  184.095959][T10188]  freed 256-byte region [ffff888036d51a00, ffff888036d51b00)
[  184.100048][T10188] 
[  184.100820][T10188] The buggy address belongs to the physical page:
[  184.102850][T10188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36d50
[  184.105560][T10188] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  184.108179][T10188] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  184.110642][T10188] page_type: f5(slab)
[  184.111902][T10188] raw: 00fff00000000040 ffff88801b842b40 0000000000000000 dead000000000001
[  184.114545][T10188] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  184.117181][T10188] head: 00fff00000000040 ffff88801b842b40 0000000000000000 dead000000000001
[  184.119853][T10188] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  184.122542][T10188] head: 00fff00000000001 ffffea0000db5401 00000000ffffffff 00000000ffffffff
[  184.125198][T10188] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  184.127871][T10188] page dumped because: kasan: bad access detected
[  184.129852][T10188] page_owner tracks the page as allocated
[  184.131626][T10188] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5965, tgid 5965 (syz-executor), ts 47012971510, free_ts 46911054035
[  184.138084][T10188]  post_alloc_hook+0x1c0/0x230
[  184.139596][T10188]  get_page_from_freelist+0x132b/0x38e0
[  184.141320][T10188]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  184.143178][T10188]  alloc_pages_mpol+0x1fb/0x550
[  184.144708][T10188]  new_slab+0x247/0x330
[  184.146021][T10188]  ___slab_alloc+0xcf2/0x1740
[  184.147528][T10188]  __slab_alloc.constprop.0+0x56/0xb0
[  184.149203][T10188]  __kmalloc_noprof+0x2f2/0x510
[  184.150737][T10188]  fib_create_info+0x53f/0x46b0
[  184.152270][T10188]  fib_table_insert+0x177/0x1c40
[  184.153816][T10188]  fib_magic+0x4d4/0x5c0
[  184.155156][T10188]  fib_add_ifaddr+0x3a1/0x580
[  184.156640][T10188]  fib_netdev_event+0x38a/0x710
[  184.158176][T10188]  notifier_call_chain+0xbc/0x410
[  184.159764][T10188]  call_netdevice_notifiers_info+0xbe/0x140
[  184.161636][T10188]  __dev_notify_flags+0x12c/0x2e0
[  184.163228][T10188] page last free pid 5964 tgid 5964 stack trace:
[  184.165203][T10188]  __free_frozen_pages+0x7d5/0x10f0
[  184.166870][T10188]  __put_partials+0x165/0x1c0
[  184.168361][T10188]  qlist_free_all+0x4d/0x120
[  184.169810][T10188]  kasan_quarantine_reduce+0x195/0x1e0
[  184.171531][T10188]  __kasan_slab_alloc+0x69/0x90
[  184.173058][T10188]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  184.174905][T10188]  __alloc_skb+0x2b2/0x380
[  184.176317][T10188]  netlink_alloc_large_skb+0x69/0x130
[  184.177988][T10188]  netlink_sendmsg+0x6a1/0xdd0
[  184.179497][T10188]  __sys_sendto+0x4a0/0x520
[  184.180928][T10188]  __x64_sys_sendto+0xe0/0x1c0
[  184.182460][T10188]  do_syscall_64+0xcd/0x4c0
[  184.183893][T10188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.185739][T10188] 
[  184.186513][T10188] Memory state around the buggy address:
[  184.188267][T10188]  ffff888036d51900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  184.190746][T10188]  ffff888036d51980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  184.193248][T10188] >ffff888036d51a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  184.195715][T10188]                                      ^
[  184.197456][T10188]  ffff888036d51a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  184.199934][T10188]  ffff888036d51b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  184.202424][T10188] ==================================================================
[  184.208115][   T40] audit: type=1400 audit(1754769627.719:671): avc:  denied  { read } for  pid=5360 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  184.208433][T10188] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  184.208443][T10188] CPU: 2 UID: 0 PID: 10188 Comm: syz.0.1544 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[  184.208457][T10188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  184.208463][T10188] Call Trace:
[  184.208467][T10188]  <TASK>
[  184.208471][T10188]  dump_stack_lvl+0x3d/0x1f0
[  184.208484][T10188]  vpanic+0x6e8/0x7a0
[  184.208501][T10188]  ? __pfx_vpanic+0x10/0x10
[  184.208517][T10188]  ? sysfs_remove_file_ns+0x63/0x70
[  184.208529][T10188]  panic+0xca/0xd0
[  184.208544][T10188]  ? __pfx_panic+0x10/0x10
[  184.208559][T10188]  ? sysfs_remove_file_ns+0x63/0x70
[  184.208570][T10188]  ? preempt_schedule_common+0x44/0xc0
[  184.208587][T10188]  ? preempt_schedule_thunk+0x16/0x30
[  184.208603][T10188]  ? check_panic_on_warn+0x1f/0xb0
[  184.208619][T10188]  check_panic_on_warn+0xab/0xb0
[  184.208636][T10188]  end_report+0x107/0x170
[  184.208647][T10188]  kasan_report+0xee/0x110
[  184.208658][T10188]  ? sysfs_remove_file_ns+0x63/0x70
[  184.208671][T10188]  sysfs_remove_file_ns+0x63/0x70
[  184.208682][T10188]  driver_remove_file+0x4a/0x60
[  184.208695][T10188]  bus_remove_driver+0x224/0x2c0
[  184.208711][T10188]  driver_unregister+0x76/0xb0
[  184.208723][T10188]  comedi_device_detach_locked+0x12f/0xa50
[  184.208736][T10188]  comedi_device_detach+0x67/0xb0
[  184.208745][T10188]  comedi_device_attach+0x43d/0x900
[  184.208757][T10188]  do_devconfig_ioctl+0x1b1/0x710
[  184.208770][T10188]  ? __mutex_lock+0x1c4/0x10b0
[  184.208781][T10188]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  184.208798][T10188]  ? find_held_lock+0x2b/0x80
[  184.208811][T10188]  comedi_unlocked_ioctl+0x165d/0x2f00
[  184.208828][T10188]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  184.208844][T10188]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  184.208857][T10188]  ? do_vfs_ioctl+0x128/0x14f0
[  184.208873][T10188]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  184.208888][T10188]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  184.208906][T10188]  ? hook_file_ioctl_common+0x145/0x410
[  184.208918][T10188]  ? selinux_file_ioctl+0x180/0x270
[  184.208931][T10188]  ? selinux_file_ioctl+0xb4/0x270
[  184.208946][T10188]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  184.208961][T10188]  __x64_sys_ioctl+0x18b/0x210
[  184.208976][T10188]  do_syscall_64+0xcd/0x4c0
[  184.208987][T10188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.208998][T10188] RIP: 0033:0x7f57ebd8ebe9
[  184.209006][T10188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.209016][T10188] RSP: 002b:00007f57ecb87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  184.209026][T10188] RAX: ffffffffffffffda RBX: 00007f57ebfb5fa0 RCX: 00007f57ebd8ebe9
[  184.209033][T10188] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003
[  184.209039][T10188] RBP: 00007f57ecb87090 R08: 0000000000000000 R09: 0000000000000000
[  184.209046][T10188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.209052][T10188] R13: 00007f57ebfb6038 R14: 00007f57ebfb5fa0 R15: 00007ffd0d5db3c8
[  184.209061][T10188]  </TASK>
[  184.215382][T10188] Kernel Offset: disabled

VM DIAGNOSIS:
20:00:26  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88806a63fe80 RCX=ffffffff81af8e41 RDX=ffff888021c02440
RSI=ffffffff81af8e1b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90000adf888
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=dffffc0000000000 R13=ffffed100d4c7fd1 R14=0000000000000001 R15=0000000000000002
RIP=ffffffff81af8e1d RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d66bd000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f0e39ce56c0 CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000e58e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffefcb423a0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffefcb42526
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffefcb42526 00007ffefcb4252c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e39012e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e39012e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e39012e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e39012e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e39012ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e39012fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000009328c7 RBX=0000000000000001 RCX=ffffffff8b934c29 RDX=0000000000000000
RSI=ffffffff8de4f11d RDI=ffffffff8c162480 RBP=ffffed1003c54488 RSP=ffffc90000177df8
R8 =0000000000000001 R9 =ffffed100d4a6655 R10=ffff88806a5332ab R11=0000000000000000
R12=0000000000000001 R13=ffff88801e2a2440 R14=ffffffff90ab3590 R15=0000000000000000
RIP=ffffffff8b93378f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d67bd000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000032078000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000e58e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055559457c2f4 000055559457bdc0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555594569490
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055559456d078
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555594575548
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0408060a0156e600 1000088080808080 8081821000000401 0000060806080159
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0401 80030fffffffffff ff0404100008848c 1000038004010000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 078c035a04000788 0328080007800307 80040003000401a0 030008000190030f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001e08080840007 a40308040007a003 0008000798030008 0007900304820400
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100040020b88408 0006800401c71000 08014ab8006c6c69 6b66722f7665642f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01ffffffffffffff ffe7080680030010 0001800401000000 0806060168d60008
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001e00300100001 d0030fffffffffff ff0401c003021000 01b0032810001003
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0210b880840007a6 030010b080840007 a6030001e0808084 0007a40308040007
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85640115 RDI=ffffffff9b10cfa0 RBP=ffffffff9b10cf60 RSP=ffffc90005fb73b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3330383838666666
R12=0000000000000000 R13=0000000000000034 R14=ffffffff9b10cf60 R15=ffffffff856400b0
RIP=ffffffff8564013f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f57ecb876c0 ffffffff 00c00000
GS =0000 ffff8880d68bd000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b31463fff CR3=0000000031c84000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000e58e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffffffe Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ecb87060 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd0d5db8d6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd0d5db8d6 00007ffd0d5db8dc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73697664616d2065 74616c75706f7000 757a253d657a6973 2070253d72747000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 564c534144480540 51444950554a5500 505f0018405f4c56 0555001857515500
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000063f1bb RBX=0000000000000003 RCX=ffffffff8b934c29 RDX=0000000000000000
RSI=ffffffff8de4f11d RDI=ffffffff8c162480 RBP=ffffed1003c57000 RSP=ffffc90000197df8
R8 =0000000000000001 R9 =ffffed100d4e6655 R10=ffff88806a7332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801e2b8000 R14=ffffffff90ab3590 R15=0000000000000000
RIP=ffffffff8b93378f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69bd000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000020000057f000 CR3=0000000031c84000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000e58e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000014 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000006f696769
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd0d5db8d6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd0d5db8d6 00007ffd0d5db8dc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebe12fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebf874a8 00007f57ebf874a0 00007f57ebf87498 00007f57ebf87470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ecaed100 00007f57ebf87460 00007f57ebf87478 0000000500060006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57ebf874b8 00007f57ebf874b0 00007f57ebf874a8 00007f57ebf874a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000