last executing test programs:

1.689953404s ago: executing program 2 (id=750):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/crash_elfcorehdr_size', 0x0, 0x8)
read$char_usb(r1, &(0x7f0000000040)=""/169, 0xa9) (async)
read$char_usb(r1, &(0x7f0000000040)=""/169, 0xa9)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r4, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x48850}, 0x0)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x24, 0x0, 0x8, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x24}, 0x1, 0x0, 0x0, 0x480c1}, 0x24000050)

1.689797436s ago: executing program 1 (id=751):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
read$FUSE(r0, &(0x7f0000002380)={0x2020, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x2020)
ptrace$getenv(0x4201, r4, 0x8, &(0x7f0000000000)) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000611224000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.612866905s ago: executing program 1 (id=753):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0xa8681, 0x0)
signalfd4(r0, &(0x7f0000000180), 0x8, 0x80800)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c03000017"], 0x34c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="14000000070fdb63128cf763c8e9f7d9ad3171584902576faa112974cb34f2ed4d7817e0bad7f2592abeeaf1c1c3c59bd9e90b82722a0fdadc9db03565a15d9344650fb4d080920ca1d72b739e533200b1f3ce9d9c76a5c95ea2e2dbe8fd4ff56da79f39c981736728e5da6619c1c484ecec01db6f16b37fb70072c99f120ec3784188eb8871e76c8d0618b75555b4864cc0b2f3583cb07bf7c3a6db836400"/171], 0x50)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="30000000180001cd194f96ff1119f5000a370000ef387c881eb0b0aa21a8f9065d47acb4929913759a15bf3ca5f6b4777f7776ba149cc1f5cba4b002ec85b34b4c15c0b57d07bcae57f0c7b2b58fd85abbf4519196ea0494d0c5c60bb261434890684016d808745419994ab42e709dc9c20418d2487f50663cb95deed68a681a1b4eb50b53a959a0a80000000000", @ANYRES32=0x0, @ANYBLOB="000000001400050000000000000000000000000000000001"], 0x30}}, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x44801, 0x0)
openat$cgroup_ro(r5, &(0x7f0000000140)='blkio.bfq.io_queued\x00', 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xb)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)
epoll_create(0x4)

1.612483206s ago: executing program 2 (id=754):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.612143417s ago: executing program 2 (id=755):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="0b00e880976b6408686030000500018099"], 0x2c}], 0x1, 0x0, 0x0, 0x24040810}, 0x0) (async)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="1800000072006bcdb13fe3dc6e080000070900000d000000", 0x18}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) (async)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2000000000000006, &(0x7f00000003c0)=[{0x6, 0x0, 0x0, 0x7fff0004}, {0x9, 0x58, 0xfa, 0x1}]}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xb0)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000300)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) (async)
close_range(r3, 0xffffffffffffffff, 0x0)
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0) (async)
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
creat(&(0x7f0000000400)='./file0\x00', 0x10)
r6 = syz_io_uring_setup(0x10c, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x80}) (async)
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x12, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@alu={0x4, 0x0, 0x8, 0x8, 0x9, 0x10, 0xfffffffffffffff0}, @ldst={0x1, 0x2, 0x3, 0x2, 0x5, 0xc, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xbc, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x3}, 0x8, 0x10, &(0x7f0000000080)={0x4, 0x1, 0x0, 0x4000000}, 0x10}, 0x94)
ioctl$int_in(r5, 0x40000000af01, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300) (async)
syz_emit_ethernet(0x42, &(0x7f0000000200)={@local, @random='\x00 \x00\x00\x00\b', @void, {@ipv4={0x800, @tcp={{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x7, 0xb1, [@dev]}, @timestamp={0x44, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
r10 = fcntl$dupfd(r5, 0x0, r9) (async)
r11 = eventfd2(0x8001, 0x0)
ioctl$VHOST_SET_VRING_KICK(r10, 0x4008af20, &(0x7f00000000c0)={0x0, r11}) (async)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000000)=<r12=>0x0, &(0x7f0000000080)=0x4)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="4000000048000893f79052993a33aced18250028bd7000ffdbdf250a004000", @ANYRES32=r12, @ANYBLOB="0200000014000100000000000000000000000000000000000800020001000000080002000b000000"], 0x40}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)

1.535953323s ago: executing program 1 (id=756):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0xca000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000001c0)=0x3)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000880)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde9809c8814618e976832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada133b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631def9f126c25ba4f37caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d3130180613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd60200c1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r3, 0x0, 0xff2e)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.535238976s ago: executing program 2 (id=757):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000680), 0x8200, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x3000010, &(0x7f0000000340)=ANY=[@ANYBLOB="665e354b419ab2a5ab1bd92fcd7e4e162d9b039f01dbe631343019b43a94e2852b1d8c05a64280b705e1bd3720c97671363b32e2b01b50c05e8b4d45c3fde6401e528f1fb098f92123a54e02a765e2caf200fbfe212829ff9451c3810e492173925514f1cee4cddc52a25361dcda46fd1c2cafc556706ebfddb9e05370ecbc16edec969384177d1379d4047f98e647d730b9e4b9660c7834767e6313de072d086c177f8b30b457cb84b4dce5c0e307954cd1d078fa211c1d293ea6d3c2d5ceaf0b248617d8454a69d1af8f7b745bcfa57deb2aebf8078e69980365f0dccb8791641c5df23336e52624bc0a4a4292378b5af4046dd7d8ca1590fb838f40"]) (async)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f00000000c0)={0x1cc, 0x1e, &(0x7f00000006c0)})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000180)=ANY=[], 0xff2e) (async)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x58, "00000000000000000000a200"})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000061000400000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba70000000000000000000000000200"/173], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x5, '\x00', 0x0, @sk_msg}, 0x48)
r3 = syz_open_pts(r2, 0x101000) (async)
r4 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r5 = dup3(r3, r4, 0x0)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0x17)
ioctl$CDROM_SEND_PACKET(r0, 0x5393, &(0x7f00000002c0)={"e9790969b0f5f1af438a1e82", 0x0, 0x0, 0x80, &(0x7f0000000240)={0x1, 0x0, 0x6f, 0x1, 0x0, 0x1, 0x0, "0000409f", 0x5, "24053331", 0x4, 0xf, 0xa, '\x00', "77180e5bccdba4fbb5e4b47b8dbe042caa216a09246ecee73f774253a18bf000"}, 0x1, 0x400007, 0x800, 0x0}) (async)
madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4)

1.358576596s ago: executing program 0 (id=762):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x0, 0xfffffffc})
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, 0xffffffffffffffff, 0x0)
accept(r2, 0x0, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x19, &(0x7f0000000080), 0x4)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{0x0, 0xdddd1000, 0x0, 0x0, 0x8, 0xd, 0x0, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xffff1000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7}, {0x2000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0xeeee8000, 0x3000, 0x9, 0x0, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80}, {0xdddd1000, 0x0, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x3000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26}, {0x80a0000}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x70, 0x0, 0x8000, 0x0, [0x0, 0x0, 0x1]})
ioctl$KVM_TRANSLATE(r5, 0xc018ae85, &(0x7f00000000c0))
r6 = fsmount(r1, 0x0, 0x0)
r7 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0)
getdents(r7, &(0x7f0000000280)=""/4096, 0x9005)
write$UHID_CREATE(r7, &(0x7f0000000440)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000240)=""/12, 0xc, 0x9, 0xffff, 0x4, 0xc3f0bd46, 0x281541d6}}, 0x120)
fchdir(r6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e)

1.329448191s ago: executing program 2 (id=764):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x44}}, 0x14}, 0x1, 0x0, 0x0, 0x4008815}, 0x24000080) (async)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x44}}, 0x14}, 0x1, 0x0, 0x0, 0x4008815}, 0x24000080)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
request_key(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f0000002980)='V\\@[\x01\x00\x1b\x00\xaaJ&\xd0\xc5cC\xf4\x16NGY\x8c\x8dAt\x8e\x17iN\x1bd\xcc\xef\xec\x1a\']\x05\xec3\xdb=\xab\x13\xf2<]x\xca\xb30\xb7\xff~C_v\xca\xed\x12\x8d\x88\xc6\x02\x00\x00\x00\\$p\xa4\xe9x\\W\x00<#hyWF\a\x1a\xca9s\x97\x03\xf2\xf9\x9c?w}m\xb29w.#\xe4\xf0,|\xce\xa5\x8a<\x00\xba\x1c\x05\xc8\xe7R\x85\xf5+\xab_bo\x02\xcb\x17\x95C\x024?\x1cqJ?\xd3\x8d\x81', 0xfffffffffffffffe)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000f9b000/0x18000)=nil, 0x0, 0x0, 0x20, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000f9b000/0x18000)=nil, 0x0, 0x0, 0x20, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2) (async)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, 0x0)
ioctl$VIDIOC_G_STD(r1, 0x80085617, &(0x7f0000000180))
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) (async)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
sendmmsg$sock(r2, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
open(&(0x7f0000000000)='.\x00', 0x0, 0x0) (async)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x19e)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000040)={0x207ffd, 0xfffffffe}, 0x8)
shutdown(r4, 0x0) (async)
shutdown(r4, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
accept4(r5, 0x0, 0x0, 0x80000) (async)
r6 = accept4(r5, 0x0, 0x0, 0x80000)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r6)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x1c, 0x29, 0xb, 0x70bd27, 0x4000, {0x3}, [@nested={0x8, 0x1, 0x0, 0x1, [@generic="78a449a0"]}]}, 0x1c}}, 0x4040080)
sendmsg$xdp(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x20000080}, 0x440000d5)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x40049366, 0x0) (async)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x40049366, 0x0)

1.322947835s ago: executing program 3 (id=765):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="15000000690003050000000000080001000200000000000100020000000000010000000000"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040f0401011404"], 0x7)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000018c0)={'team0\x00', <r3=>0x0})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x16c}}, 0x24)
r4 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$MRT(r4, 0x0, 0xd0, 0x0, &(0x7f0000000040))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0x5}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000157b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r6, 0xffffffffffffffff, 0x500}, 0x57)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000022780)=@newlink={0x40, 0x10, 0x49920d862a92143b, 0x100000, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD1={0x8}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8004}, 0x24000800)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000540)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1159b}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_FWMARK={0x8, 0x14, 0x200}]}}}]}, 0x44}}, 0x0)

1.225993883s ago: executing program 1 (id=766):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x21c}) (async)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) (async)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000100)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00002c5000/0x1000)=nil, 0x400000, 0x3, 0x2})

1.223088074s ago: executing program 1 (id=767):
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
r2 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r2, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
connect$llc(r2, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x9, 0x3, 0x2}, 0x10) (async)
r3 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r2, &(0x7f0000000080)={0x1a, 0x30c, 0xd, 0xc, 0x82, 0x5, @multicast}, 0x10)
bind$llc(r3, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) (async)
close_range(r0, 0xffffffffffffffff, 0x0)

1.080725927s ago: executing program 2 (id=768):
pselect6(0x0, 0x0, 0x0, &(0x7f00000006c0)={0x6, 0x15, 0x7, 0x5, 0x8, 0x1, 0xcc7f, 0x7f}, &(0x7f0000000700)={0x0, 0x989680}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1fd6b38443af8512}, {0xffff, 0xffff}, {0x0, 0x4}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_FWMARK={0x8, 0x12, 0x20000205}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40001}, 0x4)
r0 = socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}, 0xf5ff}], 0xf00, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="e40000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000222803001c0012800c0001006d6163766c616e000c000280080001000800000008000500", @ANYRES32, @ANYBLOB='\b\x00?'], 0xe4}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x50}}, 0x0)
migrate_pages(0x0, 0x0, &(0x7f00000005c0)=0xe, &(0x7f0000000600)=0x3b87)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r4}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r5 = msgget(0x2, 0x40)
msgctl$IPC_RMID(r5, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="48000000130008002dbd7000fddbdf2507000000", @ANYRES32=r4, @ANYBLOB="000100000540deff07001d0060080000050027000500000008000f000700000008001f000600000008001d0006050000"], 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x4091)
r6 = bpf$ITER_CREATE(0x21, &(0x7f0000000280), 0x8)
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f0000000300)=@newqdisc={0x23c, 0x24, 0x400, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x4, 0xb}, {0x4, 0x6}, {0xc, 0x3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x54, 0x2, [@TCA_GRED_MAX_P={0x8, 0x4, 0x9ed}, @TCA_GRED_PARMS={0x38, 0x1, {0x49, 0x1, 0x401, 0x2, 0xabaf, 0x9, 0x40, 0xfffffffb, 0x80000000, 0x2, 0x5, 0xa, 0x10, 0x3, 0x5, 0x1}}, @TCA_GRED_LIMIT={0x8, 0x5, 0x2}, @TCA_GRED_MAX_P={0x8, 0x4, 0x2}]}}, @TCA_STAB={0x1b0, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x5, 0xf25, 0x3, 0x2, 0x10000, 0x200, 0x8}}, {0x14, 0x2, [0x0, 0xe, 0xff26, 0x6, 0xfff, 0x6, 0x8, 0xc7f]}}, {{0x1c, 0x1, {0x6, 0x70, 0xec, 0x401, 0x0, 0xc31, 0xad1f, 0x4}}, {0xc, 0x2, [0x2, 0x8000, 0x8000, 0x0]}}, {{0x1c, 0x1, {0x5, 0x8, 0x8, 0x3, 0x1, 0x0, 0x1, 0x3}}, {0xa, 0x2, [0x4, 0x0, 0x5]}}, {{0x1c, 0x1, {0xc, 0xa, 0x8, 0x8, 0x1, 0xb72, 0x4, 0x3}}, {0xa, 0x2, [0x3, 0x2, 0x0]}}, {{0x1c, 0x1, {0xfd, 0x7, 0x1, 0x5, 0x1, 0x3, 0x4, 0x6}}, {0x10, 0x2, [0x1ff, 0x1, 0x4a, 0x31f, 0xc3e, 0x6a1]}}, {{0x1c, 0x1, {0x6, 0x8, 0xfff9, 0xd4, 0x2, 0x6d, 0x1, 0x8}}, {0x14, 0x2, [0x9, 0x8, 0x7, 0x1, 0x1, 0x3, 0x200, 0x5]}}, {{0x1c, 0x1, {0x4, 0x0, 0x8, 0x4, 0x2, 0x10000, 0x4e1, 0x6}}, {0x10, 0x2, [0x7, 0x3, 0x5, 0x81, 0x6, 0x8]}}, {{0x1c, 0x1, {0x0, 0x40, 0x2c8, 0x0, 0x0, 0x10000, 0xe0000000, 0x5}}, {0xe, 0x2, [0x3, 0x7ff, 0x9, 0x8, 0x3]}}, {{0x1c, 0x1, {0x40, 0xfe, 0x68b, 0x6, 0x0, 0x3, 0x3, 0x3}}, {0xa, 0x2, [0x6, 0x1ff, 0xff]}}, {{0x1c, 0x1, {0x9b, 0x46, 0xffff, 0x400, 0x2, 0x113, 0x3a93b6b8, 0x4}}, {0xc, 0x2, [0x3, 0x3ff, 0x6, 0x1d6]}}]}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}]}, 0x23c}}, 0x4000)

1.079607413s ago: executing program 3 (id=769):
r0 = socket(0x10, 0x3, 0x0)
syz_emit_ethernet(0x30f, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '!\x00', 0x2d9, 0x3a, 0x1, @dev={0xfe, 0x80, '\x00', 0xfc}, @mcast2, {[@srh={0x62, 0x2, 0x4, 0x1, 0x4d, 0x30, 0x5, [@mcast2]}], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x19, 0xfffffffd, 0x1, [{0x5, 0xa, "a78ce5400659808000000000004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000000000001991319c00"}, {0x5, 0x2c, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde27a5b85b9d930914625d8a049b4cf0d129806a610ad8467a6b2600000000000055a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef5523e1b76e9ab3d2fbe4b34438d2a7758fedd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc97805d2ccf8a39d59b8bef8590f05cf58751b54c72e45496e95029f2b03bda1ac0070c746d380a49b007a8705336f0abbd2334dd1bf03800a6a47e39deffc49b85b79452c6b938705da60896bec2d70ef41dbfbcbd9d248808ec1e20d82089718090a92d5ba65282cfa3b8e37581c542490d8e56a1479b42217de0478625dd99c68b98bd419a29bb7d4c392c49e738460294d8194c4b62dc58c142187ee55976654c7"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18989f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}]}}}}}}, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000080)={0x3, {{0xa, 0x4e20, 0xd41, @private1, 0xfffffff9}}}, 0x88)
write(r0, &(0x7f0000000040)="1300000043001f00030300f9002304000a04d6", 0x13)

1.020181483s ago: executing program 3 (id=770):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000000)={<r1=>0x0, 0x8, 0x80000000, 0x6, 0x2, 0x40, 0x2, 0x7, {<r2=>0x0, @in6={{0xa, 0x4e23, 0x3, @local, 0x10}}, 0xc9, 0x100, 0x3, 0x3cc2, 0xfffffffb}}, &(0x7f00000000c0)=0xb0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={<r3=>r2, 0x8}, &(0x7f0000000140)=0x8)
r4 = syz_open_dev$mouse(&(0x7f0000000180), 0x190, 0x400)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000001c0)={<r5=>r1, 0x4}, &(0x7f0000000200)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f0000000240)={0x8, 0x1, 0x7, 0xdc, r5}, 0x10)
sendto$inet6(r0, &(0x7f0000000280)="7aaf065e519e18d3ccd1d8b55f9e33529d2a1854209e7c7c9b2b16b7c69cbf04ba90e21f6c68b24e4df800986a9f897569abbeea60a591ff356dde474187d7c60745647aa561a751b57931e247ed7a4712deefefe79816ad498bea204381d9d31c29d55a7f05302b0a7979f2c304f3133cbe704f6f8f9b212e24a16632e276e0fcf9107ac49299a1176ab7e5bf90982659a8051add351b1dc4766394a255e08a57bcbc0355d2a28e8ea8794e1f240cb5a1c290a490cb1c697076815542d1ca4cab5df9c00b22828f4d8c6f3b2884ec2ad9902eaa1c44e8fc2ebe5aed8ce1ed6a7be607a47cb5", 0xe6, 0x4000041, &(0x7f0000000380)={0xa, 0x4e21, 0xffffffff, @remote, 0x100}, 0x1c)
ioctl$SG_SET_KEEP_ORPHAN(r4, 0x2287, &(0x7f00000003c0)=0x10001)
write$tun(r4, &(0x7f0000000400)={@void, @void, @mpls={[{0x7, 0x0, 0x1}, {0xffff, 0x0, 0x1}]}}, 0x8)
getsockopt$inet_sctp6_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000440)={<r6=>r3, 0xfffffff7, 0x5178, 0xfffffffb}, &(0x7f0000000480)=0x10)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000004c0)={r2, 0x1ff}, 0x8)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4, 0x50, r4, 0x8000000)
syz_io_uring_submit(r7, 0x0, &(0x7f0000000500)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x4004, @fd_index=0x3, 0x8, 0x4, 0x3ff, 0x7, 0x0, {0x3}})
symlink(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='./file0\x00')
r8 = openat$full(0xffffffffffffff9c, &(0x7f00000005c0), 0x200040, 0x0)
ioctl$KVM_CAP_HALT_POLL(r8, 0x4068aea3, &(0x7f0000000600)={0xb6, 0x0, 0x100})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000740)={r8, 0x58, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000840)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4020002}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)=@ipv4_delroute={0x50, 0x19, 0x10, 0x70bd2c, 0x25dfdbff, {0x2, 0x20, 0x0, 0x7, 0xfe, 0x0, 0xff, 0x6, 0x1000}, [@RTA_IP_PROTO={0x5}, @RTA_PRIORITY={0x8, 0x6, 0x7fff}, @RTA_MULTIPATH={0xc, 0x9, {0x4, 0x1, 0xd, r9}}, @RTA_GATEWAY={0x8, 0x5, @loopback}, @RTA_DPORT={0x6, 0x1d, 0x4e22}, @RTA_SPORT={0x6, 0x1c, 0x4e21}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x40800)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r8, 0x84, 0x7c, &(0x7f0000000880)={r6, 0x1, 0xc19f}, 0x8)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000008c0)={{{@in=@multicast2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6=@loopback}, 0x0, @in6}}, &(0x7f00000009c0)=0xe8)
quotactl_fd$Q_QUOTAOFF(r8, 0xffffffff80000302, r10, 0x0)
sendmsg$IPSET_CMD_FLUSH(r8, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20040800)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r8, 0x84, 0x13, &(0x7f0000000b00)={r3, 0x1}, &(0x7f0000000b40)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000b80)={r5, @in={{0x2, 0x4e22, @multicast2}}, 0x80, 0x1af}, 0x90)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r4, 0x10f, 0x84, &(0x7f0000000c40), &(0x7f0000000c80)=0x4)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000cc0)={<r11=>r3, 0xc5, "b75a8213550a8a2698fe660858a581affd0b47e7f762e377a43888bed0094c2b0b7a15422876c9b83cf3d5daaa8d0f15bfa840ea5f2d04bfb27ef0a4fc01d7439658a86b38e950219f9c1ae4a83a64fc80973331bd3b09cdd04cc0940bec7845ac640aa286540ba5ac6e796b6a18e372e1fa46a60a817fdc06a452c8263381d3486b1e1ed5542fe9eda34dddbe771f41b286721bc48ab54b8eeaadabca601c2a295c328007a424fbecd06ae8fc2bf45bc741c510e682bc4c61edc957da6cb6e4b4be6dcbfa"}, &(0x7f0000000dc0)=0xcd)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000e00)={r11, 0x8}, 0x8)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000e40), &(0x7f0000000e80)=@v1={0x1000000, [{0x0, 0x401}]}, 0xc, 0x2)
ioctl$IOCTL_GET_NUM_DEVICES(r8, 0x40046104, &(0x7f0000000ec0))
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000001000)={0x0, 0x7, 0x2}, 0x8)

1.017718576s ago: executing program 3 (id=771):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x181041)
write$sndseq(r4, &(0x7f00000008c0)=[{0x0, 0x38, 0x0, 0xfd, @tick=0x8, {0x0, 0xff}, {0xe, 0x4}, @result}], 0x1c)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000040)={0x3, r5, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1})
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r7, 0x0, 0x8, &(0x7f0000000300)=0x2, 0x4)
syz_emit_ethernet(0x3e, &(0x7f00000004c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3e, 0x30, 0x0, 0x0, 0x2b, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x7, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @private=0xa010102, @broadcast=0xac1414bb}}}}}}, 0x0)
socket$inet(0x2, 0x1, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={r0, 0x0, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x13, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c18e8438ef2a565ef1e83323695c58d66500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a3977a68e174f005e95ac6a00"}})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)

502.634334ms ago: executing program 0 (id=772):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='qdisc_enqueue\x00', r1}, 0x18)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3931}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='qdisc_enqueue\x00', r2}, 0x18)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x4, 0xffffffff}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000780)="f4000900062b2c252001001000000000dc8b850f238466cc00007a000000ad6e911b51818462b400", 0x28}], 0x1}, 0x0)

418.852986ms ago: executing program 0 (id=773):
r0 = accept$netrom(0xffffffffffffffff, &(0x7f0000000000)={{0x3, @default}, [@null, @default, @netrom, @remote, @netrom, @null, @rose, @netrom]}, &(0x7f0000000080)=0x48)
recvfrom$netrom(r0, &(0x7f00000000c0)=""/208, 0xd0, 0x2, 0x0, 0x0)
syncfs(r0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='smaps_rollup\x00')
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x38, r2, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000880}, 0x0)
read$FUSE(r1, &(0x7f0000000340)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000002380), 0x2, 0x0)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f00000023c0), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f0000002400))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000002480)={'batadv_slave_0\x00', <r6=>0x0})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000002540)={'ip6tnl0\x00', &(0x7f00000024c0)={'ip6_vti0\x00', <r7=>0x0, 0x29, 0xf9, 0x9, 0x1, 0x62, @mcast1, @mcast1, 0x40, 0x7800, 0x0, 0x280}})
sendmsg$nl_route_sched(r1, &(0x7f0000004e40)={&(0x7f0000002440)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000004e00)={&(0x7f0000002580)=@newtfilter={0x2880, 0x2c, 0x10, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x2, 0x9}, {0xffff, 0xd}, {0xc, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x2640, 0x2, [@TCA_CGROUP_POLICE={0x4c, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x7fffffff, 0x8, 0x0, 0x6, 0x5, {0xfc, 0x0, 0x5, 0xa4, 0x8, 0x4}, {0x8, 0x2, 0x9, 0x401, 0x5, 0x6}, 0x2, 0x3, 0x3}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x6}]}, @TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xffffff7d, 0x8, 0x4b802565, 0x6, 0x6, {0xe5, 0x0, 0x3, 0x8, 0x2, 0x9b}, {0xd, 0x0, 0xa, 0x7fff, 0xd, 0x59d}, 0x4, 0x4, 0x8}}]}, @TCA_CGROUP_ACT={0x11cc, 0x1, [@m_pedit={0xf44, 0xe, 0x0, 0x0, {{0xa}, {0xf18, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe98, 0x4, {{{0x7, 0x3, 0x7, 0x5, 0x1000}, 0x6, 0xea, [{0x4, 0x6, 0x5803bc10, 0x1, 0x5252}, {0x2c11, 0x3, 0x7, 0xa, 0x5, 0x8}, {0x3257, 0xfffffff7, 0x1, 0x7f, 0xfffffffb}, {0xc00000, 0x3, 0xfffffffc, 0x9, 0x2, 0x8}, {0x3, 0x67e, 0x1, 0xc4, 0x0, 0x4}]}, [{0x2, 0x8, 0x9, 0x6, 0x2, 0x9}, {0x0, 0x10000, 0x7, 0x2, 0x80000000, 0x80000001}, {0x0, 0x1, 0x9, 0xc, 0x8}, {0x4, 0x5, 0xb13d, 0x0, 0x7, 0xfff}, {0x39a1, 0x9, 0x7, 0x3, 0x6, 0x263e}, {0x1, 0x4, 0x2, 0x3, 0x800, 0x7}, {0x1, 0x3ff, 0x4, 0x8, 0x9, 0x1}, {0x1ce, 0x1, 0x7, 0x4, 0x6346, 0x6}, {0x3, 0x101, 0xf, 0x863, 0x0, 0xec97}, {0x5, 0xb06a, 0x84, 0x4, 0x3, 0x1000}, {0x3, 0x0, 0x4, 0x7, 0x8, 0x5}, {0x0, 0x81, 0x100, 0x2, 0x22, 0x3}, {0x8, 0x7f, 0x3d, 0x4644bdcf, 0x1000, 0x2}, {0x2fb0, 0x5, 0x9706, 0x0, 0x2, 0x10}, {0x40, 0xdef, 0x5, 0x1, 0x9, 0x2}, {0xc, 0x2, 0xffffffff, 0x200, 0x1, 0x2000000}, {0x7fff, 0x4, 0x5, 0x7fffffff, 0x6, 0x1}, {0x7, 0xf0, 0x2, 0x7f, 0x8001, 0x3}, {0x7, 0x1, 0x80, 0x2, 0x2, 0x64}, {0x2, 0xdc6, 0x7, 0xe, 0x54e6, 0x3}, {0x2000, 0x8, 0x41da, 0x8, 0x9, 0x9af3}, {0x800, 0x10000, 0x7, 0x1, 0x5, 0x9}, {0x8, 0xfb, 0x4, 0xc, 0x5, 0x6}, {0x401, 0x3, 0x8, 0x7fffffff, 0x2, 0x40}, {0x1, 0x3, 0x8, 0x6, 0x1fa5, 0x7fff}, {0x9, 0xf, 0x3f80000, 0x5, 0xc28, 0x4}, {0x8, 0xab, 0x7f, 0x2, 0x1, 0x6}, {0x5, 0x9, 0x4, 0x8001, 0x1}, {0x9, 0xff, 0x0, 0xfffffff9, 0x6, 0x4}, {0xbe3, 0x4, 0x7, 0x1, 0xe01, 0xfffffffd}, {0x7, 0x7, 0x5, 0x1, 0xbc, 0x3}, {0x2, 0x80000000, 0x9, 0x7fff, 0x2, 0x10001}, {0x5, 0x9, 0x7ff, 0x4c54, 0x9, 0x1}, {0x1ff, 0x1, 0x4, 0xfd6, 0xf9}, {0x81, 0x40, 0x7, 0x203, 0xbb3b, 0x1}, {0xc, 0x4, 0x3, 0x3, 0x4, 0x8000}, {0x6, 0x0, 0x7fffffff, 0x9, 0x2, 0x9}, {0x0, 0x2, 0x5, 0x5, 0x7, 0x4}, {0x1, 0x3, 0x1ff, 0x9, 0x800, 0x20000}, {0xd6ec, 0x1, 0xa, 0x2, 0x7bc8, 0x9}, {0x3, 0x65, 0x88, 0x2, 0x3ff}, {0x7ff8000, 0x7, 0x5, 0x7, 0x6, 0x80}, {0x47d, 0x7fffffff, 0x9, 0xfffffffc}, {0x8e, 0x5b2e, 0x5, 0x80, 0x0, 0x2}, {0x0, 0x400, 0x9, 0x2, 0x1, 0x3}, {0x1ff, 0xbd, 0xfff, 0x4, 0x7, 0x5}, {0x1, 0x0, 0x3, 0xfffffc00, 0x8, 0x1}, {0x3, 0x5, 0xc8c, 0x400, 0x9, 0x7}, {0x4, 0x3, 0x5e784ccf, 0x6, 0x7, 0x6}, {0x9, 0x7, 0xfffffff8, 0x30000000, 0x7, 0x18be}, {0x8, 0xd3, 0x40, 0x8, 0x46a9, 0x7ff}, {0x6, 0x3, 0x7, 0x996b, 0x6, 0x1ef705b8}, {0xe, 0x3, 0x2, 0x101, 0x6, 0x1}, {0x3, 0xdff, 0xbcff, 0xfffffbff, 0x1, 0xf}, {0x7, 0x9, 0x9, 0x1, 0x1, 0x2}, {0x1, 0x7, 0x7fffffff, 0x2f, 0xff, 0x4}, {0x63, 0x4, 0x200, 0x1, 0x6, 0x33a54efb}, {0xe4a, 0x0, 0x1, 0x1, 0x80, 0xa6c}, {0x0, 0x5, 0x6, 0x0, 0x8000, 0x8000}, {0x1, 0x8, 0x5, 0x3, 0x200}, {0x80, 0x6, 0xfffff800, 0x100, 0x0, 0x6}, {0x8001, 0x5, 0x8001, 0x9, 0x4}, {0x0, 0x3, 0x8, 0x6, 0x9, 0x7}, {0x0, 0x6, 0x3, 0x7f, 0x431bd16c, 0x10001}, {0x75f8, 0x2, 0x1, 0x6, 0x7ff, 0x7}, {0x100, 0xe, 0x7fffffff, 0x80000001, 0x38000000, 0x36}, {0x2, 0x8, 0x5, 0x9, 0x85, 0x7}, {0x5, 0x80000000, 0xa779, 0x9bed, 0xc, 0x7fff}, {0x10000, 0x1, 0x6, 0xd7, 0x101, 0x6}, {0x2, 0x8000, 0x3483c4c1, 0x2, 0x5, 0xccd}, {0x2, 0x0, 0x101, 0x29b, 0xffffff3b, 0x83b}, {0x401, 0xfffffffb, 0x2, 0x59487879, 0x0, 0xd3d}, {0x1, 0x99, 0xb, 0x3, 0x6, 0x80000001}, {0xffff8000, 0x2, 0x2112a9cb, 0xffffff01, 0x5, 0x5}, {0x40, 0x3, 0x8, 0x6, 0x4, 0x7}, {0x0, 0x101, 0xd3ab, 0x81, 0x3, 0xc92}, {0x9, 0x9, 0x5, 0xf10d, 0x2, 0x9}, {0xf, 0x8, 0x0, 0x0, 0xfffffffc, 0x6}, {0x4, 0x2, 0x75d, 0x0, 0x0, 0x3}, {0x7, 0x2, 0x8, 0xe0bf, 0x200, 0xfffffff9}, {0x3, 0xfffffffa, 0x4, 0x200, 0x7, 0x3488}, {0x2b4, 0x4, 0x2, 0x8, 0x0, 0x6}, {0x4, 0x5, 0x0, 0x7, 0x7, 0x9}, {0xff, 0x3, 0x2, 0x7, 0x9, 0xfffffffa}, {0x4, 0x0, 0xd1, 0x10001, 0x26b69ab6}, {0xfffffbff, 0x95, 0x80000001, 0x5, 0xfff, 0x2}, {0x10000, 0x200, 0x5, 0xf, 0x200, 0x9}, {0x1, 0x7, 0x0, 0x48d8, 0x8, 0xe}, {0x23b4ffc2, 0x5, 0x80000001, 0x52e5, 0x101, 0x400}, {0x1aea2c6b, 0x6, 0x94, 0xff, 0xc, 0x2c0}, {0x1, 0xc569, 0x1, 0x3, 0x4, 0xfffffff7}, {0x5, 0xc272, 0x1, 0x0, 0x3, 0x1}, {0x0, 0x50, 0x8, 0x3, 0x10, 0x2}, {0xff, 0x1, 0x6, 0x0, 0x2, 0x80000001}, {0x1, 0x1, 0x2, 0x40, 0xffffff01, 0x8075}, {0x3, 0x7, 0x6, 0x0, 0x101, 0xb}, {0xb, 0xd, 0x6, 0x5, 0x8, 0x3}, {0x4, 0x3, 0x10001, 0x10001, 0x0, 0x97ea}, {0x7f, 0xc6e, 0x4, 0xae5, 0x2, 0x3ff}, {0x5fe4, 0x9, 0xc, 0x100, 0x7fff, 0x4}, {0xd1, 0x6, 0x0, 0x4, 0xfffffffe, 0xa16c}, {0x80, 0x8, 0xe7, 0x3, 0x101, 0x7}, {0x0, 0x80, 0x5, 0x1, 0x4, 0x2}, {0xffff8000, 0x1, 0x8, 0x1, 0x604, 0xaec}, {0x0, 0x5, 0x8, 0x3, 0xa3, 0x2}, {0x5, 0x3, 0x4a69, 0x5, 0x9, 0x20000000}, {0x80000000, 0xb17d, 0xfffeffff, 0x4, 0x1, 0x8}, {0xf31, 0x4, 0x1, 0xc5, 0xffffff69, 0x8}, {0x10001, 0x3, 0x0, 0x85, 0x1, 0x7}, {0x40000000, 0x2, 0x9, 0xf, 0x137, 0x1}, {0x7c29f87a, 0x1, 0x9, 0x412, 0x4, 0x3}, {0x6, 0x0, 0xffff, 0xfffffff4, 0x8, 0x5}, {0xfff, 0x2, 0xffffe89c, 0x2, 0x80000001, 0x4}, {0x4, 0x8, 0x42, 0x7f, 0x81, 0x80000000}, {0x1ff, 0x1916, 0x1ff, 0x9, 0x5, 0x5}, {0x1, 0x1292, 0x1000, 0x3, 0xd3c, 0xd0}, {0x80000001, 0x3, 0x4, 0x3, 0x4e, 0x3}, {0xd, 0xb, 0x8, 0x8, 0x5, 0x3}, {0x4, 0x1, 0x9, 0x50d, 0x5, 0x1}, {0x4, 0xa564, 0x4, 0xfffffffc, 0xd8b, 0x6}, {0x5, 0x82cb, 0xf, 0x80, 0x9, 0x1}, {0x7, 0xf, 0x3, 0x0, 0x4, 0x5}, {0x6e7, 0x1, 0x9, 0x45, 0x7, 0x303f8f9a}, {0x99, 0x6, 0x0, 0xffffffff, 0x8, 0x6}, {0xffffffff, 0x3, 0x5, 0x5c2, 0x7, 0x6}, {0xffffffff, 0x2, 0xc3, 0xe3, 0x5, 0x1}, {0xd, 0x6, 0x80, 0x80000000, 0x6, 0xfffffff7}, {0xff, 0x9, 0x83a, 0x10000, 0x10000, 0x2}], [{0x5, 0x1}, {0x3, 0x1}, {0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {}, {0x5, 0x1}, {0x5, 0x1}, {0x3}, {0x5}, {}, {0x2, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x2}, {0x3, 0x1}, {}, {0x6, 0x1}, {}, {}, {0x4, 0x1}, {0x2, 0x1}, {0x2}, {0x3}, {0x4}, {0x0, 0x1}, {}, {0x5}, {0x5}, {0x3}, {0x3, 0x1}, {0x5}, {0x2, 0x1}, {0x5}, {0x1}, {0x5, 0x1}, {0x0, 0x1}, {}, {0x3}, {0x5}, {0x3}, {0x0, 0x1}, {0x1}, {0x0, 0x1}, {0x2, 0x1}, {}, {0x1, 0x1}, {0x2}, {0x7, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x6}, {0x1, 0x1}, {0x5}, {0x0, 0x1}, {0x4}, {0x7}, {0x1, 0x1}, {0x4}, {}, {0x7}, {0x0, 0x1}, {0x1, 0x1}, {0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x3}, {0x1, 0x1}, {0xd4eb333fb2c71932, 0x1}, {0x4}, {0x4}, {0x1, 0x1}, {0x5, 0x71cb7899b15f3bd7}, {0x4}, {0x0, 0x1}, {0x5, 0x1}, {0x3}, {0x3}, {0x2, 0x1}, {0x1}, {0x5}, {0x6, 0x1}, {0x5}, {0x0, 0x1}, {0x0, 0x1}, {0x4}, {0x2}, {0x2}, {0x2, 0x1}, {0x4, 0x1}, {0x2}, {0x4}, {0x3}, {0x2}, {0x4, 0x1}, {0x2}, {0x6, 0x1}, {0x3}, {0x4, 0x1}, {0x2}, {0x2, 0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x4}, {}, {0x2}, {0x4, 0x1}, {0x2}, {0x5}]}}, @TCA_PEDIT_KEYS_EX={0x7c, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}]}, {0x24, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x34, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_nat={0x284, 0xd, 0x0, 0x0, {{0x8}, {0x16c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xe, 0x7, 0x20000000, 0x9}, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x35}, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x898, 0x5, 0x7, 0x5, 0x6a}, @empty, @multicast2, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0x8, 0x4, 0xfffffe00, 0x1}, @local, @dev={0xac, 0x14, 0x14, 0x2c}, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xfffffffc, 0xffffffff, 0x1, 0x6, 0xffff}, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x1ecbd7e4, 0x1, 0x0, 0x2, 0xec}, @multicast2, @initdev={0xac, 0x1e, 0x88, 0x0}, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xca6, 0xb78, 0xffffffffffffffff, 0x80000001, 0xd}, @empty, @multicast2, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x6, 0xffffffff, 0x6, 0x9f82, 0x6}, @loopback, @multicast2}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0xfffffffd, 0x5, 0x8, 0x10}, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x1ff, 0x457a, 0x5, 0x8, 0xa}, @dev={0xac, 0x14, 0x14, 0x2e}, @private=0xa010100, 0xffffff00, 0x1}}]}, {0xf3, 0x6, "b686091328583b842f311de1e1b7b90e25164381e2ac03550bddb04593e1452e4fdb48b37de2551c3889031c42bfd275d2124d52a3f397b2c4632740609b9f312512aa22072bda8da46bca0e026d56967377de244a385ece9b53cbee4351f8f463ca346a2e0d3c4fc87eebc2c4c505f51af7f0654c2ac61b51f588bae915938526ab14ee8893b4c62d7819e8b2ea0dea9677ae17209e3897a90d4a1f122b3d2412f1f0a9d668c6fab2f596c6aa5b188c83d1e98a3b05d60611993c048efab7c3f2c8280d75b25ced0d1206e57f24d7da8362e7b62302ba053c27dcbc79865c835f8fc78d319a2690c7842a732617b4"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}, @TCA_CGROUP_ACT={0x13c, 0x1, [@m_skbmod={0x4c, 0x1d, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBMOD_SMAC={0xa, 0x4, @random="ac6f28a19cf4"}, @TCA_SKBMOD_DMAC={0xa, 0x3, @broadcast}]}, {0x8, 0x6, '\r2P('}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x4}}}}, @m_skbmod={0xec, 0x1b, 0x0, 0x0, {{0xb}, {0x4}, {0xbd, 0x6, "487d84ac905cf8ea8fad171bf2f00741665bda3d2052c9bed88578d74c7589c14e8add9785cd3f438db655c227bc8d4a0900d7944957f41d8f6c80a4cefb92a86100566ab0ee791c5f96d1aef75fb2a35f53564ef1870045c428bb060ab496838ee4b4e0472983b318aed5cc9c8da54a15a99a3e652772589ca0ea5aa406e3e2de097bc0df0f348d1d3c956287646d1785f4c2f36bb9795b37d70baffecd2cb723a93dd0af339a16a2cec8f1c5f0c5555207b3aff9af93762f"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}, @TCA_CGROUP_ACT={0x12a8, 0x1, [@m_skbedit={0xbc, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x10, 0xe}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x2}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x3}]}, {0x77, 0x6, "b1152318b1335eb1c27c1478a92de114ea7b823cadb937e815bae66134009eb0a8cde7f98163c5941223be81defcdf81b6c2b9e3386fe81ff3870c2c34c198be2ac8e4de829472bd65a7be5743bb9b1b4d1b96b9b175ef1f481baa39f8a269dadd4ae090c8be7e869b8fe18d58b15e045f0902"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_nat={0xec, 0x2, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x1, 0x2, 0x10000000, 0x6, 0x9}, @remote, @broadcast, 0x7f000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0x8, 0x8, 0x5, 0x8}, @remote, @empty, 0xffffff00}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0x1, 0x1, 0x200, 0x7ff}, @local, @private=0xa010101, 0xff0000ff, 0x1}}]}, {0x49, 0x6, "7b05bd69eaddfa2d4553f686062332edd93c0490d8c51e90a8b976fcfa74847afecb029994640e65d926a00f91feeb78e096a587d07e70a91e6b013553ef7a0cd1a490b921"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_mirred={0x5c, 0xb, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x5, 0x1, 0x0, 0x7}, 0x4, r7}}]}, {0xd, 0x6, "dad945cdd1a9ea291f"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_csum={0x10a0, 0x3, 0x0, 0x0, {{0x9}, {0x74, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0xc, 0x4, 0x1, 0x8000}, 0xb}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0xd0, 0xffffffffffffffff, 0x2, 0x200000}, 0x56}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xac42, 0x101, 0x30000001, 0x5, 0x101}, 0x7a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x100, 0xffffffffffffffff, 0x401}, 0x48}}]}, {0x1004, 0x6, "ff012741cab640c69679fbf7718df7389a930eaaf6cb7f11cb41941931a21555128a874a2aace81a9d461a2e7082664738a9f20238515301d7960a5427b510f30f003c295c643d885b7ff0020e05411a5e7687165c913c45211c68f019995e940c5dfdaa7da93a1a7d27f348c3cb8545b269145e098495fb5c469ccafeadc44ee77261f49f10e28bb55d0092edf8104cb02e69130c61d9d12524b0358b14a9022b6211f64f450dbc2aad86ec69dfc8f6bba7c448eb5c9f58883f1ea395ae1e4c71de13bd162b8cef320cc97b36d08d432ea47be0c5daffdcac1fe4fabc269e45cc2330dfd15d4c91eb573a3af119f28c27695d900192d1238f08ce00b55febe9931ec0e1e9f1a2f826072a32b31d8a922445562e7b6869dcd7415e929807087c0d779e869fca554ff274ce89f938ae4b01e988b03ce5a241828d9f4f2b4590aef0627e5eb475d25f8ea367eca250e214b1b7169b731833b4cbbbd7c35480f857ce502d2a4df122086b5009f23b7d4e46283bd86437fd83df24580138159475706fd12dd76c6f55b0776bf9d5cfe3a7245ce16043363f1fc3d3443189a2888e46d3adff7ee0e7fb97c06046939655dcab3bfb08ddc8777466e271a5993015a63e70b48820ab3924683f8872e59b6f368d7b8a54192398c4a573bf3c58a0a5858e67edb956b474cd36b3a5a669cbfa3370ae0afc79f219037f190cbf7f6d83c6347749b3aa9e5b2f97619df7f44e826020dee533b71ae8a9a3f0fdad419e5441ddec1595adde9e0f88482cf539f733c11b49b782e91266faed025018f6d6b68ce9f33e41f3ab42b0d5936e6da16efb64e55a2914767e3b60c355e30d1183dfe3e216d8f9e152b3dfca2ec7b249504bb893eadcfa23f5cd03ee4aff6a3b9551d360d0af8503101f1820263f8672bb7bdcad1962d36629c0702d4782bf218bdfd7b724980abda773c87a42c3473f8fe3a3edbc5bc45c0f1c2d1cb328505f2cf5e9e80838a585860292f18dd6ba6864b65b58a7841391a5413581afdb52709360be1dffdc7ff32a05247a0273522951b0f135bcd101c6b88d45f25b64db317d74fc5fd2c0014cbf00d52e2d9ff8285f367a82db3c929e063eb4b7d67f418da26ccfd1fef2a249e2a7d8dbb0ba79e4112b976f8167f65b88de7abca72d27b25f96798e3e799754475ef8e6453c8a090fc843b45250ce42867c6640dd616f22005ae5f7031a0afd68213387ca8016c12e0d7108276c067449bb90b70c8d594b5059c7c60b896399ee4b1cf56219896374439dd5495960c1e8b3619aadc58eb1b74c2acc1098c087dcfb1fffd0af6e61726df4886f3b347dd5db2893351a879bc0873b713de985114e3225986dbd1b8cdd7b3c1223e19cdd8309e2b64a8e0fcffdd926cb2ad55c7f00fbf2adeca9b022543a841aff6020b5334ac8f7bf33fdf4b1dff7c5e3bc4fe1adb4250652a1f87286591f375adb9dc9c33366b79fd238293e0574ea37635c3dd82aa6f43f4865ddfcd9f94a5b530cc6e2a74c4b9bec12198997b9fe5d3bbeaacf55142e624e96f2ac930628983af38a6d4add11f304bcf88dd6fcbbfe06fa6d9eb514c7ddd556bda5617ac3dc37d125e611c4248478c1b41570eb5e1dbd1ae5135944d8e401c6517e1274107d8d737500e9391f467b0f601a012c90138b4d0b049889f5081a66fdac1b3184f5240e3fc23cbe74e3dec1f141554f0a60681d8631b4a5575be863d8e6781b254d380d7bdf51206f98d7f8b0deb0db0cc1a9e4adfc9b2909f5d001ca4bd987402dfd3b853f71283930abca3c012bf2a9b30a1dc828fbc40bbb06738cd854ccb320a7195ffedbd1d82fa301256870422770006023cc5525f48d5a3b9ce0995d1c6f4af4027e0eac56cf92b9f83dbbf7f927da4736cb06224fbfed1663ca7acd76cf5e027638144770933e7f1466a8f2d9e89987b38a42780bb1eb2d1b2e0858d8f790a501ab526cea471e63f929743278b57f81b4cdbeed75defd5cd3e0ade06dc61418a2c38e16ec060bb425e8f7a0b38a14e2bad3f9cf7f5bd0851f285db57fe1e2ced3876ad86757773d67579112359f00227760f6c389f5fa9ff0ffb25e777667dd6742c16bb1e4b433b431ae3f26aeb1d2fbc7fb478388213a6df37b852566226bcc605e35d6cf8481b81775a597d8ee8518815f71f8e89f0d3da9f6b361e4e887f3a3518ffa2542a1331413c6099da6b9689123743e954a2fdfa0a48266090cdde32caf0c70839d293876066487f1cbc9f5fd70bc98ff80b40d33c1d5f65a47907b8094fee183bde2c743c140b0321f40af2b5d1b9a128bb0066e85e04db585634ae7f1fa18dee9156b21a3f3903b54cd7e2b5246ac33acfb5fd223be8eccc145635c1a0a8961f117e56b99ac3ea884bfe7f7d8bc793a9cfd60b8ef1f39ee7e9f4f04b10ac28418c912f52519b485dc4f6c889b32b63cad35e2c8d155ef6d71250888251b4801b6aeb560ea117c34914cf0c0869a50b3aa06b1c7a6bebcb42226d2e4001a8efe9881546e200c99b0b32d6f65e9533ef135812ed349f99bbce72d48543fd454d6aa914e93f80114ca016fb9a849a8eae2891a88ac2f391342aa2198bab2930c158efa0d8f7bb1440feebada7f56b8024084687512fd4792852d51096725aaec44cabcb638256a89007810b877459fbae7f649bb1c0f7560584c7f3f8bfc364a3e13b01976b0ad504d15a92fa00de588721986f5057fbf62da30564c8cd8a9163eeca4391ac91ce56913f8116a7e69c9777755e26038107c9dabfbf8fc3f484fb7b9b06309abc908d2753129917dbcbcaeb134f71b4efd10442bddfbbff58679d49fa65e56fb4a0b6eee26f2c6769af9465d8a8f624157d7904d33107fd773a15b67d0eea9675a49d196dcf9ccb47f765f83b7aab2249fed7b7e86b5da3e50aab62e9dd8c0e67e999bde5e8e3f18c9c94e769a9101f170777ba768b17b14fb8c9f163e4c36eb56e8c514a6e89401351c2e50fcee8915a117667bbb1a38b42d8786c23c7feab79420800b45d269d81e938c510765adec864f71886bb40a0640c5fc892a5dcee219120611b41062ff3acc946ef251bdf916b75d2af9d5dfad7d68259c52fcfc6a06b02ea42553bd4970a897f3f9d7faf0bf772df98e79a56860ec86593f98a4a0e9439cdd5a265617da5bdb68c01ee9eaf87e8d35c0181a8b969ba5c31d559b0ede396512a9094e06a1ba25d0ff7981158916cdb452820dd0fffcea5e43f5280f7f005b50352ae83b50ad3d58c889dec9a148c770e5e1abd677038f2896acd0cbd825c9cbeb0f510cf48d58eb1066aa15d5ec0ac0e6e7b35a60ca80fd2bfb7b126da509c89829381664af37a6c805f3f4a80b0aebe78be9af8f34b4b0a56b0e95ae51ca93eb20048cf31ebd08f010c8e4535007ad549a123e2cf43d1d9f9a5eae005051e04113feb2f1224e1711d68d08f65bbd28aa6ec3f60b505b8f7c82cc6e3d26a51704782c97afbdec8d1164f943fc8cde7fae8c796735b47253aa32fd657ac0ef3db205bf452248e3d0145ca81901418f1b1ce6228c62186e8b8237cf963a459436656125ff1308b42bb923d45a71b869bb5f36e1f71ce0a7c9091a439efbf22ac5c5bc01769a76734040a32e398b1dab5648316a318b0867eebcd134a7d173bef99a775e689225b5c420b1fbcedc1d51a6c7aa04d785c92dff4a6761f42143da30b3ad5e4d53a7280a8c8e3cd3e9fef23cd81701abb7bf170895726d4d3d79a1e6e5b3406826eeb76c5a5790ae8329d05148c55e5536aa4d5be0b1f6477dee2e663b93b2db077b6bd7aea08bcf267cf8ba92bd27f93f90398d6447c1e4f0bb7063113e70f81339a0577d05976d86a4a160323c2d591f367f290cfc1c8d637c982352176597fac20579b9571e83b5eb485af2bc0cff0b1fd20d2ee33fc12c0853442b7fe55c59f68661dc4030e64e98708d0c440fa26839a50728b58ddb0b9f5c8f0f1c8051a0b3d4a1a1040a031528ebb93f6b25626321d0b3d8e544177c27fb067d9e49448c6671270da5bb2d255fa97f11b403f50338e9d319bbbfd9074130fbaf15b0a692aa9a2d78cb7cea0beef72cb3c07e5d4a3e056b00b59dbcd4454e2866c1535259f518df91733b0e9605ea87c8908ab76cb5174e192a2368d44cf4bb6199d253e38f965ec18bc6cb3388af154defed13a6887896d32ab3f8742f4491e4cbd38ca977360192573c69effaa757effaee002cc7e945c38c9b45bf50388d8036c92178dd3e7039d5e06fde6b2aecbe6555918b37dfa51318061ed407cc8a6ef06efd225a37e3e4bceb351de931feb3ef76f1acb48503e3a9ae6e0cf3af740638dcbf5f55c6b66b21f88a68e91f0b1c8883b60612077ed39e6a85c304669dbffeb147aa46f2e51081ff45590b4218ec9f2bab5cfbf2f45edc3cf672b9960fe037b417fdb864a2f6ee16309171fc8f32900dcd873974a447bb6a77dd35b3bde8b53719d4bd7f450f2eee29d9809c9759d0f2df5bc0e3d4b0c61a0d8154fe84ff27f81ddd217937ff14f8ff8625f3bb666571571c108ee0c52280e80f0db962c3ab3d41bace93042410fe9cf7676b1da9e5768a4bc07fcb73ffa47ae390e18c0a2f6314efe434449d533b1e6f90a28152df8cffccc6381f212f1c5e5d0dd1667f70405d0cf70f8e469fe72c9acdc15f4796e9ae8e5be79b2ba5a0dcf18d4d423d23e7892a4d0c03087b173513ae53e1b13492fcf5df7ed3b388af5c07000c7222811f7e780b8bc0d6f22220700b5f585acbfdbc677c5420c94f432b4ead4f6e97d2fc84a2e35ccf348fc28a8ee247a254efd91d50a3bf8c5884ca21d0ee000babb2e2ad815bdb15a952bf7fa0c9eef3280d179a3aa571582b53466a50d5871936a3157f45cde8f0796bf3406d2bd31039021cfc55c7f493f3bfed0040b621a2d1160c0402b63e07ac410d8bd607396c2341098780bf3a93bac1ccd2e14590d2defc38d080639f113eaf0d3b7fce18a91d94e7d0ca06324d6fc0bb106b644c031a24326f8e6224f9aae8fa4fe70c221f556d84e7e5858de3b8f9985c5cdf5ea62a1a229325c45c79f3670f8fd698e53c3d2b2414511492cf90a4c0d6854b3bd4187a550bd9334fb7a893f88dc731eccbd77813abb657b19fd9dd10f7273d95ce48c8c91f169f6038dcb58560157fab035d0ec3a93928e64078e3fecf7d3e574edb31ae3972165a2bad500e330aeff91d932f68e8c089daaeb413d782840767adf1d955c1e12d8b82d92a99a07693ed73b9614f727a38c146cdb56266f9033ab447ee1919b4b96aeb8209f07f713d455333dfe4933e775b85c316b9ebc18ac422215a5bde45ff054ac2a8eaa6537ddceaa3d0dc9390633850d759bd8f8f7e5317d016b1c5f1433e326168c042365e20b2698c7c4f801d42e91c2ad00a5da06fe6ca92ae3fb6798ab2f3b7958fc4c7fc078ca1a56e53a490d07998e2f320b725f06ca13f14f885583022ccc3306728cc8eb3a57a21d1125371e6c4f2559b99976c3c18d620a2c6e5f73fc109abc4e99cdd643276577afd3a8bde7c9177ee62c1e8264597eef6452cefbb8f18117ed12009826e2da419f0ea0db45dad153417611c9eb3aee0f44c4ab0a0d634488ee35fc179ef96bd3e364d54d11c55e74dc5028546b5e6f155d707f5d69040f04941a68ea4200c69bd7446c26f4d2ac06d7249f105168d66ef198d04d8829659b4b07ded3038f59683b657319e09123b7bda97128db85021607954b1bccb992bba638e8d19ec12078ce6d731f14e6800f857"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x40, 0x1}}, @TCA_CHAIN={0x8, 0xb, 0xb8b}, @TCA_CHAIN={0x8, 0xb, 0x4}, @TCA_RATE={0x6, 0x5, {0xfe, 0x8}}, @TCA_CHAIN={0x8, 0xb, 0xa}, @filter_kind_options=@f_u32={{0x8}, {0x1d8, 0x2, [@TCA_U32_SEL={0x1d4, 0x5, {0x0, 0x5, 0x8, 0x1, 0x3, 0x6, 0x9, 0x9, [{0xffffffff, 0x2, 0x3, 0xfffffffe}, {0x76, 0x917, 0x1, 0x5}, {0x7, 0x394, 0x6, 0x1}, {0x1, 0x78, 0x79a, 0x4}, {0x7, 0x3, 0x9, 0x4}, {0x2, 0x10001, 0x9, 0xff}, {0x0, 0x6, 0xff, 0xffffffff}, {0x8, 0x8, 0x7f, 0xffffff81}, {0x4bf1, 0x7, 0x2, 0x1}, {0x9, 0x5e5, 0xf, 0x6}, {0x200, 0x0, 0x0, 0x6}, {0x79, 0x3, 0x0, 0x1}, {0x9, 0xfffffffe, 0x15a, 0xa34}, {0x7, 0xf, 0x9, 0x5ec}, {0x5, 0x8000, 0x5, 0x9}, {0x1, 0x3, 0x10, 0x8}, {0xdfe, 0x9, 0x6, 0x8}, {0x7, 0x8001, 0x8e4, 0x2}, {0x5, 0x7651, 0x36d, 0x6}, {0xee, 0x100, 0x100, 0x5}, {0x8, 0x400, 0x6, 0x3ff}, {0x80000001, 0x10, 0x401, 0x7fffffff}, {0x6, 0x4, 0x4, 0xffe}, {0x2, 0x9, 0x8000, 0x4}, {0x3, 0x1, 0x80, 0xa22f}, {0x100, 0xfff, 0xac, 0x2}, {0x8001, 0x9, 0x4, 0xfffffbff}, {0x1, 0x7, 0x9, 0x9e3c}]}}]}}, @TCA_RATE={0x6, 0x5, {0x6, 0xaf}}]}, 0x2880}, 0x1, 0x0, 0x0, 0x4000100}, 0x4040)
mq_notify(r1, &(0x7f0000004e80)={0x0, 0x1b, 0x1, @tid=r3})
ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000004fc0)={&(0x7f0000004ec0), &(0x7f0000004f00)=""/176, 0xb0})
syz_open_dev$usbfs(&(0x7f0000005000), 0x3, 0x200)
syz_emit_ethernet(0x45, &(0x7f0000005040)={@remote, @local, @val={@val={0x88a8, 0x6, 0x1}, {0x8100, 0x6, 0x1}}, {@arp={0x806, @generic={0x1, 0x8a65, 0x6, 0xe, 0x9, @multicast, "0e1039db4cd35084a3668dfc18b9", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, "dc75545a357913f4e685832a73"}}}}, &(0x7f00000050c0)={0x1, 0x4, [0xcc, 0x91c, 0x298, 0xf93]})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_BALANCE(r4, 0x5000940c, 0x0)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000005100)={0x4, {{0xa, 0x4e24, 0x1, @empty, 0x101}}, 0x1, 0x1, [{{0xa, 0x4e22, 0x4, @local, 0xfe}}]}, 0x110)
syz_open_dev$radio(&(0x7f0000005240), 0x1, 0x2)
r10 = openat$cgroup_ro(r1, &(0x7f0000005280)='cgroup.events\x00', 0x0, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000052c0)={0x4, 0x0, [{0x84a, 0x0, 0x7}, {0x34e, 0x0, 0x2}, {0x333, 0x0, 0x6}, {0x9b6, 0x0, 0x7}]})
r11 = dup(r10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000006500)={0x6, 0x12, &(0x7f0000005340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5}, @generic={0x7, 0x6, 0x2, 0x1, 0x800}, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, @exit]}, &(0x7f0000005400)='syzkaller\x00', 0x81, 0x1000, &(0x7f0000005440)=""/4096, 0x40f00, 0x20, '\x00', r6, 0x25, r10, 0x8, &(0x7f0000006440)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000006480)={0x5, 0xf, 0x9, 0x7}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000064c0)=[r0, r10, r11, r10], 0x0, 0x10, 0x2}, 0x94)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000006640)={0x60, 0x15, 0x8, 0x9, 0x5c, 0x20000000, &(0x7f00000065c0)="ce535155eaad39ce9cfc6ab030abccfd053fe062a811827648709db09ef155d1ba0cf409d630a473d61f28c7d10db5da48fba2e2ce60e7861823732d217dd2a012de2b44e5310abac0d5aac4fc67b37c21446335d45631d71e304c08"})
ptrace$ARCH_GET_GS(0x1e, r3, &(0x7f0000006680), 0x1004)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000066c0), 0x2, 0x0)

418.068204ms ago: executing program 0 (id=774):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

350.700227ms ago: executing program 0 (id=775):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0xca000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000001c0)=0x3)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000880)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde9809c8814618e976832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada133b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631def9f126c25ba4f37caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d3130180613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd60200c1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r3, 0x0, 0xff2e)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

348.688778ms ago: executing program 0 (id=776):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x140)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000140)=ANY=[@ANYRES64=r1], 0x15)
write$P9_RLERRORu(r0, &(0x7f0000000100)=ANY=[@ANYRES8=r2, @ANYRES64], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000300)=ANY=[@ANYBLOB="7467616e733d66692c7266646e6f3d41ba39bb1452e9b292555fe0081d0ec75d0a744d38e400f135c211aedd1bef3a3f10c23e541e7385a010a9eb491531b41180d6f91cd438f9c3991ae0debb106367b17f08bb41d81b03a23ac60076d8b98f1efd1cf1bf2b8618ebf346384969805b6af8591074a235d7f5feb3576ad296a4ef9e74389bced667da9200370ec39d240f61b7d35469467a8e44055582b32a8ff8cdd7fefd815ce8d45289013ae3a0774597428c3e813490c3e2b933017d9c7fdb8b5e74731f6ab32c48931f16d74b19a1a5975cc6019247f77d88017257f298aa06915ca7841158d9e2010b3b16441de8916ac6dbeff6f367a1c74796b5251a2dfeee6a6adc6f27a43c337d1d25e475421d00000000000000e74e07e5244e5757048cb65bafc2438e44894071c2d7a5e9b198686300a580439d08584515bde160aad0c1495589e6537bcef8056753f4e012a3b2798a327e7a568752", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',k'])
syz_emit_ethernet(0x9a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100b2fffff7ff1100fc000000000000000000000000000000ff020000000000000000000036038fba039ff6f00000000100004e22006400"/66], 0x0)
r3 = creat(&(0x7f0000000240)='./file0/bus\x00', 0x0)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r4, 0x10c, 0x6, &(0x7f0000000000), &(0x7f0000000200)=0x4)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x20, r6, 0x301, 0xfffffffc, 0x0, {0x2b}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
write$UHID_INPUT(r0, &(0x7f00000004c0)={0x8, {"efa654fa6e2eda7417bcbdee89dbced2d41a3a770fc63ab546f1beff7d205a7c6708201947a452d42c4e583f91cd876269c9d306fa2124c66ae0ef1a459f06a7c8a63c26769a0c15600afc2b87821e33ac23f444bfc09b73b6d856a186f0b0da706b689fac34a51a78d1d88c4a7d20e35df7aabdd6462441798170248e601066af6e5eed0a0f7ee5258f104ae3fc3cf4e18d92335c3152c978eda264095bde9a13bb55957c33163a6cde6ce063c4359e85672de8ddb1a6782516d46a054c9d6fa84491489d4777434c2b1885a6184b48511c44453ea0fea8513a87460975707f016fd15b006692fce25499f123666ce314fd889a23b769930142e7f6f327b4c871f5b6d04f108eb88893015e4be12da45cafd2db13592220ad60263e49f3d328e348bd6f4e05c5ed0db1c354a36dbfcfb402d7f7802237520b3a11f663a02f3e36be321a818866291bec9319a93e6cdda6c628980e4aed9517930b7ac7065ea992209713af73ede40769ea9e968f6cb4508f8a7e76f84e47bf102d9e8dddc41761e6f91c15c8dece480bde18a8a0b8ea48b17a9a044e2c66778f56eb3ad9f0a396a9d528e8824c80c766570c41788283d6473873bb61a95858f688f30ff38965556cb634cd01fffdd02aa28ac6b50ee1feedced1b9601f1d2cfec481e8a6becb8cee259c8b545de009fb0a48905fff57d37c3eca6067ba86ddf4f84b6bae99eb5d6a84db6092c072a0d0e68806dc3059fcaf1eb00fad5dc99c290b47f68e6e6b25913f95becd6f1e97312b4690566ea3ea955cd9ec1a33070528dc0ded6f5c061f5562f4463445be299ec7872b2356e31deb0aa16f73108351c0a9564932aa5c84fbc197c7e9bf0452d481955596d932c4cc98a6dae92933d5c66868bff00bd4bd71a9d223c8cc7a95184fbe6c143f2ee135ecf33e398e49ae372524b7af48809185d8f03410648d7074bbdd6e580d9cc78bee94e984f502581e07defcf252f3ee3fe6e5a7607c22293082d3702fd7e75dff2a8c7bf243797f414e31ead71bbe505ddad8e1374645ac3d48a77e259b9f591e2181cedd1dd6cdab6014a46ef912122911bbfe76a1276449d55b0fa14d1e538a52618c070be689743bebd4a44cd99e8df7bcf887f1aaf5b5afb26041d6bf8769d77e35bc76c0581e7735bc01d66f12bcf05d407e16165c9e1900735a527103a8f085acb0c746001194baaee0ecc8d8d3bb59b1fe2c9916531ef53776d6060b56d6d4f0e9096c647813cb8929bfbd7b813ce7ab9fd636e4981a0cd57ec0c0d794692af55b1bd8b5a60eb25f9c5375ec134f6d7ca462aa364251cf63238dee47b91ee63a22a67b207cee83e4cc029fbd5e9e9d08d668fc6c43bc9e6d69a7a38379be5dddf6a83c3257cf0fb0354738cd561b3f555ac18b845e59f7d1a3c2646fcbf7df270e9ebed5022982816ec932492e4709031a5de43c25b8a28c26f1d05a4b9ccc1ca8cef91ded3de44f9906a38b0abf20638b05db102cff01a1e3854ac66d5fb01d17a41da8ba3697591e0d62adad0662d2939c7fbc63670794bb58aaec508651c4fa05f30a54ea85ae0c45b0dc888351186c236717e6999b97df39e977f784ca060ec7c8c2229a1584a5e1fc974aeb94a26007a09d90bfa422f7cca952d75b2801dfa7dc5fc1a6087b3285df163989af5e3a1944767c2d39d6b67f7061f6b4bfe08c27b46ae0999b010d7f11e90850e5cff926f850a212431abdffc66c5504798731093dc2d4ab7b8f783d64152d4ce225aa703d5481163b24ef64286eba4a5a79e3a370c2aa8211a71a2453e947bc2cf08b9b0f3290e097db8e0b90bd37c3308df81cb6034403b494df1ae00f4031442d98cbf82a9fc0ae14268164a2b5963b13a604841c5f5eead8bca1d6a8a14640e8635d515bf061b5bdf4be6681ce2ed43fef69692b1c770b768ece6bd3fd0b85c766216a3de0b0fa26fc2b993b2fe90f582353acdc53d26e3fe3b8d8766eb47d52f8b8bd7d71d4fa565a6569666fc82050182160be15c57ba5f967de6543359ba718f5047b78c11962cea4888806be356026811a560b37dc19c27e58431c4f66bd0d253e0889d6d111d8148b68c0dd41cfd9668b71636e9b6cd97b7a48a83cb0195e68eed6dde081fa4f3914f87e57413d418225e4633476d87765503cbd27c6fedb8ddab21379e63534086b0d072ef64e9607bc8b2013c464dd2ec8ee5bd4cc06f6f588f9bfe3701e3b829d5ace9e0f3ad5d5fd50f9af70e35c5f4fbabef5eb95d43189e27657308d9a2111a19f806d4e872132548473e22386260795c8d831ef9dd4a68ee4bf0432685e28b670ca282e96603e577ac5ff932d9fb6a3fb4f4c9b5dff64d9dc547351c52e7e45d61fd195f7156077b4092d1963bd12166dd19bb3ec98ddc4261d5a37fea3532fec94fa95ad0c005865fe6f26a77e80100b57d7a2838d9900f0a6cebb53abf54fc8e7567485d5e860a29e5a77f3d5abd553547fa1d779041b300790933883cd52a3d13d8fc03ac8af7ce55bb47f2f4f4d812eb67b5686f9a1129c0a2c57e7c647f17d08522690f8ba4cae7bf4b546f2745eedfef0748e575e9e642d8263a49b1df3d45cfe1033b85da53a72e95ba098caa6b0c4b9aa13297f6635d4604785cd0904186ecf3844f4336588fe4ab2ee0a595dcb70f9ea9654c3351c4e712f16e33e59f8662a0c54d7ea919953e34c496e69e8b4f7c1f98e8ade1829d9261592426b3a3662f3a0e21cc437c62d30f39bd71f8b170835f2487151d969c622d7ca3fe14542118a1d56c4fa3c3194e8056a76513b725b60b61749e00860256c5141baaffa1bb0faf5306aecd35ee5b2732c22640445394e2d42535a349df5b5dc5d3c1a9e74a598c338381ae1acad89fa17e811873f785685c4b6417096482a5808b7550cb78edcfd70dc04d9eeb6ccaaaf2be297573a1678649882901dc0540840aeb2529fbcd857ffffbbcc39d007fdddec435aa3eeba67ff0a963e2735c22370981622e8ed053bd0f78cb3dc0d4bc598c18b31cb174a5d12f708ad4cbd33521efb128854190700a62274d7fa802c9ff7043f1325ff5c20944e97ce02b78f66eaa33c07f7eecd96f7de848e880c3685644c006125cb372529c5931b6754c851043d76a0f9658f57249df5c4bb8d4c48df6007b97631af5fc3e4a8b94063fd462d20e71b64a0f1c0f56ec4a508f4530b07e4b6fe47b60dfa5909464147b0abe1f271f883d6da30648eba086362b75972ee74a9ec39289230a0fc5e373be3ab2c4e47d5a581d52662851d1c3fe0bcefa9d818c2ade359116a9671ccaba7aa0978a0fff4caeeccbfec61c43b20eb94b429b4160107d24194515b1b30c25dcc098acb2f90159833aef42faf867c9adcb4f172be1a44d864448b35720a29bd0865338ce0b308391e3ddb56cd43b728407379449259ff86458e965804c0d9057ce3d03b15f7146f230f90d9f2f3d240ec132ffeb44aedcbb099e0c07645b962e854bb536d5119cff5047b195d2a1b1ab206b65c5e9b4211f34f25abe8d311132dbc632c1db90020a13d0337ae76410c24af46b597099b13259a804bd387ed7f2e09e54d731eec613b57f0161d410d6e77a346b812fd0f8c0bcc79d5df93722a848e23b2d0b9ebfdc445e8f59b3890cc24e815a3a0834701e28c3dac66267c644c0d31638713de5dde4e42d482442b905a1d369b040439043df9023fbbf9d915a0701265ceb575ac6b04cc8a76fcdc70e6c72173dcb6cf8eeeb873ab70201dc4c434bca8c8cbd1d3b561b567394bf8df8ab3155f6f780b435096a173d85d61787c48b427f7e5f9bc5e9c8e9513d1f9aa0c7ac0bd7e6f9b02298a0f9a70301b07020f83c815d733dbd0ec6ad84d2a22c7aeaeed7ddf9e1c311a531773210a77d94e0424b26ee6f05c18f3f64720bfcd9240cdb4676b31de007cc2d251ce7c79f89c8b9aeaf29e008ae0bc915fcf610ffab5b46d314ed444b8996080b5a939a96137c9a8842fb2f7751b63f117cba44fff77cc6e84ba8a301dac2308cd9d5479f3c96b16368abce7e8f3a281ac700b2e70b758151519865b946ad8a84b1ac38cdb3b3b10a79388da1434a287bd481f5b906f125f860fbbef9d3f9ba5c8e9ae38bf1b131668488238a5b4503e91c7af00d9b46d0dd56b75ae2ae41ff82634e4f3a2e9035314533966d7033cf866aff848f52da6fcca29feb73a50b0f8aac6d62fc6b39745f04e9408ceb11eb9be21eccaf7bbf48141e25ab097205b21dce276e82b2ce13acd31e7d83a6ef5a9e4b7d933b74cc749b70c6d6d36ebae4cfb08f9c44a751108c95f80a0010f0d9bc545a0bd650ccb8a4f34df6ab023c07c08a489c4f84e7108db8368a43abc157adee0c5545b68ee25072071c4eac5410edaeaddb87dbcdaf98c3dbaaad25bb05bb644df619ea30f20ad3f26cf0d8274ed55335e8b5d799da6893306e896ec5beec68d2832037f82f422a5a314e6e1ae786750ba4adf1f93c42f40fbb8b3e328914001797a5ca831b7b6ec8f841a31f1fca4b743144de7e5d095e949d28d7926f47a6b5f754dc01f9e58198c3da4d1067cb45f880ee9663f0ccb809fab223f1c3b6ea6a346168dd40a22a71e22f68725c929de3eb18f2c789c490cb32d65f9d5c35b28da5673de4140a9463c2b28d1106981421851b0ff00ef419d0529cbd3794460cc02a3d0c436ce8739fa82ca8c1ea70bf560a7bf748f939f2667bb3a9d8e98ca32c65072a73ceee77aa099bf8dd4889ce8579ea2608da094ed11cedcdebb892e99b86ff84a714264bd1cba27942d012932bdd8fd293df9124c40b0afc913d3bdb743584012e7cef45e78be81f66d1098ff36896acd280723d59c192f49d3c5430ba0bac1ac8d177eba711865d7ebf62e947a6d43c7be684272d37877bdb29e6dafe6b3cba6fdfbea1c44de3d6522720f3ef73bb188d0c732e0f3a1724659c3c4d3ba187dfbc5c61b866f3deabee4e4251cde626229a43d52a5dfc3d647c5b690d8df1866fc394e07bebbdd1285f1fcf7401b7d4076325693e3ac142e65ca77187a8b0d7e56fccb193f5540797ccb230b37fcc857680a271d1b41c934e845ddc9f8c05863b4f6d175f9d6ffdb96be6a7a411af17d54e20a1fcf52db08b436b93f751b0eeb6aaa45ac015a47b98b2ab791285d02e509523ba2e55d1dca342ff247caef23e4c9b38c2ef2b6f0d470461b77467b3ca7b11ac2525c03b27b96704bf15d5392f258f32f28959986df7157adb021c31d769ca51954396443731532a13a0ef6181053e76ca86842e1faecab08d1cc3a442d684c862ff004daca9854e8003771fbbb347df36cd6f4d98220bec1147e1d9a3810c0f507163f2220135025e69f973b0b94e15a2ae229faf4c843696ed3ed2cff4bcdce375091485739796c6857b6683e5f158a70202050e634e17ed6a0897474bd62c74bb9ea777f96b83acaae7d12562c722dce3b3d385059b26fbb07a94f84dc5040de28273cf8b05a1a9255978dcfbf948c505bfa7bad191db8fb57c6cc0eec5aebe2b22b261a32d08b8393cb2ec71bd8d9749c6827aae9dc3be8a872af97745d53b396adf18e6209114e3e97ede3e4a0023cf3f6c23f4f1f0c3348fcf6f27ff9871d396376649bfa86466890bc67e8df0ad670f48cd7a1175cd4f8e6f4424e4dfab8e819f1ab0ebf68bf15247b56153740e4a7af86d037a8ece837c0dbc9e33ca0c809f0242355e602ccb439df46c5283faf782fa5f90b097fba600cdb02cafd23cdfd5aa1b7a766b1195487b9d2fc47b7ea7b", 0x1000}}, 0x1006)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
fsopen(0x0, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r9, 0x0)
r10 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r10, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r11 = accept(r9, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='debugfs\x00', 0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x10d8020, &(0x7f0000000040)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYBLOB])
read$msr(r3, &(0x7f0000000000)=""/229, 0xe5)

110.367131ms ago: executing program 3 (id=777):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x802c1, 0x0)
ioctl$IOMMU_HWPT_ALLOC$TEST(r0, 0x3b89, &(0x7f0000000080)={0x28, 0x2, 0x0, 0x0, 0x0, 0x0, 0xdead, 0x0, 0x0})

109.910071ms ago: executing program 3 (id=778):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r0, 0x0)
cachestat(r0, &(0x7f0000000040)={0xffff, 0x10}, &(0x7f0000000080), 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000500)={'team0\x00', <r4=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000001580)={'wg0\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'veth0\x00', <r7=>0x0})
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f00000004c0)={r7, 0x3, 0x6, @remote}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r10=>0x0})
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000050000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000"], 0xc4}}, 0x0)
r12 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r15=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r13, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010000000000000000001e0000000c00018008000100", @ANYRES32=r15, @ANYBLOB="050003"], 0x28}}, 0x80)
r16 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r16, 0x5423, &(0x7f0000000140)=0x7)
ioctl$TCSETAF(r16, 0x8926, &(0x7f0000000780)={0x4, 0x4, 0x577d, 0xc1, 0x3, "51fed8089f0bd95e"})
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r12, 0x300, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4020}, 0x8001)
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000ac0)=@newqdisc={0x54, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x24, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x7}, @TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x6e}, @TCA_CODEL_LIMIT={0x8, 0x2, 0x80000000}, @TCA_CODEL_ECN={0x8}]}}]}, 0x54}}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="a97c42df68f7eaa8ebc4162b04d2ba1905aeae72a0ce17cae1a8937e26f4efa9e516136f4de5a3e6be088ba7370495016e7c9295b1f4e25a5cb54039fe631b8c80b97d4fae91aa95f9e2f851565a8fef8daf39adbb36f722a7c98c0dfbac162d7faf3bc281b2d06485ba8306a7016a1c4d775c865d0c815ebecabfa290c6c8995de4ba3284a84604e247dd54729cd9447b2dacd2bc1cf8a0f4843a7ad387829008c6e26508f51ca63194b7c876c8946aa3996bf23bf948c501438a86a38b741423c291a0da81109a999e2c14cfc0138816e8c2d788b830725d2c311dd2dc9da740d979627ecd", 0xe6}], 0x1}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000340)="eb3b12a2efafc6e708a1bf68ad7cfb80c48c1d2e1c0a76a93b4629180fbc9147962917832da9ff89fed1ce5a4aa3e539e7427e1f26e0a9052ab3024d58d447b38bfd80c36806219b45ba24a6cfb0793a1e13ea940776fb272ea16a5b682050a5e4820a074ddee5641137dd1c294b6c9b456670452decfa99b75b4b7a2aced16707a2d6806bf350b07ad5470ccf39b86b27c1d46741b57058bbd594c2ca71f2734130a459b886b1a25a3f2c49502ec698a16ec45e2129197d5229bfe54765f209b0a71e2ccfdb7be2f1182b8d8862be235359d1ea61a2abb9135e9a2136f0891aea39fb65130d9a401c0f33c2a692adf59f20a58485866e968831824017e9e3", 0xff}, {&(0x7f00000001c0)="06d4f17ac4fba4667208c79f4ecccad45dc1ac", 0x13}, {&(0x7f0000000580)="8df6b38e2384ad2032183c9fb0d7a8baeaacaa5b150bd64ef9953de6d38d5f4cdc7251a316bf6e8abf65ca43a7d76c6e093423c2f66e3f4c65a5d8437e075cfa987ec779fdd723ea9183ee4189325d3f4102d883ba89f17393ca2c874a2c47dc4eba23a132554f3e555e6b1ff4a08dc8b0813cf30ea8f5c656b187ec93db413653609450987770bc01283050fad666653b16314a02036f568eceb15ed70734434cef390e41a184202890fb7398cfe44f7575d1887155619e1fde26cd67925c2db3569ee5108f0abf8d70a64847e8ffb73b721c65e0d8804fe38397e0204691438620f27b9ffa054acfe49cd33057428b8e2825077b92bd6b974a1ccdb75682b9184b9807bf901517613577f72d9ea093d052f7f718aa273995473cff3150b129ca854549872adb966282ab25a9ab16187c4ecf7dd433924b2766a5a4bc0a55399f79b7ca13556e2b877748c8f245ef649b58e675f6f858e876afb10a4c00dc98866b1be8404bd0889dab4e593049b545ad1d146e45188f3681d47d92ff9da5b77cb3cf95c7555c80c3d774eff3b47786f07807630011b18fd0ebbd37c6f5fe9507a572996a52a854d899d5ff3cbc6c467a290c6259ae3cca8698d6296092699caac0f0fb5742bc6841f65e92c1b842d703fb636e1ec9fa318161d7e7fdb840bb8dd034e6d6d34cc28087dd4f66d2e8ec83b36a42a96593a6b99342bdfc4ad595b54e0d6d6d6d9c6d12b576eba8323974d144d821697db36970321fd999d858b4f16a732ee7a2c5117391ad500ccb90ce38fe47ebdb351f7bb6070631ac17429e49fe8ee767b7484c5e2e3b971e8005faa012817e69612239ffe539f42d8ccc7c5b4ee60af9a4188b00b34f61e2f4bac64430c731f4169aca1dda9221e7909592b7ffc02b2db3a34e9c4c1825696c0caeeca076c50407a1c1269c1af2f750ae0f04b8f2043b24fc4312be2d466a23344098df292c235cc63c1f0420202c8398bb019dcb3fb8a9ed9228f2b7cbc9ee5b1a1de7b3ffa44c081219c8e2f16e02ee9538984bfbe58f86fb5ab2b1d1be641d7cd1be1b37ea462ada9032e6b4579b1534dcbcc1abe42e86bb37b406da8de1994b0b86d67ec2ce0cbc4c3883dd7d0560eccb702ae9b0743d41d9177b67c1989094260dcf540668f1a8950a71cd969e0e17ee2a7ae6e6e180ee6053da3789eea2d1c76f0509792422df967bfbf2eda13a1e453819410f7f78836e77dc6692cd1f9ccf5345ffb520ddadd23cb280b2941e844b8a794f5bcfacfc4cc9003bcdfea811e0877d955fc0ffcab541f0d42fbfa5ab27a36b8a1b723229396e640d38e7b44a68eb2ee8fc930c73f3c3c9794646bcbbabb4c86977f3e463e76d5e5169e2c946d9160b105747e06e67a685b7686fa5d7cded7c7b5400cdccea8eb8d6a6e689df0e3ffc4c0d971e56e717e978c6bdfa25214358868a939a037366312270c4e28f5ee81e1b5a20f80d530ede676df67e440bfc822dc17e364db2aacb4496c0dc64e82ede49b2aba6bfa3b0ff791f02541d645bf4a528522a72307359d89f7e8b91ca586c234c79873982a211d7815f84571fd4dd7277159235950c66a42527150b621e5983bfc3e8e9b68e50753feb82110643812da17a32503e808cbe4c42625683937555857b4b630353faac530f9df2106f6ee44da70c5df9f1d90f5535ba45bda922d4eb3dab310e7262919a046410984ef6278d151e0d264225ab6e000d01eb73e5bc7f11be023e7a8e46e1fe748046994139c4fa957cbb7fccef23741d927844b28182f6c1f3680580b02655f58e980043377009da3014145e549cfbfd93054a707be250cfb90893865ea6097fe32d2a27d6c448b321ff0ad9a755c8109c2bbefb2779ca915015959c3a47845515fc342ac4d838a701715481bedd3d7e25dc7f92dfec522dbba51627b173b5b3674d8c045052d335bfee897d9eb91baa8fdef5539f4183d1de6d18eae4a98514e17b8d0709f7fd04c10031f5120ecf7fa81ed59788969323c85bb04d235d5a5a5180fd7a5c36056aabb6dd8b849bf5e064621679e8086f87a2d8f4e4c7b08f53007ed7eb315464c01aa9ead8f55fbaa03364de4dab486ac2f149d8c3d73f8c85598b65c2418c2c0e0bcb3eb55c458a105408c32ea0f9c3c54bbeab54fbaec8204535e3cecdf3b41ffb61cc13b897db9f5e7ac6e840ca7d7ccdf4dd8ea59b58b6a847cdb4e86fc7b4b72666e4ef406f5058f9393b7e1ea4b71bc885c24216fba0de89a83a4f2746967cdece6b4220d1646354f980375bf68f8e185bcd487bd862a06935051c728755a021d63998755545124f6ca85f714be088cdccf0ea95375fb58b6123151e77d08388395d80a486eafc0f5ad6b9b59ebda772ffaa151462ede304137bbfdbc005543bb488eda2e8ec25a9ed21c6d5be3fec4ec7b50de31f4dff393f88f0fe9ba41cae3f9809eec69bb61ed75baaf43c4e77a8f96018e0e1cba676e60bef267bbb0171d6970f1aa1e208ec00ba47bdd790115ec5ea096be27d20c477a87c470521be3c97bbaa30690edeef57b8ba0b9fe62d6dc45eadbdfbec38ac70ed7555e98aa3101a89fca5a859a21c2d8934fa2ec9f232b5adc6eeb4f096f23a72ff79b321729a9474e5b7348d19223b29bc46e93aff815f7e9297165ffc639830f1413527a3a377af6944786b67ebdab1e86d42405d34a834dfa2f538723c76436ca7256de093a77346b3a5d38b7486889ddfb0c8e6182474a405fa9be7313a1eaef25c9f2efcf4bd88529388c96396f26812087caa6a6366fca2554f3ab2ae3e73990a7d2d76cb666e288dae2bf58ddfc974d07912359824428f02a7174325e153a8f9fe4ea89e0b6ee75f8aea7c0e6ea182494316b2bff9f56a75f26305665df04d278346efea4986fe4c47df363e60b0ebcfa8fab2205e6b3984698cb5da890c1fcbba901846b9bd675d2e5016fa1c35e018dad47bd3f1c9882b02e407de6f166008399431e811f251ff08f85921da6cc33effdf1eee8f22aed77ac3fcf1091d7165e49ccb9518156e3674d9c24cd8fb6ebe031c81311c4ac2fb21b3359fc220af21f967c41997744ef24e32ac77f561115e40356555e98a4253845c33aed6afe4752ca6b484679476695ef0e0b17179a581eab88ac93d3861b533f2ff69b364ef67a99d81a4fbdb51e7689fa75a0db0bf7a934bf966b6fba58843398c19a2fd414454024c9219c9c879ffb77119de96f165a0714e53b320d1d5438efdf8ce4a62879d7fcb3aac9cdd569a9c51262d32af8c14d10ea4f72da54b4c811fbf2e5e4c90ec573a4b294c31d53b876410857e496d436289785e9a9f3304a53622e943b19c1a4cab13e30c6b6b34eee5c1262ceef11a985a1cf17dd5ce1fcd70019d2272e5fc3b76d998c08cbcb5691bb5ab14bd589352602a42d5115a6f214ab0c22ee4f86113360b2dc2f31c9d3de0bed3bc4f79142c1d72e086293f88406c1e776e1532d1dbc9d93aa0becf6da7985d6b1c981e74ae053316feabd565c28811a2b2aecd258d2f393381b1cc1d1eccb05120a630c5de45b6839ed08a5aa415ebc7b5d62c5a26f26dad6aa17913b7c015b681ad092b6d26c1371ec3646031f18fc8d1f390949c650cdc06b3599ea625ef60e052df3208e332374ff12d914c4b909ac73d2cb98a9d741320bb5377410efe89a22fc5a321f05f8db94fd9ec7fac46632d7748bbec0095e646fa291d81b3a5c46b8cf4b3cc0ba5084d815dcf3a5542b2735371370982a4a2efc91cae560bd0b289f21ae0af5cd444d245f5496a44a4c2cae077e8ab991ae8aa323fab851b67e6a346bfccdde728d4b6edf501a41c50d534c4880d45142f6531853237e262478b3aad1512efc959fce87739926a98a27bdd827dba40431d49843520af280e610c1071b2e9a6bf4b84f67cd28052be8ed10142a09889f8dd2bd2901ebc061c0b4dd9141661c07cdcf7efbe25d6476696c49af7dab0e0f18d56ad88225441e263086d52de481e66a2453ebbe64c9d10d8545048fc7db3acdf0d883759cc38a759405a41d178b2f1546fb8a8fe8d045ab1fccbe783c7f0b4092856334f915d998bdd549218b90a3fb4b5b71b3db81a7981ef27f32a747f07b841e6a41cfa206183756100674246ae7ad1473b169dcd163a2ffe1ade711afb862176a7807dad7bc9230c3723da7223f8b487dd37e5e2a805aa973f600b77f0ca353f2122e4e666427cc325de20686105ac3a00a5ffa8e4ff69fe20a95188c8621a88a52da2ae1f44b6383615d01b6b86f35adfa441fad8d18ff109d2c520b1ec0d77121a0f6111924b207a56ccb5fcd8645411195f29259379630be5f22b99b77cb6bf2bcd6fa4d1b25db96c88b513088c0183ede4dd528516b73a776c78589a24f60ad905184e61f9fb800ddac269307dde1391fee2246e0e16869cf86b209ebe1032bcb54e191132a9d512f0eeb1eb28ecbb948082ec615dd0e526b51f161cba6911bae4de0ada624206253357b13e073213356945b0fb4ab38eb9f2dfbac19a8c9bb357accca0dd5ec4be006179883f7150940029f4dff79b55f30fdb080a3eaeb1fab898876c70378cf32d171cf917b79df05c3a2919b6d0345de8a20c03f47657aefc0a7897895c180059ad5d0d355f7eee98e753e10e97af1ec169355330269a8a2a5d62bf74d6b1d5b0ad4986a2fb6d13be2cb1e6c610a8889ce0e4610aea8649fbc170b1ce26781ed4bc8496a0f4ef5295651120ae34db74adccd35c8dc1213316f23e5f968769241e2bc3dc90a0c88b2bc3a71f633b9b1897d3a095020dfdd0971aed7147222de85d7447178e7c3608031be4deac2a8485f3e27c0799b00e0fd563e6f5ceafae2e451cc15c5a76505d58f4b65e2aaa3e83d8df36bec73e8ce06e109ff1558c84066ce3342a7a438b29b7b25dc86bc4e18baeb46ba2df72c0e1f199b5d1348ab40efd4f8fbdc25aeb6a15311a77946461017234cf5ddfbbd39811bdbd9f7ab63877a4971cde4b308cf57c1245a895a33a8a1a54337e83dde0fb9c13b176ee46bb8a91e561eadb0e5d7f6cd2620c56b437bc4da1777fc5c41d51fa256e2da9ecefc9f0fee6919c0a8f85f1dfc1daafeed0c9a69c1e9e1f45219200b4aac858e54aab8f1852c7b76d66632eefc4ce509f5a2f45d017d154a3bad8ec3c56f33fdd9268ce93ab05e914265cf9bdae67d453082014f72bc4cd4da80378a8ed963b65970c3a06eb08091d9ef2ed27e9fcac09271aa69db6e552654f5576a656af59abb719464210b49ddacf8bc2927fad08dc297c718c82f23badff4077d0c3907240d7d27a60a0938e9a074164defa12a219b1692e146c4a27d414d0481f0c7cba9a8994582373d690f3f13ddec1b9085209702a575e59b76be6e3e4a248b2220659613aec94dd73f0d471e02591f2a812433aca6599f0a0988d091618f43fd344e2a764d36a9a8f3663b5798b243e25fede4ad86bfd02da08f3b98b906a764a36c7ef2a7604a954fe9d34b9795396b86008030c14c56c82ed51f790c090ae38a501750adc8e56baccc1b679049d221c03e8662f49b3f4b6ef705d221e696e7c8e4c71dcdc988dccb8bd9f3d6989c89ccb17d944d80e6379ca2b51b4e52b867f83162d46456a7947861bf07a191ec5b9ebf5c44fece7d813c19aab67a5b004c7d035c587f1b8a4106f71b6035c5baf6fbaf6c5cbb5f66839439daadca54ad3c9c25148f686f070c7c077326dc5ff7d3626f91e62748fe23a151dd3604e7db30f95d710dd0d8b88d4faf60f9b97ff", 0x1000}], 0x3, &(0x7f00000015c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast1, @rand_addr=0x64010101}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x23}}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @loopback, @dev={0xac, 0x14, 0x14, 0x25}}}}], 0x78}}, {{&(0x7f0000001640)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000001b00)=[{&(0x7f0000001680)="9f73cbcc09f2b1562d2f4490c17ef64f02df431d6b5e151879fa37ac11da4f9ff21352218116c2695d2bd51ae6308e7fa3a9fad71fdd4672165d3bcdeb41f4ddb76f1105977d5d92e298ecc227e8f7a4255317d81ad855d97e1d7c725e17752eac4af2ead5520300d1a0fe7157e18f97048e4680d2e96bee933cd6c32c0fcda8131baed7e2de1264a484437f15e5a896f2cd2abbebbe53816a8f7ec381fa37876c5a8f835fbfbb5f708febc557edf21941", 0xb1}, {&(0x7f0000001740)="40e430804c", 0x5}, {&(0x7f0000001780)="860f543f3e54af266ec03a3c3d0c79586d3c47d988f05116c24d60ad4dc8404734ef7a8b7e50f819664fab3e9e5c1d7301a3bfbe61c0d3dcc839e5f72fe11647d59a61e959a2f5e1e89441922d45e3447f34639ed5dd99c9ab54ca1d54300a4d847a0a87b9792a7ae55a898c1c234f364a4594c9f289ccb22a8522d62ec9", 0x7e}, {&(0x7f0000001800)="ddc14e1052e29fd995e722016d18088fa2bbf97ad98c14edfdada745d64fdb32850b160d93d0a5258cb532720be9352ffe55dfb775e6bd01ae96dc0f3519c99ca89675c38b0eca960030b1590d845cdf1d8ae7c6d9d59acca62dff4b7d98051ac04d4e46f795fbf1b145453a", 0x6c}, {&(0x7f0000001880)="3537fd93e21bca4a7a258a7055d8c82e6202c99864143daf5689dbb670bd4dfff6b87d1a3fbc8bd61f8c22aecc20478e76409c95563bffe6edd22a6d38d69d3a3d448b118b906edf024c5f9a96d5190424b7063999c4e707a21a7100ec869411cbccb9a91bc5752d87ccaeda35f6bf2e4e7bfb9ae7999775ff00433aa5307e16e36eb0a85ccc8617eb37640836a0518015e31661f3bc0ecccdbc1b144ddd113f0e3d422571ad57cf7c975893770f8a97f2a2535a6c46a696079e54dad78a67105a29d40df651b13b043aa52f2caab8fb0f7f9d47f30a9668d4c417f307e550fffa2b273a1ebe622da8dc73460f", 0xed}, {&(0x7f0000001980)="9ed3fa4157d7de6c182a380f98383fc0ee126472a15dcfafd3478ac462b781fe04ab65aaded4069f9d7d255c11544a2010f199ce26aa950f99c2786ef346807a0fc3619035ee936db432f0c73310a05d741ed68f6381f7eba5415494fdb69a1e3475cbf76c1b13cd9ebdabd029819a71", 0x70}, {&(0x7f0000001a00)="47ad87ca28ebd29bbd872b051b21200cf7fdcbece3edc109ece7af4f2c6b9554848b38af5ac260ae9003e577b3055df92ff854e6ec679676036454135223d5a27822c798d705b3b44af56324e6d96f269bc7678f4063bd2a86d85a530acc56412937051051ebd2bba80be1d7ec8b64b08e8720cb96958dc7c2527be00240a44890d1c0bdc1edf69b46bdb5a8bcddbb7a378c015e3bc290ff74b4279d6a1259cd751be3eccb69c5d27de6e8147245f92972067203f43c8979fccf4bedb0fc598a1d1fc492084e335935912b1de7c8a767", 0xd0}], 0x7, &(0x7f0000001b80)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}, @ip_retopts={{0xe4, 0x0, 0x7, {[@timestamp_addr={0x44, 0x1c, 0xdd, 0x1, 0x4, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9}, {@local, 0x7f}, {@empty, 0xfcd6}]}, @end, @timestamp_prespec={0x44, 0x2c, 0x4d, 0x3, 0x0, [{@multicast1, 0xa}, {@multicast2, 0x4}, {@local, 0x27de}, {@local, 0x9}, {@dev={0xac, 0x14, 0x14, 0x36}, 0x8c}]}, @ssrr={0x89, 0x2b, 0xfd, [@rand_addr=0x64010102, @local, @rand_addr=0x64010100, @broadcast, @private=0x9, @rand_addr=0x64010102, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @private=0xa010101]}, @timestamp_prespec={0x44, 0x1c, 0x29, 0x3, 0x4, [{@multicast1, 0xffff8001}, {@local, 0x2}, {@empty, 0x4}]}, @timestamp_prespec={0x44, 0xc, 0x96, 0x3, 0x0, [{@local, 0xfff}]}, @timestamp_addr={0x44, 0x24, 0x9a, 0x1, 0x5, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x83bb}, {@broadcast, 0x3}, {@multicast1, 0x1538}, {@empty, 0x7}]}, @timestamp_addr={0x44, 0x14, 0x2b, 0x1, 0x9, [{@dev={0xac, 0x14, 0x14, 0x19}, 0x64dfa8f5}, {@remote, 0x9}]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x1b}}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}, @ip_ttl={{0x14, 0x0, 0x2, 0x100}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @dev={0xac, 0x14, 0x14, 0x1c}, @rand_addr=0x64010101}}}], 0x170}}], 0x3, 0x20000011)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0xff05, 0x70bd28, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x42c0}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}}, 0x0)

0s ago: executing program 1 (id=779):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0) (async)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
syz_open_dev$dri(&(0x7f00000008c0), 0xc0, 0x100) (async)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xc0, 0x100)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000100)={0x0, &(0x7f0000000040)=[0x0], 0x0, 0x0, 0x0, 0x1}) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000100)={0x0, &(0x7f0000000040)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r1, 0xc02064a4, &(0x7f00000005c0)={r2, 0x0, 0x0, 0x0, 0x0})
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000100))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/204, &(0x7f0000000200)=""/97}) (async)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/204, &(0x7f0000000200)=""/97})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000001500)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)={{0x14}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x18}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xfffffffffffffffe}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 3 (id=780):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r3, 0xc1004110, &(0x7f0000000000)={0x0, [0x2, 0xffff133a, 0x7], [{0x600, 0xffffffff}, {0x2, 0x7fff}, {0x0, 0xffff}, {0x6}, {0x0, 0x1}, {0x0, 0x9}, {0x0, 0x42}, {}, {}, {0x0, 0x89}, {0x0, 0x10200000}], 0x10})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r4, &(0x7f0000000000)="0a000200010078", 0x7)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_STATION(r6, &(0x7f0000007380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)={0x40, r2, 0xe096044a3fc9e6f1, 0xffffffff, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x4}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0xfa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x200000d0}, 0x8050)
close(r0)
r7 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
syz_usb_connect(0x3, 0x341, &(0x7f0000000500)={{0x12, 0x1, 0x310, 0x55, 0xc2, 0xbb, 0xff, 0x45e, 0x2bf, 0x2c12, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x32f, 0x2, 0x76, 0x2, 0x20, 0x9, [{{0x9, 0x4, 0xf7, 0x7, 0x1, 0x62, 0xb, 0x31, 0x2, [], [{{0x9, 0x5, 0x6, 0xc, 0x10, 0x72, 0x8, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xdb, 0x101}]}}]}}, {{0x9, 0x4, 0x48, 0x9, 0x9, 0x68, 0x1a, 0xd2, 0x7f, [@uac_as={[@as_header={0x7, 0x24, 0x1, 0x0, 0x57, 0x1001}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x0, 0x5, 0x9, "e5"}, @as_header={0x7, 0x24, 0x1, 0x7, 0x2, 0x4}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x80, 0x1, 0x0, 0x0, "76ae16b4"}]}, @uac_as={[@format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x48, 0x3, 0x1, 0xa, 'B', "1a"}, @as_header={0x7, 0x24, 0x1, 0x3, 0x8, 0x2}]}], [{{0x9, 0x5, 0x8e, 0x4, 0x200, 0x3, 0x6, 0x7f, [@generic={0x84, 0x21, "884ea328f549816ced25daa15814e217d8779928021efce474aa69ac8d01293ac012bf8ae477d325e5f964dd025e4fbba417c0d777a788c4b6e4f2a95d492c6c50aa43484ebc12532302be2c88eaddfc0f941f8ed419f09cc15bcea45d98a833a7aa3b280e2edb01fc73fe5b15c7d16cfc8f984a0bc4159fa594d4802430a030fecf"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0x0, 0xd60e}]}}, {{0x9, 0x5, 0x5, 0xc, 0x10, 0x90, 0x6, 0x20, [@generic={0xbd, 0x23, "3e06bc438cd1e17fa5cd9c4c3a92c11f655a14a24917b06042f192815ef89e6c61d599385089745e4ec9c4eaa01c9848502dbdcf5a94e92e7faa79808b255265079ba4d7cead5319d74464bf607ba94707b7be7a26529e9e6ff74e7cf81a1502549ffd4a966cea609e7d1752cb052546515cac6932d08943fe6380788fdd079988539d5357405404c192bf7ceb2f81c5e51a8c5eff88fa99e0790aaa380eecf67dc3bfbe63ac2694668c89fccc6d90ba2b010019eb9eb3f08a08a7"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x10, 0x5, 0x81, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0xb5, 0x401}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0xc, 0xfff9}]}}, {{0x9, 0x5, 0x8, 0x1, 0x10, 0x5, 0xb0, 0x8}}, {{0x9, 0x5, 0xd, 0xc, 0x200, 0x2b, 0xb, 0x2}}, {{0x9, 0x5, 0x0, 0x8, 0x200, 0x3, 0x1, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x5, 0x8653}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x7}]}}, {{0x9, 0x5, 0xb, 0x1, 0x3cf, 0x4, 0xf9, 0xdc, [@generic={0x62, 0xe, "3628a9134dc85c1197b0f67438166087e5efebefe94b04807ee3c5cb752b516da34f7304d0d2ac652869b4a83905c25ce91edd7ec238a20a50987b695e4818d1ba92d6d59e0877cc6ead304636cff97f4b11646203e7d1f4a184aeb71517139d"}, @generic={0x5a, 0xf, "2a3a3305aefd525bc38741505142718677070d0aa66ab2a37315b371d2ca9836740ae558cd48f518cedef71b639be8b6de1cf408173ee1ac24bac8e41a2b2f22c9711506e10ac4ef3aab72d8a22823a46fccbb53524e8261"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x610, 0xa, 0x8, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0xc, 0x428f}]}}, {{0x9, 0x5, 0x2, 0x0, 0x10, 0x4, 0x7f, 0x9, [@generic={0x50, 0x24, "e8827ed064fa9484126d7561898a338efe9437b5008ecd9f1af6e394b6a853f1600fd9a8e5258d7e6b8c03def3a9692a1e780fb41647d2a3172ec357738dcd17280f6d5752cedb320d0f31d1cbdb"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x2, 0x4}]}}]}}]}}]}}, &(0x7f0000000940)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x310, 0x3, 0x3, 0x3, 0x20, 0xb}, 0x50, &(0x7f0000000140)={0x5, 0xf, 0x50, 0x2, [@generic={0x2b, 0x10, 0x2, "5539c1774622f2b1751782339cbf1e0f69619469ac48b0590dc1eb9c4320f6537259277476e675a4"}, @ssp_cap={0x20, 0x10, 0xa, 0x80, 0x5, 0x392, 0xf, 0x290, [0x30, 0xc000, 0x30, 0x3f, 0xf]}]}, 0x4, [{0x9e, &(0x7f0000000200)=@string={0x9e, 0x3, "a32eabf1f9e626815d6b0769f7e16b2b6931c1c41790b430fa8f7619272d9e5e972f50f4a1b4a7bddc4a16843185b9fa6ebaa5876146212201dfa4e33bc824389089ed54fc18fb5c419ed25bb0f0d5fd46f72d155cb512e0411e3591c27955e26333c45130ea81eb8b8e64c6b3a3ac6170c3c58a0afaf0a7e6c1f9425936fd2c7b08e76ba169fa890f9a6f3121ddd9c1763c7d2cc96d6e25182912ce"}}, {0x5b, &(0x7f0000000400)=@string={0x5b, 0x3, "538c1d3bcd634202b88808aaa4cc29b5d41437dcc1fc222cd75922114e054e21ba4e3f4254de9108f1531e1e64d3be63e92b5e1f574cd123439b9dfc75f022a0ffd609543638626a96443cddab13eab631af56ae94d0289c29"}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x457}}, {0xbd, &(0x7f0000000880)=@string={0xbd, 0x3, "bf6fa85d6f74f72f01a33cd92b71a9eb7b53c2d2666a2f536c040adebc6f643f00c0514191ea638af691a28604dbc71f9508a221873fe5837d273a8e50d8e2f99c305df5cb933076985d3538269fd6d67be86057d622e4c826515e887a852ba9946b126e0fbd5088a60e0b8ab62525600a936611180cd052b782a00adaeee3021aae06efb96511701d8e70b94820107b0ec14d57eacd7c4153aea59c1df5e3caa5dfbaae44c3226fb277e7c9c39a57c1a896b804bd1b9339a2b648"}}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r8, &(0x7f00000003c0), 0x0}, 0x20)
ppoll(&(0x7f00000006c0)=[{}, {0xffffffffffffffff, 0x40a8}, {0xffffffffffffffff, 0x8048}, {0xffffffffffffffff, 0x1120}, {0xffffffffffffffff, 0xc02f}, {0xffffffffffffffff, 0xbc66a0fa5b6f9da4}, {0xffffffffffffffff, 0x8201}, {0xffffffffffffffff, 0x80}, {0xffffffffffffffff, 0x18ec}], 0x9, &(0x7f0000000740), &(0x7f00000007c0), 0xfffffffffffffee1)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r7, 0x40045542, &(0x7f00000001c0))
syz_open_dev$dmmidi(&(0x7f0000001580), 0x200, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000380), 0x2, 0xb00)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0x24, &(0x7f0000000040)=0x2, 0x4)
r9 = gettid()
r10 = syz_open_dev$evdev(&(0x7f00000007c0), 0x2, 0x2800)
ioctl$EVIOCGABS20(r10, 0x80184520, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000009c0)={'\x00', 0x7, 0x1ff, 0x6a, 0x5, 0x7, <r11=>r9})
tgkill(r11, r9, 0x23)
listen(r0, 0x9)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000a40)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r12, 0x1, 0x1a, &(0x7f0000000b00)={0xa, &(0x7f0000000a80)=[{0x4, 0xb, 0x10, 0x4}, {0x1, 0xff, 0x9}, {0x5, 0x6, 0x5, 0x3}, {0xd2, 0xf, 0x8, 0x2}, {0x5, 0xf, 0x5, 0xfffffff9}, {0x94, 0x7, 0x5, 0x800}, {0x3, 0x2, 0xc, 0x5570}, {0x0, 0x9, 0x0, 0x5}, {0x4, 0xf0, 0x3}, {0x2, 0x81, 0x5, 0xfffffffb}]}, 0x10)

kernel console output (not intermixed with test programs):

v: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.633135][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.635285][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.643115][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.652772][ T5956] hsr_slave_0: entered promiscuous mode
[   46.655475][ T5956] hsr_slave_1: entered promiscuous mode
[   46.681726][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.684413][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.693962][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.703134][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.705352][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.714556][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.722290][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.724466][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.732421][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.847991][ T5944] hsr_slave_0: entered promiscuous mode
[   46.850254][ T5944] hsr_slave_1: entered promiscuous mode
[   46.852347][ T5944] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.854828][ T5944] Cannot create hsr debugfs directory
[   46.875421][ T5945] hsr_slave_0: entered promiscuous mode
[   46.878236][ T5945] hsr_slave_1: entered promiscuous mode
[   46.880466][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.883370][ T5945] Cannot create hsr debugfs directory
[   46.946956][ T5951] hsr_slave_0: entered promiscuous mode
[   46.949176][ T5951] hsr_slave_1: entered promiscuous mode
[   46.952652][ T5951] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.954981][ T5951] Cannot create hsr debugfs directory
[   47.285928][ T5956] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.294058][ T5956] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.304782][ T5956] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.310175][ T5956] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.335686][ T5945] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   47.342415][ T5945] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   47.351862][ T5945] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   47.357764][ T5945] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   47.414361][ T5944] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.424699][ T5944] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.428921][ T5944] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.433205][ T5944] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.471758][ T5947] Bluetooth: hci2: command tx timeout
[   47.471783][ T5954] Bluetooth: hci1: command tx timeout
[   47.471814][ T5309] Bluetooth: hci0: command tx timeout
[   47.481541][ T5309] Bluetooth: hci3: command tx timeout
[   47.488418][ T5951] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.493775][ T5951] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.504418][ T5951] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.508559][ T5951] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.553241][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.589998][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.595487][ T5956] 8021q: adding VLAN 0 to HW filter on device team0
[   47.605621][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.609826][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.612257][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.623075][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.625405][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.634389][ T5945] 8021q: adding VLAN 0 to HW filter on device team0
[   47.649161][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.651521][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.663443][ T5944] 8021q: adding VLAN 0 to HW filter on device team0
[   47.666650][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.668952][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.681582][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.696434][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.698669][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.707230][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.709963][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.725182][ T5951] 8021q: adding VLAN 0 to HW filter on device team0
[   47.745715][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.748075][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.757084][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.758548][   T40] audit: type=1400 audit(1752460318.404:89): avc:  denied  { sys_module } for  pid=5956 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   47.759187][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.865785][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.906471][ T5956] veth0_vlan: entered promiscuous mode
[   47.916685][ T5956] veth1_vlan: entered promiscuous mode
[   47.929128][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.942752][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.973901][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.985379][ T5956] veth0_macvtap: entered promiscuous mode
[   47.988633][ T5945] veth0_vlan: entered promiscuous mode
[   47.996390][ T5956] veth1_macvtap: entered promiscuous mode
[   48.010495][ T5944] veth0_vlan: entered promiscuous mode
[   48.016067][ T5945] veth1_vlan: entered promiscuous mode
[   48.027054][ T5944] veth1_vlan: entered promiscuous mode
[   48.032658][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.046674][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.059997][ T5956] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.065865][ T5956] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.069302][ T5956] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.074202][ T5956] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.085929][ T5951] veth0_vlan: entered promiscuous mode
[   48.088955][ T5945] veth0_macvtap: entered promiscuous mode
[   48.101243][ T5945] veth1_macvtap: entered promiscuous mode
[   48.111171][ T5951] veth1_vlan: entered promiscuous mode
[   48.132671][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.137644][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.143190][ T5944] veth0_macvtap: entered promiscuous mode
[   48.147022][ T5945] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.150178][ T5945] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.153496][ T5945] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.156605][ T5945] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.174282][ T5944] veth1_macvtap: entered promiscuous mode
[   48.188211][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.191225][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.195979][ T5951] veth0_macvtap: entered promiscuous mode
[   48.204998][ T5951] veth1_macvtap: entered promiscuous mode
[   48.218909][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.225478][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.228415][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.231972][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.244939][ T5944] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.247730][ T5944] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.250464][ T5944] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.253445][ T5944] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.265470][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.268163][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.274170][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.293685][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.296450][ T5956] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.300632][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.305298][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.307525][ T5951] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.312219][ T5951] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.314941][ T5951] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.317533][ T5951] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.336876][   T96] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.340212][   T96] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.377265][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.379972][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.426358][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.428684][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.465302][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.468432][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.669023][ T6050] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[   48.700945][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.704304][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.707501][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.711060][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.714207][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.716953][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.719458][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.927033][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   48.995653][ T6058] capability: warning: `syz.3.7' uses 32-bit capabilities (legacy support in use)
[   49.218020][ T6067] netlink: 'syz.3.10': attribute type 10 has an invalid length.
[   49.235505][ T6067] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   49.316690][ T6071] netfs: Couldn't get user pages (rc=-14)
[   49.341920][ T6074] netlink: 'syz.1.13': attribute type 72 has an invalid length.
[   49.344444][ T6074] netlink: 40 bytes leftover after parsing attributes in process `syz.1.13'.
[   49.484413][ T6084] FAULT_INJECTION: forcing a failure.
[   49.484413][ T6084] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   49.488627][ T6084] CPU: 3 UID: 0 PID: 6084 Comm: syz.0.17 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   49.488641][ T6084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   49.488648][ T6084] Call Trace:
[   49.488652][ T6084]  <TASK>
[   49.488656][ T6084]  dump_stack_lvl+0x16c/0x1f0
[   49.488676][ T6084]  should_fail_ex+0x512/0x640
[   49.488692][ T6084]  _copy_to_user+0x32/0xd0
[   49.488709][ T6084]  simple_read_from_buffer+0xcb/0x170
[   49.488725][ T6084]  proc_fail_nth_read+0x197/0x270
[   49.488740][ T6084]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   49.488754][ T6084]  ? rw_verify_area+0xcf/0x680
[   49.488767][ T6084]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   49.488780][ T6084]  vfs_read+0x1e1/0xc60
[   49.488795][ T6084]  ? __pfx___mutex_lock+0x10/0x10
[   49.488812][ T6084]  ? __pfx_vfs_read+0x10/0x10
[   49.488828][ T6084]  ? __fget_files+0x20e/0x3c0
[   49.488848][ T6084]  ksys_read+0x12a/0x250
[   49.488861][ T6084]  ? __pfx_ksys_read+0x10/0x10
[   49.488878][ T6084]  do_syscall_64+0xcd/0x4c0
[   49.488895][ T6084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.488906][ T6084] RIP: 0033:0x7f927818d33c
[   49.488915][ T6084] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   49.488925][ T6084] RSP: 002b:00007f9278fa6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   49.488936][ T6084] RAX: ffffffffffffffda RBX: 00007f92783b5fa0 RCX: 00007f927818d33c
[   49.488946][ T6084] RDX: 000000000000000f RSI: 00007f9278fa60a0 RDI: 0000000000000007
[   49.488952][ T6084] RBP: 00007f9278fa6090 R08: 0000000000000000 R09: 0000000000000000
[   49.488958][ T6084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.488964][ T6084] R13: 0000000000000000 R14: 00007f92783b5fa0 R15: 00007ffd132b0538
[   49.488977][ T6084]  </TASK>
[   49.500467][ T6085] openvswitch: netlink: ERSPAN option length err (len 256, max 255).
[   49.551445][ T5309] Bluetooth: hci3: command tx timeout
[   49.553629][ T5309] Bluetooth: hci2: command tx timeout
[   49.555394][ T5309] Bluetooth: hci0: command tx timeout
[   49.560765][ T5954] Bluetooth: hci1: command tx timeout
[   49.583292][ T6090] netlink: 'syz.3.19': attribute type 10 has an invalid length.
[   49.632261][ T6102] netlink: 40 bytes leftover after parsing attributes in process `syz.2.24'.
[   49.757255][ T6114] kvm: user requested TSC rate below hardware speed
[   49.783859][ T6116] Bluetooth: MGMT ver 1.23
[   49.886437][ T6119] netlink: 24 bytes leftover after parsing attributes in process `syz.0.29'.
[   50.371057][   T40] kauditd_printk_skb: 72 callbacks suppressed
[   50.371073][   T40] audit: type=1400 audit(1752460321.024:160): avc:  denied  { execute } for  pid=6124 comm="syz.2.32" path="/6/bus" dev="tmpfs" ino=48 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   50.377264][ T6125] FAULT_INJECTION: forcing a failure.
[   50.377264][ T6125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   50.382958][   T40] audit: type=1400 audit(1752460321.024:161): avc:  denied  { write } for  pid=6124 comm="syz.2.32" name="comedi4" dev="devtmpfs" ino=1306 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   50.394800][ T6125] CPU: 1 UID: 0 PID: 6125 Comm: syz.2.32 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   50.394815][ T6125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   50.394822][ T6125] Call Trace:
[   50.394825][ T6125]  <TASK>
[   50.394830][ T6125]  dump_stack_lvl+0x16c/0x1f0
[   50.394849][ T6125]  should_fail_ex+0x512/0x640
[   50.394866][ T6125]  _copy_to_user+0x32/0xd0
[   50.394883][ T6125]  simple_read_from_buffer+0xcb/0x170
[   50.394899][ T6125]  proc_fail_nth_read+0x197/0x270
[   50.394914][ T6125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   50.394928][ T6125]  ? rw_verify_area+0xcf/0x680
[   50.394946][ T6125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   50.394959][ T6125]  vfs_read+0x1e1/0xc60
[   50.394975][ T6125]  ? __pfx___mutex_lock+0x10/0x10
[   50.394991][ T6125]  ? __pfx_vfs_read+0x10/0x10
[   50.395008][ T6125]  ? __fget_files+0x20e/0x3c0
[   50.395027][ T6125]  ksys_read+0x12a/0x250
[   50.395040][ T6125]  ? __pfx_ksys_read+0x10/0x10
[   50.395054][ T6125]  ? fput+0x70/0xf0
[   50.395065][ T6125]  do_syscall_64+0xcd/0x4c0
[   50.395083][ T6125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.395094][ T6125] RIP: 0033:0x7ff9fed8d33c
[   50.395103][ T6125] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   50.395113][ T6125] RSP: 002b:00007ff9ffc96030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   50.395123][ T6125] RAX: ffffffffffffffda RBX: 00007ff9fefb5fa0 RCX: 00007ff9fed8d33c
[   50.395130][ T6125] RDX: 000000000000000f RSI: 00007ff9ffc960a0 RDI: 0000000000000005
[   50.395136][ T6125] RBP: 00007ff9ffc96090 R08: 0000000000000000 R09: 0000000000000000
[   50.395142][ T6125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.395148][ T6125] R13: 0000000000000000 R14: 00007ff9fefb5fa0 R15: 00007ffd0a554298
[   50.395161][ T6125]  </TASK>
[   50.483323][ T6131] netlink: 40 bytes leftover after parsing attributes in process `syz.1.34'.
[   50.485819][ T6129] netfs: Couldn't get user pages (rc=-14)
[   50.512006][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.516335][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.604848][   T40] audit: type=1400 audit(1752460321.254:162): avc:  denied  { create } for  pid=6141 comm="syz.2.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   50.610924][   T40] audit: type=1400 audit(1752460321.254:163): avc:  denied  { bind } for  pid=6141 comm="syz.2.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   50.616863][   T40] audit: type=1400 audit(1752460321.254:164): avc:  denied  { setopt } for  pid=6141 comm="syz.2.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   50.625737][   T40] audit: type=1400 audit(1752460321.254:165): avc:  denied  { accept } for  pid=6141 comm="syz.2.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   50.632010][   T40] audit: type=1400 audit(1752460321.254:166): avc:  denied  { write } for  pid=6141 comm="syz.2.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   50.647590][ T6138] netlink: 'syz.3.37': attribute type 10 has an invalid length.
[   50.676686][   T40] audit: type=1400 audit(1752460321.324:167): avc:  denied  { read write } for  pid=6150 comm="syz.3.42" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   50.684274][   T40] audit: type=1400 audit(1752460321.324:168): avc:  denied  { open } for  pid=6150 comm="syz.3.42" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   50.712942][   T40] audit: type=1400 audit(1752460321.364:169): avc:  denied  { write } for  pid=6154 comm="syz.1.39" name="001" dev="devtmpfs" ino=767 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   50.724206][ T6155] netlink: 108 bytes leftover after parsing attributes in process `syz.1.39'.
[   50.748443][ T6160] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   50.753902][ T6162] netlink: 40 bytes leftover after parsing attributes in process `syz.1.46'.
[   50.784003][ T6151] FAULT_INJECTION: forcing a failure.
[   50.784003][ T6151] name failslab, interval 1, probability 0, space 0, times 0
[   50.789952][ T6151] CPU: 1 UID: 0 PID: 6151 Comm: syz.3.42 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   50.789967][ T6151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   50.789974][ T6151] Call Trace:
[   50.789978][ T6151]  <TASK>
[   50.789985][ T6151]  dump_stack_lvl+0x16c/0x1f0
[   50.790011][ T6151]  should_fail_ex+0x512/0x640
[   50.790027][ T6151]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   50.790043][ T6151]  should_failslab+0xc2/0x120
[   50.790060][ T6151]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   50.790074][ T6151]  ? schedule+0x2d7/0x3a0
[   50.790087][ T6151]  ? fuse_request_alloc+0x22/0x200
[   50.790101][ T6151]  fuse_request_alloc+0x22/0x200
[   50.790113][ T6151]  fuse_get_req+0x748/0xfd0
[   50.790128][ T6151]  ? __pfx_fuse_get_req+0x10/0x10
[   50.790141][ T6151]  ? __pfx_autoremove_wake_function+0x10/0x10
[   50.790163][ T6151]  __fuse_simple_request+0xb8/0xcb0
[   50.790179][ T6151]  fuse_do_statx+0x2d1/0x8e0
[   50.790197][ T6151]  ? __pfx_fuse_do_statx+0x10/0x10
[   50.790215][ T6151]  ? find_held_lock+0x2b/0x80
[   50.790232][ T6151]  ? lockdep_hardirqs_on+0x7c/0x110
[   50.790247][ T6151]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[   50.790266][ T6151]  ? __pfx_avc_perm_nonode+0x10/0x10
[   50.790301][ T6151]  fuse_update_get_attr+0x26c/0x640
[   50.790320][ T6151]  fuse_getattr+0x234/0x2c0
[   50.790339][ T6151]  vfs_getattr_nosec+0x2a9/0x430
[   50.790356][ T6151]  ? __pfx_fuse_getattr+0x10/0x10
[   50.790374][ T6151]  vfs_statx+0x14a/0x3e0
[   50.790384][ T6151]  ? __pfx_vfs_statx+0x10/0x10
[   50.790397][ T6151]  do_statx+0xef/0x170
[   50.790409][ T6151]  ? __pfx_do_statx+0x10/0x10
[   50.790428][ T6151]  ? getname_flags.part.0+0x1c5/0x550
[   50.790439][ T6151]  ? ksys_write+0x1ac/0x250
[   50.790455][ T6151]  __x64_sys_statx+0x136/0x1e0
[   50.790468][ T6151]  do_syscall_64+0xcd/0x4c0
[   50.790484][ T6151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.790495][ T6151] RIP: 0033:0x7f433358e929
[   50.790504][ T6151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.790514][ T6151] RSP: 002b:00007f43343c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c
[   50.790525][ T6151] RAX: ffffffffffffffda RBX: 00007f43337b5fa0 RCX: 00007f433358e929
[   50.790532][ T6151] RDX: 0000000000000100 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[   50.790538][ T6151] RBP: 00007f43343c5090 R08: 0000000000000000 R09: 0000000000000000
[   50.790556][ T6151] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[   50.790563][ T6151] R13: 0000000000000000 R14: 00007f43337b5fa0 R15: 00007ffe899329d8
[   50.790576][ T6151]  </TASK>
[   51.012949][ T6176] netlink: 348 bytes leftover after parsing attributes in process `syz.1.49'.
[   51.019232][ T6176] Zero length message leads to an empty skb
[   51.147161][ T6180] netlink: 'syz.1.51': attribute type 10 has an invalid length.
[   51.188957][ T6180] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   51.548494][ T6192] all: renamed from bond_slave_1 (while UP)
[   51.612456][ T6015] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   51.630880][ T5954] Bluetooth: hci0: command tx timeout
[   51.631583][ T5309] Bluetooth: hci1: command tx timeout
[   51.631624][ T5947] Bluetooth: hci2: command tx timeout
[   51.631659][ T5947] Bluetooth: hci3: command tx timeout
[   51.748178][ T6194] overlayfs: workdir and upperdir must reside under the same mount
[   51.770713][ T6015] usb 6-1: Using ep0 maxpacket: 16
[   51.776135][ T6015] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[   51.779116][ T6015] usb 6-1: config 0 has no interface number 0
[   51.781692][ T6015] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   51.785076][ T6015] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   51.791386][ T6015] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[   51.794869][ T6015] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[   51.798033][ T6015] usb 6-1: Product: syz
[   51.799770][ T6015] usb 6-1: SerialNumber: syz
[   51.800742][   T29] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   51.805183][ T6015] usb 6-1: config 0 descriptor??
[   51.812716][ T6015] cm109 6-1:0.8: invalid payload size 0, expected 4
[   51.816581][ T6015] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input5
[   51.951000][   T29] usb 8-1: Using ep0 maxpacket: 16
[   51.953879][   T29] usb 8-1: config 0 has an invalid interface number: 145 but max is 0
[   51.956586][   T29] usb 8-1: config 0 has no interface number 0
[   51.960138][   T29] usb 8-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[   51.963050][   T29] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   51.965505][   T29] usb 8-1: Product: syz
[   51.966857][   T29] usb 8-1: Manufacturer: syz
[   51.968352][   T29] usb 8-1: SerialNumber: syz
[   51.971678][   T29] usb 8-1: config 0 descriptor??
[   51.975496][   T29] hub 8-1:0.145: bad descriptor, ignoring hub
[   51.977672][   T29] hub 8-1:0.145: probe with driver hub failed with error -5
[   51.984916][   T29] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.145/input/input6
[   52.042236][ T5359] udevd[5359]: worker [5950] terminated by signal 33 (Unknown signal 33)
[   52.044896][ T5359] udevd[5359]: worker [5950] failed while handling '/devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.145/input/input6/mouse2'
[   52.098964][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[   52.101832][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[   52.102981][ T1467] usb 6-1: USB disconnect, device number 2
[   52.104020][    C2] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[   52.114749][ T1467] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[   52.192710][ T6105] udevd[6105]: failed to send result of seq 13708 to main daemon: Connection refused
[   52.197735][ T6207] netfs: Couldn't get user pages (rc=-14)
[   52.328438][ T6210] FAULT_INJECTION: forcing a failure.
[   52.328438][ T6210] name failslab, interval 1, probability 0, space 0, times 0
[   52.332716][ T6210] CPU: 0 UID: 0 PID: 6210 Comm: syz.0.62 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   52.332731][ T6210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   52.332738][ T6210] Call Trace:
[   52.332743][ T6210]  <TASK>
[   52.332747][ T6210]  dump_stack_lvl+0x16c/0x1f0
[   52.332767][ T6210]  should_fail_ex+0x512/0x640
[   52.332781][ T6210]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   52.332798][ T6210]  should_failslab+0xc2/0x120
[   52.332815][ T6210]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   52.332829][ T6210]  ? __alloc_skb+0x2b2/0x380
[   52.332845][ T6210]  __alloc_skb+0x2b2/0x380
[   52.332859][ T6210]  ? __pfx___alloc_skb+0x10/0x10
[   52.332872][ T6210]  ? __pfx_rtnl_bridge_dellink+0x10/0x10
[   52.332895][ T6210]  netlink_ack+0x15d/0xb80
[   52.332910][ T6210]  netlink_rcv_skb+0x332/0x420
[   52.332921][ T6210]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   52.332938][ T6210]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   52.332953][ T6210]  ? netlink_deliver_tap+0x1ae/0xd30
[   52.332972][ T6210]  netlink_unicast+0x58a/0x850
[   52.332985][ T6210]  ? __pfx_netlink_unicast+0x10/0x10
[   52.332999][ T6210]  netlink_sendmsg+0x8d1/0xdd0
[   52.333012][ T6210]  ? __pfx_netlink_sendmsg+0x10/0x10
[   52.333027][ T6210]  ____sys_sendmsg+0xa95/0xc70
[   52.333038][ T6210]  ? copy_msghdr_from_user+0x10a/0x160
[   52.333053][ T6210]  ? __pfx_____sys_sendmsg+0x10/0x10
[   52.333070][ T6210]  ___sys_sendmsg+0x134/0x1d0
[   52.333085][ T6210]  ? __pfx____sys_sendmsg+0x10/0x10
[   52.333099][ T6210]  ? __lock_acquire+0x622/0x1c90
[   52.333126][ T6210]  __sys_sendmsg+0x16d/0x220
[   52.333141][ T6210]  ? __pfx___sys_sendmsg+0x10/0x10
[   52.333166][ T6210]  do_syscall_64+0xcd/0x4c0
[   52.333183][ T6210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.333195][ T6210] RIP: 0033:0x7f927818e929
[   52.333204][ T6210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.333214][ T6210] RSP: 002b:00007f9278fa6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.333224][ T6210] RAX: ffffffffffffffda RBX: 00007f92783b5fa0 RCX: 00007f927818e929
[   52.333231][ T6210] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[   52.333237][ T6210] RBP: 00007f9278fa6090 R08: 0000000000000000 R09: 0000000000000000
[   52.333243][ T6210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.333249][ T6210] R13: 0000000000000000 R14: 00007f92783b5fa0 R15: 00007ffd132b0538
[   52.333262][ T6210]  </TASK>
[   52.435787][ T6212] netlink: 64 bytes leftover after parsing attributes in process `syz.0.63'.
[   52.637087][ T6216] netlink: 16 bytes leftover after parsing attributes in process `syz.1.65'.
[   52.640096][ T6216] netlink: 12 bytes leftover after parsing attributes in process `syz.1.65'.
[   52.720784][ T6218] netlink: zone id is out of range
[   52.722385][ T6218] netlink: zone id is out of range
[   52.723989][ T6218] netlink: zone id is out of range
[   52.725605][ T6218] netlink: zone id is out of range
[   52.727157][ T6218] netlink: zone id is out of range
[   52.728719][ T6218] netlink: zone id is out of range
[   52.730256][ T6218] netlink: zone id is out of range
[   52.743953][ T6218] netlink: set zone limit has 4 unknown bytes
[   52.952444][ T6251] FAULT_INJECTION: forcing a failure.
[   52.952444][ T6251] name failslab, interval 1, probability 0, space 0, times 0
[   52.957314][ T6251] CPU: 0 UID: 0 PID: 6251 Comm: syz.1.75 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   52.957335][ T6251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   52.957345][ T6251] Call Trace:
[   52.957350][ T6251]  <TASK>
[   52.957356][ T6251]  dump_stack_lvl+0x16c/0x1f0
[   52.957382][ T6251]  should_fail_ex+0x512/0x640
[   52.957406][ T6251]  ? ___neigh_create+0x14e6/0x28c0
[   52.957422][ T6251]  should_failslab+0xc2/0x120
[   52.957446][ T6251]  __kmalloc_noprof+0xd2/0x510
[   52.957472][ T6251]  ___neigh_create+0x14e6/0x28c0
[   52.957500][ T6251]  ? __pfx____neigh_create+0x10/0x10
[   52.957521][ T6251]  ip6_finish_output2+0x1299/0x2020
[   52.957540][ T6251]  ? ip6_mtu+0x1a3/0x4a0
[   52.957570][ T6251]  ip6_finish_output+0x3f9/0x1360
[   52.957590][ T6251]  ip6_output+0x1f9/0x540
[   52.957610][ T6251]  rawv6_sendmsg+0x22d9/0x47a0
[   52.957646][ T6251]  ? __pfx_rawv6_sendmsg+0x10/0x10
[   52.957676][ T6251]  ? avc_has_perm+0x11a/0x1c0
[   52.957693][ T6251]  ? __pfx_dst_output+0x10/0x10
[   52.957738][ T6251]  ? __import_iovec+0x1dd/0x650
[   52.957762][ T6251]  ? __pfx_rawv6_sendmsg+0x10/0x10
[   52.957788][ T6251]  ? inet_sendmsg+0x11c/0x140
[   52.957806][ T6251]  inet_sendmsg+0x11c/0x140
[   52.957826][ T6251]  ____sys_sendmsg+0x973/0xc70
[   52.957842][ T6251]  ? copy_msghdr_from_user+0x10a/0x160
[   52.957863][ T6251]  ? __pfx_____sys_sendmsg+0x10/0x10
[   52.957890][ T6251]  ___sys_sendmsg+0x134/0x1d0
[   52.957912][ T6251]  ? __pfx____sys_sendmsg+0x10/0x10
[   52.957931][ T6251]  ? __lock_acquire+0x622/0x1c90
[   52.957976][ T6251]  __sys_sendmsg+0x16d/0x220
[   52.957998][ T6251]  ? __pfx___sys_sendmsg+0x10/0x10
[   52.958035][ T6251]  do_syscall_64+0xcd/0x4c0
[   52.958064][ T6251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.958079][ T6251] RIP: 0033:0x7fa46418e929
[   52.958091][ T6251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.958105][ T6251] RSP: 002b:00007fa464f82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.958120][ T6251] RAX: ffffffffffffffda RBX: 00007fa4643b5fa0 RCX: 00007fa46418e929
[   52.958130][ T6251] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   52.958139][ T6251] RBP: 00007fa464f82090 R08: 0000000000000000 R09: 0000000000000000
[   52.958148][ T6251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.958156][ T6251] R13: 0000000000000000 R14: 00007fa4643b5fa0 R15: 00007ffc41eb5f28
[   52.958178][ T6251]  </TASK>
[   53.081597][ T6253] netlink: 'syz.3.76': attribute type 10 has an invalid length.
[   53.172981][ T6272] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore
[   53.175858][ T6272] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   53.215856][ T6276] FAULT_INJECTION: forcing a failure.
[   53.215856][ T6276] name failslab, interval 1, probability 0, space 0, times 0
[   53.219930][ T6276] CPU: 3 UID: 0 PID: 6276 Comm: syz.1.84 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   53.219945][ T6276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   53.219951][ T6276] Call Trace:
[   53.219955][ T6276]  <TASK>
[   53.219960][ T6276]  dump_stack_lvl+0x16c/0x1f0
[   53.219979][ T6276]  should_fail_ex+0x512/0x640
[   53.219994][ T6276]  ? __kmalloc_noprof+0xbf/0x510
[   53.220010][ T6276]  ? ieee80211_alloc_chanctx+0xa1/0x550
[   53.220025][ T6276]  should_failslab+0xc2/0x120
[   53.220041][ T6276]  __kmalloc_noprof+0xd2/0x510
[   53.220058][ T6276]  ieee80211_alloc_chanctx+0xa1/0x550
[   53.220075][ T6276]  ieee80211_new_chanctx+0x84/0x320
[   53.220092][ T6276]  _ieee80211_link_use_channel+0x903/0xd40
[   53.220112][ T6276]  ? __pfx__ieee80211_link_use_channel+0x10/0x10
[   53.220133][ T6276]  ? __kasan_kmalloc+0xaa/0xb0
[   53.220146][ T6276]  ? nl80211_start_ap+0x475/0x49b0
[   53.220161][ T6276]  ? genl_family_rcv_msg_doit+0x209/0x2f0
[   53.220175][ T6276]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   53.220195][ T6276]  ieee80211_start_ap+0x1492/0x3670
[   53.220213][ T6276]  ? wiphy_register+0x17e0/0x2850
[   53.220228][ T6276]  ? __pfx_ieee80211_start_ap+0x10/0x10
[   53.220248][ T6276]  ? cfg80211_reg_check_beaconing+0x208/0xea0
[   53.220266][ T6276]  ? cfg80211_find_elem_match+0x1aa/0x1f0
[   53.220282][ T6276]  nl80211_start_ap+0x2b84/0x49b0
[   53.220302][ T6276]  ? __pfx___mutex_lock+0x10/0x10
[   53.220319][ T6276]  ? __pfx_nl80211_start_ap+0x10/0x10
[   53.220339][ T6276]  ? __nla_parse+0x40/0x60
[   53.220351][ T6276]  ? nl80211_pre_doit+0x1b0/0xb10
[   53.220368][ T6276]  genl_family_rcv_msg_doit+0x209/0x2f0
[   53.220382][ T6276]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   53.220399][ T6276]  ? bpf_lsm_capable+0x9/0x10
[   53.220411][ T6276]  ? security_capable+0x7e/0x260
[   53.220424][ T6276]  ? ns_capable+0xd7/0x110
[   53.220439][ T6276]  genl_rcv_msg+0x55c/0x800
[   53.220452][ T6276]  ? __pfx_genl_rcv_msg+0x10/0x10
[   53.220465][ T6276]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   53.220479][ T6276]  ? __pfx_nl80211_start_ap+0x10/0x10
[   53.220493][ T6276]  ? __pfx_nl80211_post_doit+0x10/0x10
[   53.220514][ T6276]  netlink_rcv_skb+0x158/0x420
[   53.220524][ T6276]  ? __pfx_genl_rcv_msg+0x10/0x10
[   53.220537][ T6276]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   53.220566][ T6276]  ? netlink_deliver_tap+0x1ae/0xd30
[   53.220586][ T6276]  genl_rcv+0x28/0x40
[   53.220596][ T6276]  netlink_unicast+0x58a/0x850
[   53.220609][ T6276]  ? __pfx_netlink_unicast+0x10/0x10
[   53.220624][ T6276]  netlink_sendmsg+0x8d1/0xdd0
[   53.220636][ T6276]  ? __pfx_netlink_sendmsg+0x10/0x10
[   53.220652][ T6276]  ____sys_sendmsg+0xa95/0xc70
[   53.220665][ T6276]  ? copy_msghdr_from_user+0x10a/0x160
[   53.220679][ T6276]  ? __pfx_____sys_sendmsg+0x10/0x10
[   53.220697][ T6276]  ___sys_sendmsg+0x134/0x1d0
[   53.220712][ T6276]  ? __pfx____sys_sendmsg+0x10/0x10
[   53.220726][ T6276]  ? __lock_acquire+0x622/0x1c90
[   53.220754][ T6276]  __sys_sendmsg+0x16d/0x220
[   53.220769][ T6276]  ? __pfx___sys_sendmsg+0x10/0x10
[   53.220793][ T6276]  do_syscall_64+0xcd/0x4c0
[   53.220810][ T6276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.220821][ T6276] RIP: 0033:0x7fa46418e929
[   53.220831][ T6276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.220841][ T6276] RSP: 002b:00007fa464f82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.220851][ T6276] RAX: ffffffffffffffda RBX: 00007fa4643b5fa0 RCX: 00007fa46418e929
[   53.220858][ T6276] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[   53.220864][ T6276] RBP: 00007fa464f82090 R08: 0000000000000000 R09: 0000000000000000
[   53.220870][ T6276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.220876][ T6276] R13: 0000000000000000 R14: 00007fa4643b5fa0 R15: 00007ffc41eb5f28
[   53.220889][ T6276]  </TASK>
[   53.418519][ T6286] netlink: 'syz.3.88': attribute type 10 has an invalid length.
[   53.548210][ T6303] =======================================================
[   53.548210][ T6303] WARNING: The mand mount option has been deprecated and
[   53.548210][ T6303]          and is ignored by this kernel. Remove the mand
[   53.548210][ T6303]          option from the mount to silence this warning.
[   53.548210][ T6303] =======================================================
[   53.641209][ T6310] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   53.645205][ T6302] new mount options do not match the existing superblock, will be ignored
[   53.646671][ T6302] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[   53.710781][ T5309] Bluetooth: hci3: command tx timeout
[   53.710809][ T5959] Bluetooth: hci2: command tx timeout
[   53.720747][ T5959] Bluetooth: hci0: command tx timeout
[   53.722236][ T5344] usb 8-1: reset high-speed USB device number 2 using dummy_hcd
[   53.722810][ T5309] Bluetooth: hci1: command tx timeout
[   53.727332][ T5344] usb 8-1: device reset changed ep0 maxpacket size!
[   53.733530][ T5988] usb 8-1: USB disconnect, device number 2
[   53.821367][ T6329] bridge_slave_0: default FDB implementation only supports local addresses
[   53.852539][ T6331] netfs: Couldn't get user pages (rc=-14)
[   53.873359][ T5988] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   53.910784][ T1467] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   53.920197][ T6338] FAULT_INJECTION: forcing a failure.
[   53.920197][ T6338] name failslab, interval 1, probability 0, space 0, times 0
[   53.924244][ T6338] CPU: 1 UID: 0 PID: 6338 Comm: syz.2.110 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   53.924259][ T6338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   53.924266][ T6338] Call Trace:
[   53.924270][ T6338]  <TASK>
[   53.924274][ T6338]  dump_stack_lvl+0x16c/0x1f0
[   53.924293][ T6338]  should_fail_ex+0x512/0x640
[   53.924310][ T6338]  should_failslab+0xc2/0x120
[   53.924327][ T6338]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   53.924343][ T6338]  ? __alloc_skb+0x2b2/0x380
[   53.924359][ T6338]  __alloc_skb+0x2b2/0x380
[   53.924373][ T6338]  ? __pfx___alloc_skb+0x10/0x10
[   53.924388][ T6338]  ? do_raw_write_lock+0x11c/0x3a0
[   53.924405][ T6338]  __neigh_notify+0xe6/0x380
[   53.924423][ T6338]  neigh_remove_one+0x212/0x310
[   53.924435][ T6338]  ___neigh_create+0x1624/0x28c0
[   53.924452][ T6338]  ? __pfx____neigh_create+0x10/0x10
[   53.924467][ T6338]  ip6_finish_output2+0x1299/0x2020
[   53.924480][ T6338]  ? ip6_mtu+0x1a3/0x4a0
[   53.924501][ T6338]  ip6_finish_output+0x3f9/0x1360
[   53.924515][ T6338]  ip6_output+0x1f9/0x540
[   53.924528][ T6338]  rawv6_sendmsg+0x22d9/0x47a0
[   53.924551][ T6338]  ? __pfx_rawv6_sendmsg+0x10/0x10
[   53.924572][ T6338]  ? avc_has_perm+0x11a/0x1c0
[   53.924584][ T6338]  ? __pfx_dst_output+0x10/0x10
[   53.924613][ T6338]  ? __import_iovec+0x1dd/0x650
[   53.924629][ T6338]  ? __pfx_rawv6_sendmsg+0x10/0x10
[   53.924648][ T6338]  ? inet_sendmsg+0x11c/0x140
[   53.924661][ T6338]  inet_sendmsg+0x11c/0x140
[   53.924675][ T6338]  ____sys_sendmsg+0x973/0xc70
[   53.924686][ T6338]  ? copy_msghdr_from_user+0x10a/0x160
[   53.924701][ T6338]  ? __pfx_____sys_sendmsg+0x10/0x10
[   53.924718][ T6338]  ___sys_sendmsg+0x134/0x1d0
[   53.924734][ T6338]  ? __pfx____sys_sendmsg+0x10/0x10
[   53.924747][ T6338]  ? __lock_acquire+0x622/0x1c90
[   53.924774][ T6338]  __sys_sendmsg+0x16d/0x220
[   53.924789][ T6338]  ? __pfx___sys_sendmsg+0x10/0x10
[   53.924813][ T6338]  do_syscall_64+0xcd/0x4c0
[   53.924830][ T6338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.924841][ T6338] RIP: 0033:0x7ff9fed8e929
[   53.924850][ T6338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.924860][ T6338] RSP: 002b:00007ff9ffc96038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.924870][ T6338] RAX: ffffffffffffffda RBX: 00007ff9fefb5fa0 RCX: 00007ff9fed8e929
[   53.924877][ T6338] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   53.924883][ T6338] RBP: 00007ff9ffc96090 R08: 0000000000000000 R09: 0000000000000000
[   53.924889][ T6338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.924895][ T6338] R13: 0000000000000000 R14: 00007ff9fefb5fa0 R15: 00007ffd0a554298
[   53.924913][ T6338]  </TASK>
[   54.020671][ T5988] usb 8-1: Using ep0 maxpacket: 8
[   54.023681][ T5988] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[   54.026517][ T5988] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   54.029727][ T5988] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   54.031046][ T6338] syz.2.110 (6338) used greatest stack depth: 20968 bytes left
[   54.033753][ T5988] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   54.038167][ T5988] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   54.042707][ T5988] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   54.045511][ T5988] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   54.050866][ T1467] usb 5-1: device descriptor read/64, error -71
[   54.087078][ T6353] FAULT_INJECTION: forcing a failure.
[   54.087078][ T6353] name failslab, interval 1, probability 0, space 0, times 0
[   54.091258][ T6353] CPU: 0 UID: 0 PID: 6353 Comm: syz.1.115 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   54.091273][ T6353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   54.091280][ T6353] Call Trace:
[   54.091284][ T6353]  <TASK>
[   54.091288][ T6353]  dump_stack_lvl+0x16c/0x1f0
[   54.091307][ T6353]  should_fail_ex+0x512/0x640
[   54.091321][ T6353]  ? __kmalloc_noprof+0xbf/0x510
[   54.091337][ T6353]  ? ieee80211_assign_beacon+0x369/0x1bd0
[   54.091353][ T6353]  should_failslab+0xc2/0x120
[   54.091369][ T6353]  __kmalloc_noprof+0xd2/0x510
[   54.091387][ T6353]  ieee80211_assign_beacon+0x369/0x1bd0
[   54.091410][ T6353]  ieee80211_start_ap+0x20c5/0x3670
[   54.091431][ T6353]  ? __pfx_ieee80211_start_ap+0x10/0x10
[   54.091451][ T6353]  ? cfg80211_reg_check_beaconing+0x208/0xea0
[   54.091469][ T6353]  ? cfg80211_find_elem_match+0x1aa/0x1f0
[   54.091486][ T6353]  nl80211_start_ap+0x2b84/0x49b0
[   54.091506][ T6353]  ? __pfx___mutex_lock+0x10/0x10
[   54.091522][ T6353]  ? __pfx_nl80211_start_ap+0x10/0x10
[   54.091542][ T6353]  ? __nla_parse+0x40/0x60
[   54.091554][ T6353]  ? nl80211_pre_doit+0x1b0/0xb10
[   54.091571][ T6353]  genl_family_rcv_msg_doit+0x209/0x2f0
[   54.091585][ T6353]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   54.091602][ T6353]  ? bpf_lsm_capable+0x9/0x10
[   54.091614][ T6353]  ? security_capable+0x7e/0x260
[   54.091627][ T6353]  ? ns_capable+0xd7/0x110
[   54.091641][ T6353]  genl_rcv_msg+0x55c/0x800
[   54.091655][ T6353]  ? __pfx_genl_rcv_msg+0x10/0x10
[   54.091667][ T6353]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   54.091681][ T6353]  ? __pfx_nl80211_start_ap+0x10/0x10
[   54.091696][ T6353]  ? __pfx_nl80211_post_doit+0x10/0x10
[   54.091716][ T6353]  netlink_rcv_skb+0x158/0x420
[   54.091726][ T6353]  ? __pfx_genl_rcv_msg+0x10/0x10
[   54.091739][ T6353]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   54.091755][ T6353]  ? netlink_deliver_tap+0x1ae/0xd30
[   54.091774][ T6353]  genl_rcv+0x28/0x40
[   54.091785][ T6353]  netlink_unicast+0x58a/0x850
[   54.091797][ T6353]  ? __pfx_netlink_unicast+0x10/0x10
[   54.091815][ T6353]  netlink_sendmsg+0x8d1/0xdd0
[   54.091828][ T6353]  ? __pfx_netlink_sendmsg+0x10/0x10
[   54.091844][ T6353]  ____sys_sendmsg+0xa95/0xc70
[   54.091855][ T6353]  ? copy_msghdr_from_user+0x10a/0x160
[   54.091871][ T6353]  ? __pfx_____sys_sendmsg+0x10/0x10
[   54.091888][ T6353]  ___sys_sendmsg+0x134/0x1d0
[   54.091904][ T6353]  ? __pfx____sys_sendmsg+0x10/0x10
[   54.091917][ T6353]  ? __lock_acquire+0x622/0x1c90
[   54.091944][ T6353]  __sys_sendmsg+0x16d/0x220
[   54.091959][ T6353]  ? __pfx___sys_sendmsg+0x10/0x10
[   54.091983][ T6353]  do_syscall_64+0xcd/0x4c0
[   54.092000][ T6353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.092011][ T6353] RIP: 0033:0x7fa46418e929
[   54.092020][ T6353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.092030][ T6353] RSP: 002b:00007fa464f82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.092040][ T6353] RAX: ffffffffffffffda RBX: 00007fa4643b5fa0 RCX: 00007fa46418e929
[   54.092047][ T6353] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[   54.092053][ T6353] RBP: 00007fa464f82090 R08: 0000000000000000 R09: 0000000000000000
[   54.092059][ T6353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.092064][ T6353] R13: 0000000000000000 R14: 00007fa4643b5fa0 R15: 00007ffc41eb5f28
[   54.092078][ T6353]  </TASK>
[   54.251397][ T5988] usb 8-1: usb_control_msg returned -32
[   54.253211][ T5988] usbtmc 8-1:16.0: can't read capabilities
[   54.290711][ T1467] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   54.329418][ T6359] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[   54.332525][ T6359] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[   54.410768][   T61] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   54.420755][ T1467] usb 5-1: device descriptor read/64, error -71
[   54.531060][ T1467] usb usb5-port1: attempt power cycle
[   54.561828][   T61] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   54.565166][   T61] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   54.568109][   T61] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   54.571129][   T61] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   54.576198][ T6354] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[   54.580835][   T61] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[   54.785516][ T6354] 8021q: VLANs not supported on ip6_vti0
[   54.870841][ T1467] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   54.891519][ T1467] usb 5-1: device descriptor read/8, error -71
[   55.131027][ T1467] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   55.151380][ T1467] usb 5-1: device descriptor read/8, error -71
[   55.260883][ T1467] usb usb5-port1: unable to enumerate USB device
[   55.791985][ T5309] Bluetooth: hci2: command tx timeout
[   56.558823][ T5987] usb 8-1: USB disconnect, device number 3
[   56.628224][   T40] kauditd_printk_skb: 88 callbacks suppressed
[   56.628234][   T40] audit: type=1400 audit(1752460327.274:258): avc:  denied  { unmount } for  pid=5956 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   56.748159][ T6365] netlink: 'syz.0.118': attribute type 1 has an invalid length.
[   56.802408][   T40] audit: type=1400 audit(1752460327.454:259): avc:  denied  { mount } for  pid=6370 comm="syz.3.121" name="/" dev="ramfs" ino=11359 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   56.824074][ T6372] veth3: entered promiscuous mode
[   56.855829][   T40] audit: type=1326 audit(1752460327.504:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6370 comm="syz.3.121" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f433358e929 code=0x0
[   57.087477][  T838] usb 7-1: USB disconnect, device number 2
[   57.118190][   T40] audit: type=1400 audit(1752460327.764:261): avc:  denied  { execute } for  pid=6375 comm="syz.0.123" path=2F6D656D66643A0B656DDA995B52404DFCFE9B232AFFFF2101202864656C6574656429 dev="tmpfs" ino=3074 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   57.119977][ T6378] fuse: Unknown parameter '&d'
[   57.128822][   T40] audit: type=1400 audit(1752460327.764:262): avc:  denied  { getopt } for  pid=6375 comm="syz.0.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   57.162975][   T40] audit: type=1400 audit(1752460327.814:263): avc:  denied  { append } for  pid=6379 comm="syz.2.124" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   57.305757][ T6388] __nla_validate_parse: 5 callbacks suppressed
[   57.305768][ T6388] netlink: 20 bytes leftover after parsing attributes in process `syz.0.127'.
[   57.353552][ T6393] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   57.384232][   T40] audit: type=1400 audit(1752460328.034:264): avc:  denied  { create } for  pid=6399 comm="syz.0.130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   57.390650][   T40] audit: type=1400 audit(1752460328.034:265): avc:  denied  { bind } for  pid=6399 comm="syz.0.130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   57.399140][   T40] audit: type=1400 audit(1752460328.034:266): avc:  denied  { ioctl } for  pid=6399 comm="syz.0.130" path="socket:[9846]" dev="sockfs" ino=9846 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   57.451763][ T6413] netlink: 'syz.2.131': attribute type 21 has an invalid length.
[   57.455933][   T40] audit: type=1400 audit(1752460328.104:267): avc:  denied  { create } for  pid=6410 comm="syz.2.131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   57.471801][ T6415] bridge_slave_0: default FDB implementation only supports local addresses
[   57.683700][ T6437] FAULT_INJECTION: forcing a failure.
[   57.683700][ T6437] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.687753][ T6437] CPU: 3 UID: 0 PID: 6437 Comm: syz.1.143 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   57.687768][ T6437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   57.687775][ T6437] Call Trace:
[   57.687779][ T6437]  <TASK>
[   57.687783][ T6437]  dump_stack_lvl+0x16c/0x1f0
[   57.687803][ T6437]  should_fail_ex+0x512/0x640
[   57.687820][ T6437]  _copy_to_user+0x32/0xd0
[   57.687837][ T6437]  simple_read_from_buffer+0xcb/0x170
[   57.687853][ T6437]  proc_fail_nth_read+0x197/0x270
[   57.687868][ T6437]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   57.687882][ T6437]  ? rw_verify_area+0xcf/0x680
[   57.687894][ T6437]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   57.687908][ T6437]  vfs_read+0x1e1/0xc60
[   57.687923][ T6437]  ? __pfx___mutex_lock+0x10/0x10
[   57.687939][ T6437]  ? __pfx_vfs_read+0x10/0x10
[   57.687956][ T6437]  ? __fget_files+0x20e/0x3c0
[   57.687975][ T6437]  ksys_read+0x12a/0x250
[   57.687988][ T6437]  ? __pfx_ksys_read+0x10/0x10
[   57.688006][ T6437]  do_syscall_64+0xcd/0x4c0
[   57.688022][ T6437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.688034][ T6437] RIP: 0033:0x7fa46418d33c
[   57.688043][ T6437] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   57.688053][ T6437] RSP: 002b:00007fa464f82030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   57.688063][ T6437] RAX: ffffffffffffffda RBX: 00007fa4643b5fa0 RCX: 00007fa46418d33c
[   57.688070][ T6437] RDX: 000000000000000f RSI: 00007fa464f820a0 RDI: 0000000000000005
[   57.688076][ T6437] RBP: 00007fa464f82090 R08: 0000000000000000 R09: 0000000000000000
[   57.688082][ T6437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   57.688088][ T6437] R13: 0000000000000000 R14: 00007fa4643b5fa0 R15: 00007ffc41eb5f28
[   57.688100][ T6437]  </TASK>
[   57.941436][ T5958] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[   58.091290][ T5958] usb 5-1: Invalid ep0 maxpacket: 64
[   58.220655][ T5958] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[   58.390790][ T5958] usb 5-1: Invalid ep0 maxpacket: 64
[   58.392588][ T5958] usb usb5-port1: attempt power cycle
[   58.730747][ T5958] usb 5-1: new low-speed USB device number 8 using dummy_hcd
[   58.751352][ T5958] usb 5-1: Invalid ep0 maxpacket: 64
[   58.881102][ T5958] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[   58.901539][ T5958] usb 5-1: Invalid ep0 maxpacket: 64
[   58.904482][ T5958] usb usb5-port1: unable to enumerate USB device
[   59.349026][ T6501] netlink: 16 bytes leftover after parsing attributes in process `syz.3.167'.
[   59.388165][ T6510] netlink: 88 bytes leftover after parsing attributes in process `syz.2.172'.
[   59.446434][ T6513] netlink: 'syz.1.173': attribute type 10 has an invalid length.
[   59.620370][ T6529] fuse: Unknown parameter 'ü؈ìƒßçHT÷8’…ë&"ÉH†*ÊŸe@f!g}~:Ù«G§	DÌpøájÊ:³ÎX—(s™Š¬†×
F–n]û¡lMß™äcCZZX>¡2ºF…)>P?�XÔ}ªÎ€z©·Gôµø©µ4JÚ‹FñÝ8¢jªÏÇgìY¤ºjÈûháe˜'ˆ)QÆ>�»·â#�à�¬µö—¤ÆöÈYL(%ç­ÛŠ-«z2
[   59.620370][ T6529] "�µ!ú>1ŸêÀ¯xÄ Ç#:^
[   59.620370][ T6529] ¨•¤!¼½æ9íø'
[   60.509772][ T6546] bridge_slave_0: default FDB implementation only supports local addresses
[   60.576943][ T6548] netlink: 'syz.2.184': attribute type 10 has an invalid length.
[   60.591791][ T6548] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   60.789674][ T6578] netlink: 'syz.3.197': attribute type 32 has an invalid length.
[   60.821252][ T6582] overlayfs: missing 'lowerdir'
[   60.828938][ T6582] netlink: 'syz.2.198': attribute type 29 has an invalid length.
[   60.836683][ T6582] netlink: 'syz.2.198': attribute type 29 has an invalid length.
[   60.842521][ T6582] netlink: 500 bytes leftover after parsing attributes in process `syz.2.198'.
[   60.933477][ T6578] netlink: 'syz.3.197': attribute type 32 has an invalid length.
[   60.985014][ T6596] netlink: 'syz.2.201': attribute type 1 has an invalid length.
[   61.088172][ T6578] netlink: 'syz.3.197': attribute type 32 has an invalid length.
[   61.092147][ T6604] fuse: Unknown parameter 'rootmo`Ø:TüÄ000000000000100000'
[   61.144732][ T6604] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[   61.325861][ T5309] Bluetooth: to_multiplier 7852 > 3200
[   61.617968][ T6653] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.212'.
[   61.659360][   T40] kauditd_printk_skb: 21 callbacks suppressed
[   61.659374][   T40] audit: type=1400 audit(1752460332.304:289): avc:  denied  { bind } for  pid=6658 comm="syz.2.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   61.669525][   T40] audit: type=1400 audit(1752460332.314:290): avc:  denied  { write } for  pid=6658 comm="syz.2.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   61.720539][ T6667] bridge_slave_0: default FDB implementation only supports local addresses
[   61.865430][ T6670] validate_nla: 3 callbacks suppressed
[   61.865448][ T6670] netlink: 'syz.3.217': attribute type 10 has an invalid length.
[   62.170705][ T1467] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   62.235184][   T40] audit: type=1400 audit(1752460332.884:291): avc:  denied  { read append } for  pid=6677 comm="syz.1.220" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[   62.243047][   T40] audit: type=1400 audit(1752460332.884:292): avc:  denied  { open } for  pid=6677 comm="syz.1.220" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[   62.353746][ T1467] usb 8-1: too many configurations: 9, using maximum allowed: 8
[   62.358168][ T1467] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.362066][ T1467] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.366680][ T1467] usb 8-1: config 0 interface 0 has no altsetting 0
[   62.370503][ T1467] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.374746][ T1467] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.379199][ T1467] usb 8-1: config 0 interface 0 has no altsetting 0
[   62.383909][ T1467] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.387580][ T1467] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.392144][ T1467] usb 8-1: config 0 interface 0 has no altsetting 0
[   62.395859][ T1467] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.399503][ T1467] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.404082][ T1467] usb 8-1: config 0 interface 0 has no altsetting 0
[   62.407869][ T1467] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.411646][ T1467] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.416076][ T1467] usb 8-1: config 0 interface 0 has no altsetting 0
[   62.420002][ T1467] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.423828][ T1467] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.428228][ T1467] usb 8-1: config 0 interface 0 has no altsetting 0
[   62.432100][ T1467] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.435530][ T1467] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.438851][ T1467] usb 8-1: config 0 interface 0 has no altsetting 0
[   62.441821][ T1467] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.444604][ T1467] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.448050][ T1467] usb 8-1: config 0 interface 0 has no altsetting 0
[   62.452062][ T1467] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   62.454962][ T1467] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   62.457502][ T1467] usb 8-1: Product: syz
[   62.458818][ T1467] usb 8-1: Manufacturer: syz
[   62.460287][ T1467] usb 8-1: SerialNumber: syz
[   62.463357][ T1467] usb 8-1: config 0 descriptor??
[   62.468190][ T1467] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[   62.657418][ T6700] netlink: 'syz.2.226': attribute type 10 has an invalid length.
[   62.727291][ T6676] netlink: 8 bytes leftover after parsing attributes in process `syz.3.219'.
[   62.735571][ T6676] IPv6: sit1: Disabled Multicast RS
[   62.738637][ T6676] sit1: entered allmulticast mode
[   62.744692][   T61] usb 8-1: USB disconnect, device number 4
[   62.749647][   T61] yurex 8-1:0.0: USB YUREX #0 now disconnected
[   62.819615][   T40] audit: type=1400 audit(1752460333.464:293): avc:  denied  { ioctl } for  pid=6713 comm="syz.0.230" path="socket:[11843]" dev="sockfs" ino=11843 ioctlcmd=0x941e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   63.128194][ T6729] bridge_slave_0: default FDB implementation only supports local addresses
[   63.203138][ T6736] PKCS8: Unsupported PKCS#8 version
[   63.248852][ T6738] netlink: 'syz.0.238': attribute type 10 has an invalid length.
[   63.263656][ T6738] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   63.366468][   T40] audit: type=1400 audit(1752460334.014:294): avc:  denied  { map } for  pid=6742 comm="syz.0.241" path="socket:[13660]" dev="sockfs" ino=13660 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   63.373626][   T40] audit: type=1400 audit(1752460334.014:295): avc:  denied  { read } for  pid=6742 comm="syz.0.241" path="socket:[13660]" dev="sockfs" ino=13660 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   63.390699][ T5309] Bluetooth: hci2: command tx timeout
[   63.405180][ T6747] FAULT_INJECTION: forcing a failure.
[   63.405180][ T6747] name failslab, interval 1, probability 0, space 0, times 0
[   63.409533][ T6747] CPU: 0 UID: 0 PID: 6747 Comm: syz.0.242 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   63.409548][ T6747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   63.409554][ T6747] Call Trace:
[   63.409559][ T6747]  <TASK>
[   63.409563][ T6747]  dump_stack_lvl+0x16c/0x1f0
[   63.409599][ T6747]  should_fail_ex+0x512/0x640
[   63.409618][ T6747]  ? fs_reclaim_acquire+0xae/0x150
[   63.409631][ T6747]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[   63.409647][ T6747]  should_failslab+0xc2/0x120
[   63.409663][ T6747]  __kmalloc_noprof+0xd2/0x510
[   63.409681][ T6747]  tomoyo_realpath_from_path+0xc2/0x6e0
[   63.409698][ T6747]  ? tomoyo_profile+0x47/0x60
[   63.409716][ T6747]  tomoyo_path_number_perm+0x245/0x580
[   63.409729][ T6747]  ? tomoyo_path_number_perm+0x237/0x580
[   63.409743][ T6747]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   63.409757][ T6747]  ? find_held_lock+0x2b/0x80
[   63.409784][ T6747]  ? find_held_lock+0x2b/0x80
[   63.409797][ T6747]  ? hook_file_ioctl_common+0x145/0x410
[   63.409810][ T6747]  ? __fget_files+0x20e/0x3c0
[   63.409828][ T6747]  security_file_ioctl+0x9b/0x240
[   63.409844][ T6747]  __x64_sys_ioctl+0xb7/0x210
[   63.409858][ T6747]  do_syscall_64+0xcd/0x4c0
[   63.409875][ T6747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.409887][ T6747] RIP: 0033:0x7f927818e929
[   63.409896][ T6747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.409906][ T6747] RSP: 002b:00007f9278fa6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   63.409917][ T6747] RAX: ffffffffffffffda RBX: 00007f92783b5fa0 RCX: 00007f927818e929
[   63.409923][ T6747] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000005
[   63.409930][ T6747] RBP: 00007f9278fa6090 R08: 0000000000000000 R09: 0000000000000000
[   63.409936][ T6747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.409941][ T6747] R13: 0000000000000000 R14: 00007f92783b5fa0 R15: 00007ffd132b0538
[   63.409955][ T6747]  </TASK>
[   63.409959][ T6747] ERROR: Out of memory at tomoyo_realpath_from_path.
[   63.587387][   T40] audit: type=1400 audit(1752460334.234:296): avc:  denied  { mounton } for  pid=6750 comm="syz.0.244" path="/proc/139/task" dev="proc" ino=13677 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   63.717482][ T6761] bridge_slave_0: default FDB implementation only supports local addresses
[   63.870704][ T5987] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   63.977568][   T40] audit: type=1400 audit(1752460334.624:297): avc:  denied  { create } for  pid=6771 comm="syz.2.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   63.978058][ T5309] Bluetooth: hci2: Malformed LE Event: 0x1b
[   63.984570][   T40] audit: type=1400 audit(1752460334.624:298): avc:  denied  { getopt } for  pid=6771 comm="syz.2.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   64.021807][ T5987] usb 5-1: Using ep0 maxpacket: 8
[   64.025044][ T5987] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   64.028066][ T5987] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   64.031376][ T5987] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   64.034696][ T5987] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   64.038744][ T5987] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   64.042193][ T5987] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.084627][ T6778] fuse: Bad value for 'user_id'
[   64.086206][ T6778] fuse: Bad value for 'user_id'
[   64.137630][ T6782] bridge_slave_0: default FDB implementation only supports local addresses
[   64.216182][ T6788] program syz.2.259 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   64.219114][ T6788] ata1.00: invalid transfer count 0
[   64.248476][ T5987] usb 5-1: GET_CAPABILITIES returned 0
[   64.250289][ T5987] usbtmc 5-1:16.0: can't read capabilities
[   64.322258][ T6788] xt_AUDIT: Audit type out of range (valid range: 0..2)
[   64.388136][    C1] vxcan1: j1939_tp_rxtimer: 0xffff8880550a8400: rx timeout, send abort
[   64.459226][ T6033] usb 5-1: USB disconnect, device number 10
[   64.888345][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888055c13c00: rx timeout, send abort
[   64.892007][    C1] vxcan1: j1939_tp_rxtimer: 0xffff8880550a8400: abort rx timeout. Force session deactivation
[   64.988924][ T6807] 9pnet_virtio: no channels available for device syz
[   65.125187][ T6823] netlink: 'syz.0.271': attribute type 10 has an invalid length.
[   65.127670][ T6823] netlink: 40 bytes leftover after parsing attributes in process `syz.0.271'.
[   65.130927][ T6823] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[   65.133269][ T6823] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[   65.136533][ T6823] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[   65.300620][ T6033] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   65.391707][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888055c13c00: abort rx timeout. Force session deactivation
[   65.430650][ T6033] usb 8-1: device descriptor read/64, error -71
[   65.670814][ T6033] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   65.800677][ T6033] usb 8-1: device descriptor read/64, error -71
[   65.920859][ T6033] usb usb8-port1: attempt power cycle
[   65.942975][ T6845] netlink: 96 bytes leftover after parsing attributes in process `syz.1.279'.
[   66.138299][ T6860] bridge_slave_0: default FDB implementation only supports local addresses
[   66.170412][ T6864] Failed to get privilege flags for destination (handle=0x2:0xfffffffe)
[   66.260640][ T6033] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[   66.282556][ T6033] usb 8-1: device descriptor read/8, error -71
[   66.315963][ T6873] netlink: 60 bytes leftover after parsing attributes in process `syz.0.289'.
[   66.322865][ T6878] fuseblk: Bad value for 'group_id'
[   66.325042][ T6878] fuseblk: Bad value for 'group_id'
[   66.330617][ T6878] warning: `syz.1.291' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   66.379081][ T6880] openvswitch: netlink: Flow key attr not present in new flow.
[   66.383398][ T6880] netlink: 20 bytes leftover after parsing attributes in process `syz.0.292'.
[   66.404342][ T6881] netlink: 16 bytes leftover after parsing attributes in process `syz.1.291'.
[   66.436859][ T5309] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[   66.438092][ T6883] hub 2-0:1.0: USB hub found
[   66.440715][ T5309] CPU: 0 UID: 0 PID: 5309 Comm: kworker/u33:1 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   66.440736][ T5309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   66.440745][ T5309] Workqueue: hci3 hci_rx_work
[   66.440765][ T5309] Call Trace:
[   66.440770][ T5309]  <TASK>
[   66.440774][ T5309]  dump_stack_lvl+0x16c/0x1f0
[   66.440792][ T5309]  sysfs_warn_dup+0x7f/0xa0
[   66.440810][ T5309]  sysfs_create_dir_ns+0x24b/0x2b0
[   66.440825][ T5309]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   66.440840][ T5309]  ? find_held_lock+0x2b/0x80
[   66.440858][ T5309]  ? do_raw_spin_unlock+0x172/0x230
[   66.440872][ T5309]  kobject_add_internal+0x2c4/0x9b0
[   66.440891][ T5309]  kobject_add+0x16e/0x240
[   66.440908][ T5309]  ? __pfx_kobject_add+0x10/0x10
[   66.440925][ T5309]  ? do_raw_spin_unlock+0x172/0x230
[   66.440938][ T5309]  ? kobject_put+0xab/0x5a0
[   66.440957][ T5309]  device_add+0x288/0x1a70
[   66.440969][ T5309]  ? __pfx_dev_set_name+0x10/0x10
[   66.440980][ T5309]  ? __pfx_device_add+0x10/0x10
[   66.440990][ T5309]  ? mgmt_send_event_skb+0x2fb/0x460
[   66.441010][ T5309]  hci_conn_add_sysfs+0x17e/0x230
[   66.441027][ T5309]  le_conn_complete_evt+0x1075/0x1d70
[   66.441046][ T5309]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   66.441061][ T5309]  ? hci_event_packet+0x459/0x11c0
[   66.441079][ T5309]  hci_le_conn_complete_evt+0x23c/0x370
[   66.441097][ T5309]  hci_le_meta_evt+0x354/0x5e0
[   66.441115][ T5309]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   66.441132][ T5309]  hci_event_packet+0x682/0x11c0
[   66.441147][ T5309]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   66.441164][ T5309]  ? __pfx_hci_event_packet+0x10/0x10
[   66.441180][ T5309]  ? kcov_remote_start+0x3c9/0x6d0
[   66.441192][ T5309]  ? lockdep_hardirqs_on+0x7c/0x110
[   66.441209][ T5309]  hci_rx_work+0x2c5/0x16b0
[   66.441226][ T5309]  ? rcu_is_watching+0x12/0xc0
[   66.441241][ T5309]  process_one_work+0x9cf/0x1b70
[   66.441259][ T5309]  ? __pfx_process_one_work+0x10/0x10
[   66.441274][ T5309]  ? assign_work+0x1a0/0x250
[   66.441286][ T5309]  worker_thread+0x6c8/0xf10
[   66.441304][ T5309]  ? __pfx_worker_thread+0x10/0x10
[   66.441315][ T5309]  kthread+0x3c5/0x780
[   66.441326][ T5309]  ? __pfx_kthread+0x10/0x10
[   66.441337][ T5309]  ? rcu_is_watching+0x12/0xc0
[   66.441351][ T5309]  ? __pfx_kthread+0x10/0x10
[   66.441361][ T5309]  ret_from_fork+0x5d7/0x6f0
[   66.441377][ T5309]  ? __pfx_kthread+0x10/0x10
[   66.441388][ T5309]  ret_from_fork_asm+0x1a/0x30
[   66.441407][ T5309]  </TASK>
[   66.441422][ T5309] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   66.443599][ T6883] hub 2-0:1.0: 2 ports detected
[   66.446447][ T5309] Bluetooth: hci3: failed to register connection device
[   66.531062][ T6033] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[   66.561051][ T6033] usb 8-1: device descriptor read/8, error -71
[   66.566967][ T6885] netlink: 'syz.0.293': attribute type 10 has an invalid length.
[   66.649446][ T6900] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[   66.658713][ T6902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.300'.
[   66.662483][ T6902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.300'.
[   66.666945][   T40] kauditd_printk_skb: 46 callbacks suppressed
[   66.666955][   T40] audit: type=1326 audit(1752460337.314:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="syz.0.300" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f927818e929 code=0x0
[   66.683735][ T6033] usb usb8-port1: unable to enumerate USB device
[   66.714230][   T40] audit: type=1400 audit(1752460337.364:346): avc:  denied  { create } for  pid=6903 comm="syz.1.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   67.519150][ T6911] FAULT_INJECTION: forcing a failure.
[   67.519150][ T6911] name failslab, interval 1, probability 0, space 0, times 0
[   67.524715][ T6911] CPU: 1 UID: 0 PID: 6911 Comm: syz.0.303 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   67.524731][ T6911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.524737][ T6911] Call Trace:
[   67.524741][ T6911]  <TASK>
[   67.524745][ T6911]  dump_stack_lvl+0x16c/0x1f0
[   67.524765][ T6911]  should_fail_ex+0x512/0x640
[   67.524779][ T6911]  ? fs_reclaim_acquire+0xae/0x150
[   67.524792][ T6911]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[   67.524807][ T6911]  should_failslab+0xc2/0x120
[   67.524824][ T6911]  __kmalloc_noprof+0xd2/0x510
[   67.524841][ T6911]  tomoyo_realpath_from_path+0xc2/0x6e0
[   67.524858][ T6911]  ? tomoyo_profile+0x47/0x60
[   67.524876][ T6911]  tomoyo_path_number_perm+0x245/0x580
[   67.524889][ T6911]  ? tomoyo_path_number_perm+0x237/0x580
[   67.524903][ T6911]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   67.524917][ T6911]  ? find_held_lock+0x2b/0x80
[   67.524943][ T6911]  ? find_held_lock+0x2b/0x80
[   67.524961][ T6911]  ? hook_file_ioctl_common+0x145/0x410
[   67.524974][ T6911]  ? __fget_files+0x20e/0x3c0
[   67.524991][ T6911]  security_file_ioctl+0x9b/0x240
[   67.525008][ T6911]  __x64_sys_ioctl+0xb7/0x210
[   67.525021][ T6911]  do_syscall_64+0xcd/0x4c0
[   67.525038][ T6911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.525049][ T6911] RIP: 0033:0x7f927818e929
[   67.525058][ T6911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.525069][ T6911] RSP: 002b:00007f9278fa6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   67.525079][ T6911] RAX: ffffffffffffffda RBX: 00007f92783b5fa0 RCX: 00007f927818e929
[   67.525085][ T6911] RDX: 0000200000000000 RSI: 0000000000005412 RDI: 0000000000000003
[   67.525092][ T6911] RBP: 00007f9278fa6090 R08: 0000000000000000 R09: 0000000000000000
[   67.525098][ T6911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.525104][ T6911] R13: 0000000000000000 R14: 00007f92783b5fa0 R15: 00007ffd132b0538
[   67.525117][ T6911]  </TASK>
[   67.525121][ T6911] ERROR: Out of memory at tomoyo_realpath_from_path.
[   67.546102][   T40] audit: type=1400 audit(1752460338.194:347): avc:  denied  { create } for  pid=6912 comm="syz.2.304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   67.606804][   T40] audit: type=1400 audit(1752460338.194:348): avc:  denied  { write } for  pid=6912 comm="syz.2.304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   67.637523][   T40] audit: type=1400 audit(1752460338.284:349): avc:  denied  { connect } for  pid=6916 comm="syz.1.306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   67.659675][ T6920] netlink: 'syz.0.307': attribute type 10 has an invalid length.
[   67.685797][ T6924] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   67.690336][   T40] audit: type=1400 audit(1752460338.334:350): avc:  denied  { create } for  pid=6923 comm="syz.0.309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   67.708003][   T40] audit: type=1400 audit(1752460338.354:351): avc:  denied  { write } for  pid=6930 comm="syz.2.311" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   67.789474][   T40] audit: type=1400 audit(1752460338.434:352): avc:  denied  { create } for  pid=6938 comm="syz.2.314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   67.798017][   T40] audit: type=1400 audit(1752460338.444:353): avc:  denied  { setopt } for  pid=6938 comm="syz.2.314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   67.808490][ T6935] block nbd1: shutting down sockets
[   67.867782][ T6945] netlink: 'syz.1.317': attribute type 10 has an invalid length.
[   67.929527][ T6955] netlink: 12 bytes leftover after parsing attributes in process `syz.2.320'.
[   67.933603][ T6955] netlink: 12 bytes leftover after parsing attributes in process `syz.2.320'.
[   68.067041][ T6964] vlan2: entered promiscuous mode
[   68.069022][ T6964] vlan2: entered allmulticast mode
[   68.072797][ T6964] hsr_slave_1: entered allmulticast mode
[   68.124835][ T6970] netlink: 'syz.3.327': attribute type 10 has an invalid length.
[   68.130403][ T6970] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.135036][ T6970] bridge_slave_1: left allmulticast mode
[   68.137053][ T6970] bridge_slave_1: left promiscuous mode
[   68.139102][ T6970] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.145996][ T6970] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[   68.157918][   T40] audit: type=1400 audit(1752460338.804:354): avc:  denied  { write } for  pid=6969 comm="syz.3.327" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   68.161843][ T6970] syz.3.327 uses obsolete (PF_INET,SOCK_PACKET)
[   68.261912][ T6975] netlink: 'syz.3.329': attribute type 10 has an invalid length.
[   68.267864][ T6976] netlink: 'syz.1.328': attribute type 11 has an invalid length.
[   68.270276][ T6976] netlink: 132 bytes leftover after parsing attributes in process `syz.1.328'.
[   68.292768][ T6978] netlink: 8 bytes leftover after parsing attributes in process `syz.3.330'.
[   68.297612][ T6978] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.459929][ T6982] FAULT_INJECTION: forcing a failure.
[   68.459929][ T6982] name failslab, interval 1, probability 0, space 0, times 0
[   68.465228][ T6982] CPU: 3 UID: 0 PID: 6982 Comm: syz.3.332 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   68.465253][ T6982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.465263][ T6982] Call Trace:
[   68.465269][ T6982]  <TASK>
[   68.465277][ T6982]  dump_stack_lvl+0x16c/0x1f0
[   68.465305][ T6982]  should_fail_ex+0x512/0x640
[   68.465328][ T6982]  ? fs_reclaim_acquire+0xae/0x150
[   68.465348][ T6982]  ? tomoyo_encode2+0x100/0x3e0
[   68.465370][ T6982]  should_failslab+0xc2/0x120
[   68.465395][ T6982]  __kmalloc_noprof+0xd2/0x510
[   68.465417][ T6982]  ? d_absolute_path+0x136/0x1a0
[   68.465439][ T6982]  tomoyo_encode2+0x100/0x3e0
[   68.465466][ T6982]  tomoyo_encode+0x29/0x50
[   68.465488][ T6982]  tomoyo_realpath_from_path+0x18f/0x6e0
[   68.465519][ T6982]  tomoyo_path_number_perm+0x245/0x580
[   68.465539][ T6982]  ? tomoyo_path_number_perm+0x237/0x580
[   68.465562][ T6982]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   68.465584][ T6982]  ? find_held_lock+0x2b/0x80
[   68.465628][ T6982]  ? find_held_lock+0x2b/0x80
[   68.465649][ T6982]  ? hook_file_ioctl_common+0x145/0x410
[   68.465677][ T6982]  ? __fget_files+0x20e/0x3c0
[   68.465705][ T6982]  security_file_ioctl+0x9b/0x240
[   68.465731][ T6982]  __x64_sys_ioctl+0xb7/0x210
[   68.465752][ T6982]  do_syscall_64+0xcd/0x4c0
[   68.465778][ T6982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.465794][ T6982] RIP: 0033:0x7f433358e929
[   68.465806][ T6982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.465820][ T6982] RSP: 002b:00007f43343c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   68.465836][ T6982] RAX: ffffffffffffffda RBX: 00007f43337b5fa0 RCX: 00007f433358e929
[   68.465847][ T6982] RDX: 0000200000000000 RSI: 0000000000005412 RDI: 0000000000000003
[   68.465857][ T6982] RBP: 00007f43343c5090 R08: 0000000000000000 R09: 0000000000000000
[   68.465865][ T6982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.465874][ T6982] R13: 0000000000000000 R14: 00007f43337b5fa0 R15: 00007ffe899329d8
[   68.465894][ T6982]  </TASK>
[   68.465912][ T6982] ERROR: Out of memory at tomoyo_realpath_from_path.
[   68.991477][ T7025] FAULT_INJECTION: forcing a failure.
[   68.991477][ T7025] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.995743][ T7025] CPU: 0 UID: 0 PID: 7025 Comm: syz.0.346 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   68.995765][ T7025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.995776][ T7025] Call Trace:
[   68.995782][ T7025]  <TASK>
[   68.995789][ T7025]  dump_stack_lvl+0x16c/0x1f0
[   68.995817][ T7025]  should_fail_ex+0x512/0x640
[   68.995843][ T7025]  _copy_from_user+0x2e/0xd0
[   68.995869][ T7025]  move_addr_to_kernel+0x65/0x170
[   68.995888][ T7025]  __sys_sendto+0x1be/0x520
[   68.995910][ T7025]  ? __pfx___sys_sendto+0x10/0x10
[   68.995950][ T7025]  ? ksys_write+0x1ac/0x250
[   68.995973][ T7025]  ? __pfx_ksys_write+0x10/0x10
[   68.995998][ T7025]  __x64_sys_sendto+0xe0/0x1c0
[   68.996018][ T7025]  ? do_syscall_64+0x91/0x4c0
[   68.996041][ T7025]  ? lockdep_hardirqs_on+0x7c/0x110
[   68.996063][ T7025]  do_syscall_64+0xcd/0x4c0
[   68.996089][ T7025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.996106][ T7025] RIP: 0033:0x7f927818e929
[   68.996120][ T7025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.996135][ T7025] RSP: 002b:00007f9278fa6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   68.996151][ T7025] RAX: ffffffffffffffda RBX: 00007f92783b5fa0 RCX: 00007f927818e929
[   68.996162][ T7025] RDX: 0000000000000001 RSI: 0000200000000380 RDI: 0000000000000007
[   68.996172][ T7025] RBP: 00007f9278fa6090 R08: 00002000000001c0 R09: 000000000000001c
[   68.996182][ T7025] R10: 0000000020000045 R11: 0000000000000246 R12: 0000000000000001
[   68.996192][ T7025] R13: 0000000000000000 R14: 00007f92783b5fa0 R15: 00007ffd132b0538
[   68.996214][ T7025]  </TASK>
[   69.268710][ T7053] syz.2.357 (7053) used obsolete PPPIOCDETACH ioctl
[   69.350820][ T7060] bridge0: entered promiscuous mode
[   69.353310][ T7060] macvlan2: entered promiscuous mode
[   69.358047][ T7060] netlink: 8 bytes leftover after parsing attributes in process `syz.2.360'.
[   69.364467][ T7060] macvlan0: entered promiscuous mode
[   69.366875][ T7060] batadv_slave_1: entered promiscuous mode
[   69.398154][ T7063] NILFS (nbd3): device size too small
[   69.401215][ T7063] netlink: 'syz.3.361': attribute type 12 has an invalid length.
[   69.431659][ T7072] netlink: 16 bytes leftover after parsing attributes in process `syz.3.365'.
[   69.458453][ T7076] netlink: 36 bytes leftover after parsing attributes in process `syz.2.366'.
[   69.543110][ T7093] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[   69.614957][ T7103] FAULT_INJECTION: forcing a failure.
[   69.614957][ T7103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.617238][ T7104] netlink: 8 bytes leftover after parsing attributes in process `syz.0.374'.
[   69.619076][ T7103] CPU: 0 UID: 0 PID: 7103 Comm: syz.2.378 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   69.619099][ T7103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.619109][ T7103] Call Trace:
[   69.619115][ T7103]  <TASK>
[   69.619120][ T7103]  dump_stack_lvl+0x16c/0x1f0
[   69.619149][ T7103]  should_fail_ex+0x512/0x640
[   69.619173][ T7103]  strncpy_from_user+0x3b/0x2e0
[   69.619188][ T7103]  strncpy_from_sockptr+0x15f/0x1a0
[   69.619201][ T7103]  ? __pfx_strncpy_from_sockptr+0x10/0x10
[   69.619214][ T7103]  ? avc_has_perm+0x11a/0x1c0
[   69.619227][ T7103]  do_tcp_setsockopt+0x4e1/0x2640
[   69.619245][ T7103]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[   69.619261][ T7103]  ? sock_has_perm+0x259/0x2f0
[   69.619273][ T7103]  ? __pfx_sock_has_perm+0x10/0x10
[   69.619285][ T7103]  ? selinux_netlbl_socket_setsockopt+0x183/0x470
[   69.619301][ T7103]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[   69.619316][ T7103]  ? proc_fail_nth_write+0x9f/0x250
[   69.619333][ T7103]  ? __lock_acquire+0x622/0x1c90
[   69.619347][ T7103]  tcp_setsockopt+0xe2/0x100
[   69.619362][ T7103]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   69.619381][ T7103]  do_sock_setsockopt+0x221/0x470
[   69.619398][ T7103]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   69.619423][ T7103]  __sys_setsockopt+0x1a0/0x230
[   69.619439][ T7103]  __x64_sys_setsockopt+0xbd/0x160
[   69.619453][ T7103]  ? do_syscall_64+0x91/0x4c0
[   69.619468][ T7103]  ? lockdep_hardirqs_on+0x7c/0x110
[   69.619482][ T7103]  do_syscall_64+0xcd/0x4c0
[   69.619498][ T7103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.619509][ T7103] RIP: 0033:0x7ff9fed8e929
[   69.619518][ T7103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.619529][ T7103] RSP: 002b:00007ff9ffc96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   69.619554][ T7103] RAX: ffffffffffffffda RBX: 00007ff9fefb5fa0 RCX: 00007ff9fed8e929
[   69.619561][ T7103] RDX: 000000000000000d RSI: 0000000000000006 RDI: 0000000000000008
[   69.619567][ T7103] RBP: 00007ff9ffc96090 R08: 0000000000000003 R09: 0000000000000000
[   69.619573][ T7103] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.619579][ T7103] R13: 0000000000000000 R14: 00007ff9fefb5fa0 R15: 00007ffd0a554298
[   69.619592][ T7103]  </TASK>
[   69.772618][ T7113] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[   69.853575][ T7124] FAULT_INJECTION: forcing a failure.
[   69.853575][ T7124] name failslab, interval 1, probability 0, space 0, times 0
[   69.858818][ T7124] CPU: 0 UID: 0 PID: 7124 Comm: syz.2.385 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   69.858841][ T7124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.858851][ T7124] Call Trace:
[   69.858857][ T7124]  <TASK>
[   69.858865][ T7124]  dump_stack_lvl+0x16c/0x1f0
[   69.858895][ T7124]  should_fail_ex+0x512/0x640
[   69.858917][ T7124]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   69.858940][ T7124]  should_failslab+0xc2/0x120
[   69.858965][ T7124]  __kmalloc_cache_noprof+0x6a/0x3e0
[   69.858990][ T7124]  ? tcp_sendmsg_fastopen+0x24d/0x750
[   69.859017][ T7124]  tcp_sendmsg_fastopen+0x24d/0x750
[   69.859043][ T7124]  tcp_sendmsg_locked+0x18e5/0x42b0
[   69.859067][ T7124]  ? avc_has_perm+0x11a/0x1c0
[   69.859088][ T7124]  ? __lock_acquire+0xb8a/0x1c90
[   69.859112][ T7124]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[   69.859136][ T7124]  ? do_raw_spin_lock+0x12c/0x2b0
[   69.859155][ T7124]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   69.859181][ T7124]  ? __local_bh_enable_ip+0xa4/0x120
[   69.859206][ T7124]  tcp_sendmsg+0x2e/0x50
[   69.859224][ T7124]  ? __pfx_tcp_sendmsg+0x10/0x10
[   69.859244][ T7124]  inet6_sendmsg+0xb9/0x140
[   69.859271][ T7124]  __sys_sendto+0x376/0x520
[   69.859293][ T7124]  ? __pfx___sys_sendto+0x10/0x10
[   69.859336][ T7124]  ? ksys_write+0x1ac/0x250
[   69.859358][ T7124]  ? __pfx_ksys_write+0x10/0x10
[   69.859383][ T7124]  __x64_sys_sendto+0xe0/0x1c0
[   69.859403][ T7124]  ? do_syscall_64+0x91/0x4c0
[   69.859426][ T7124]  ? lockdep_hardirqs_on+0x7c/0x110
[   69.859449][ T7124]  do_syscall_64+0xcd/0x4c0
[   69.859476][ T7124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.859494][ T7124] RIP: 0033:0x7ff9fed8e929
[   69.859509][ T7124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.859526][ T7124] RSP: 002b:00007ff9ffc96038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   69.859556][ T7124] RAX: ffffffffffffffda RBX: 00007ff9fefb5fa0 RCX: 00007ff9fed8e929
[   69.859568][ T7124] RDX: 0000000000000001 RSI: 0000200000000380 RDI: 0000000000000007
[   69.859578][ T7124] RBP: 00007ff9ffc96090 R08: 00002000000001c0 R09: 000000000000001c
[   69.859589][ T7124] R10: 0000000020000045 R11: 0000000000000246 R12: 0000000000000001
[   69.859599][ T7124] R13: 0000000000000000 R14: 00007ff9fefb5fa0 R15: 00007ffd0a554298
[   69.859624][ T7124]  </TASK>
[   70.047798][ T7136] netlink: 8 bytes leftover after parsing attributes in process `syz.1.390'.
[   70.267823][ T7148] netlink: 8 bytes leftover after parsing attributes in process `syz.1.394'.
[   70.370948][ T7170] bridge_slave_0: default FDB implementation only supports local addresses
[   70.402539][ T7175] netlink: 'syz.1.403': attribute type 64 has an invalid length.
[   70.402797][ T7177] netlink: 'syz.1.403': attribute type 64 has an invalid length.
[   70.405980][ T7175] netlink: 'syz.1.403': attribute type 4 has an invalid length.
[   70.411516][ T7177] netlink: 'syz.1.403': attribute type 4 has an invalid length.
[   70.416946][ T7179] FAULT_INJECTION: forcing a failure.
[   70.416946][ T7179] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.425176][ T7179] CPU: 3 UID: 0 PID: 7179 Comm: syz.0.404 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[   70.425200][ T7179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.425211][ T7179] Call Trace:
[   70.425217][ T7179]  <TASK>
[   70.425228][ T7179]  dump_stack_lvl+0x16c/0x1f0
[   70.425256][ T7179]  should_fail_ex+0x512/0x640
[   70.425287][ T7179]  _copy_to_user+0x32/0xd0
[   70.425314][ T7179]  simple_read_from_buffer+0xcb/0x170
[   70.425340][ T7179]  proc_fail_nth_read+0x197/0x270
[   70.425364][ T7179]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   70.425388][ T7179]  ? rw_verify_area+0xcf/0x680
[   70.425408][ T7179]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   70.425430][ T7179]  vfs_read+0x1e1/0xc60
[   70.425456][ T7179]  ? __pfx___mutex_lock+0x10/0x10
[   70.425486][ T7179]  ? __pfx_vfs_read+0x10/0x10
[   70.425515][ T7179]  ? __fget_files+0x20e/0x3c0
[   70.425550][ T7179]  ksys_read+0x12a/0x250
[   70.425572][ T7179]  ? __pfx_ksys_read+0x10/0x10
[   70.425601][ T7179]  do_syscall_64+0xcd/0x4c0
[   70.425629][ T7179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.425647][ T7179] RIP: 0033:0x7f927818d33c
[   70.425662][ T7179] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   70.425678][ T7179] RSP: 002b:00007f9278fa6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   70.425696][ T7179] RAX: ffffffffffffffda RBX: 00007f92783b5fa0 RCX: 00007f927818d33c
[   70.425707][ T7179] RDX: 000000000000000f RSI: 00007f9278fa60a0 RDI: 0000000000000009
[   70.425718][ T7179] RBP: 00007f9278fa6090 R08: 0000000000000000 R09: 0000000000000000
[   70.425727][ T7179] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.425741][ T7179] R13: 0000000000000000 R14: 00007f92783b5fa0 R15: 00007ffd132b0538
[   70.425765][ T7179]  </TASK>
[   70.528670][ T5959] Bluetooth: hci3: ACL packet too small
[   70.533345][ T7192] xt_hashlimit: size too large, truncated to 1048576
[   71.154608][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[   71.156735][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[   71.351506][ T7262] random: crng reseeded on system resumption
[   71.449899][ T7272] bridge_slave_0: default FDB implementation only supports local addresses
[   71.740676][   T61] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   71.900691][   T61] usb 6-1: Using ep0 maxpacket: 8
[   71.904980][   T61] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   71.908197][   T61] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[   71.912410][   T61] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[   71.916200][   T61] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[   71.919708][   T61] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   71.923952][   T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.928904][   T61] hub 6-1:1.0: bad descriptor, ignoring hub
[   71.931366][   T61] hub 6-1:1.0: probe with driver hub failed with error -5
[   71.934044][   T61] cdc_wdm 6-1:1.0: skipping garbage
[   71.935787][   T61] cdc_wdm 6-1:1.0: skipping garbage
[   71.938275][   T61] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[   71.940356][   T61] cdc_wdm 6-1:1.0: Unknown control protocol
[   72.217586][   T40] kauditd_printk_skb: 47 callbacks suppressed
[   72.217602][   T40] audit: type=1800 audit(1752460342.864:402): pid=7326 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.464" name="/" dev="9p" ino=2 res=0 errno=0
[   72.240782][   T61] usb 6-1: USB disconnect, device number 3
[   72.345076][ T7330] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2573 sclass=netlink_route_socket pid=7330 comm=syz.3.466
[   72.430751][   T40] audit: type=1400 audit(1752460343.084:403): avc:  denied  { accept } for  pid=7340 comm="syz.3.470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   72.524789][   T40] audit: type=1400 audit(1752460343.174:404): avc:  denied  { mount } for  pid=7343 comm="syz.3.471" name="/" dev="autofs" ino=16770 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[   72.533429][   T40] audit: type=1400 audit(1752460343.174:405): avc:  denied  { read write } for  pid=7343 comm="syz.3.471" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   72.543100][   T40] audit: type=1400 audit(1752460343.174:406): avc:  denied  { open } for  pid=7343 comm="syz.3.471" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   72.551404][   T40] audit: type=1400 audit(1752460343.174:407): avc:  denied  { ioctl } for  pid=7343 comm="syz.3.471" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   72.743017][   T40] audit: type=1800 audit(1752460343.394:408): pid=7352 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.473" name="/" dev="9p" ino=2 res=0 errno=0
[   72.868134][   T40] audit: type=1400 audit(1752460343.514:409): avc:  denied  { ioctl } for  pid=7356 comm="syz.2.476" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x227c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   72.877637][   T40] audit: type=1400 audit(1752460343.524:410): avc:  denied  { append } for  pid=7356 comm="syz.2.476" name="loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   72.886085][   T40] audit: type=1400 audit(1752460343.524:411): avc:  denied  { map } for  pid=7356 comm="syz.2.476" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   73.047171][ T7372] usb usb8: usbfs: process 7372 (syz.2.480) did not claim interface 0 before use
[   73.167283][ T7397] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=7397 comm=syz.2.487
[   73.168059][ T7396] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=7396 comm=syz.2.487
[   73.521162][ T5958] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   73.641074][   T61] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[   73.800654][   T61] usb 8-1: Using ep0 maxpacket: 32
[   73.804591][   T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.808762][   T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.813638][   T61] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   73.818053][   T61] usb 8-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[   73.821382][   T61] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.825949][   T61] usb 8-1: config 0 descriptor??
[   74.241582][   T61] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0458:5011.0002/input/input7
[   74.248902][   T61] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0458:5011.0002/input/input8
[   74.258815][   T61] kye 0003:0458:5011.0002: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.3-1/input0
[   75.275201][    C3] kye 0003:0458:5011.0002: usb_submit_urb(ctrl) failed: -1
[   76.043088][   T34] usb 8-1: USB disconnect, device number 9
[   81.393258][  T839] cfg80211: failed to load regulatory.db
[  101.270338][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  101.270353][   T40] audit: type=1400 audit(2000000028.150:423): avc:  denied  { read } for  pid=7481 comm="syz.1.505" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  101.290750][   T40] audit: type=1400 audit(2000000028.160:424): avc:  denied  { open } for  pid=7481 comm="syz.1.505" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  101.298002][   T40] audit: type=1400 audit(2000000028.170:425): avc:  denied  { ioctl } for  pid=7481 comm="syz.1.505" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  101.299907][ T7482] ªªªªªª: renamed from lo (while UP)
[  101.308180][   T40] audit: type=1400 audit(2000000028.170:426): avc:  denied  { set_context_mgr } for  pid=7481 comm="syz.1.505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  101.316453][   T40] audit: type=1400 audit(2000000028.170:427): avc:  denied  { watch } for  pid=7481 comm="syz.1.505" path="/115" dev="tmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  101.326269][   T40] audit: type=1400 audit(2000000028.210:428): avc:  denied  { listen } for  pid=7481 comm="syz.1.505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  101.333036][   T40] audit: type=1400 audit(2000000028.210:429): avc:  denied  { accept } for  pid=7481 comm="syz.1.505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  101.379476][ T7499] netlink: 'syz.2.513': attribute type 10 has an invalid length.
[  101.385456][ T7501] x_tables: duplicate underflow at hook 2
[  101.390914][ T7501] x_tables: duplicate underflow at hook 2
[  101.395613][ T7501] x_tables: duplicate underflow at hook 2
[  101.418172][   T40] audit: type=1800 audit(2000000028.300:430): pid=7507 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.515" name="/" dev="9p" ino=2 res=0 errno=0
[  101.423662][ T7507] netfs: Couldn't get user pages (rc=-14)
[  101.460245][ T7517] netlink: 'syz.2.521': attribute type 5 has an invalid length.
[  101.555712][ T7533] netlink: 'syz.2.526': attribute type 10 has an invalid length.
[  101.596800][   T40] audit: type=1800 audit(2000000028.480:431): pid=7541 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.528" name="/" dev="9p" ino=2 res=0 errno=0
[  101.602480][ T7541] netfs: Couldn't get user pages (rc=-14)
[  101.649662][ T7535] ptrace attach of "/syz-executor exec"[7547] was attempted by "/syz-executor exec"[7535]
[  101.721063][   T40] audit: type=1400 audit(2000000028.610:432): avc:  denied  { read write } for  pid=7554 comm="syz.3.532" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  102.133430][ T7568] netlink: 'syz.3.536': attribute type 10 has an invalid length.
[  102.162458][ T7572] tmpfs: Unknown parameter 'grp
'
[  102.165226][ T7574] netlink: 'syz.2.537': attribute type 9 has an invalid length.
[  102.167982][ T7574] __nla_validate_parse: 4 callbacks suppressed
[  102.167990][ T7574] netlink: 32 bytes leftover after parsing attributes in process `syz.2.537'.
[  102.269681][ T7586] ªªªªªª: renamed from lo (while UP)
[  102.274621][ T7584] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=64875003 (129750006 ns) > initial count (53591314 ns). Using initial count to start timer.
[  103.019385][ T7601] capability: warning: `syz.3.548' uses deprecated v2 capabilities in a way that may be insecure
[  103.470760][ T7620] program syz.2.553 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  103.511858][ T1113] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[  103.514484][ T1113] ata1.00: irq_stat 0x40000000
[  103.516094][ T1113] ata1.00: failed command: ZAC MANAGEMENT OUT
[  103.518361][ T1113] ata1.00: cmd 9f/01:00:00:00:00/00:00:00:00:00/40 tag 10
[  103.518361][ T1113]          res 41/04:00:00:00:00/00:00:00:00:00/40 Emask 0x1 (device error)
[  103.524532][ T1113] ata1.00: status: { DRDY ERR }
[  103.526910][ T1113] ata1.00: error: { ABRT }
[  103.528780][ T1113] ata1.00: device reported invalid CHS sector 0
[  103.587511][ T5959] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  103.715008][ T7646] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  103.717944][ T7646] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  103.724997][ T7646] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  103.727783][ T7646] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  103.731736][ T7646] geneve2: entered promiscuous mode
[  103.734079][ T7646] geneve2: entered allmulticast mode
[  103.779999][ T7650] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.816089][ T7650] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.819182][ T7650] batadv_slave_1 (unregistering): left promiscuous mode
[  103.954366][ T7656] FAT-fs (nullb0): bogus number of reserved sectors
[  103.956612][ T7656] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  103.963212][ T7657] FAT-fs (nullb0): bogus number of reserved sectors
[  103.969811][ T7657] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  104.041645][ T7662] netlink: 'syz.2.569': attribute type 10 has an invalid length.
[  104.104650][ T1113] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  104.106777][ T1113] ata1: failed to read log page 10h (errno=-5)
[  104.108687][ T1113] ata1.00: exception Emask 0x1 SAct 0x80 SErr 0x0 action 0x0
[  104.115429][ T1113] ata1.00: irq_stat 0x40000000
[  104.116978][ T1113] ata1.00: failed command: WRITE FPDMA QUEUED
[  104.118873][ T1113] ata1.00: cmd 61/00:38:0e:ef:0a/01:00:00:00:00/40 tag 7 ncq dma 131072 out
[  104.118873][ T1113]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  104.124206][ T1113] ata1.00: status: { DRDY }
[  104.127643][ T1113] ata1.00: configured for UDMA/100
[  104.129467][ T1113] ata1: EH complete
[  104.226801][ T7673] 9pnet_fd: Insufficient options for proto=fd
[  104.274035][ T7678] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  104.304575][ T7669] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  104.379939][ T7682] netlink: 'syz.1.577': attribute type 10 has an invalid length.
[  104.752687][ T7701] netlink: 'syz.0.583': attribute type 16 has an invalid length.
[  104.755207][ T7701] netlink: 17118 bytes leftover after parsing attributes in process `syz.0.583'.
[  104.782765][ T7704] netlink: 'syz.0.584': attribute type 4 has an invalid length.
[  106.190693][ T7767] xt_time: unknown flags 0xb4
[  106.222757][    T9] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  106.351471][    T9] usb 8-1: device descriptor read/64, error -71
[  106.620992][    T9] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  106.679967][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  106.679982][   T40] audit: type=1400 audit(2000000033.560:451): avc:  denied  { ioctl } for  pid=7785 comm="syz.1.612" path="/dev/input/event1" dev="devtmpfs" ino=942 ioctlcmd=0x4504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  106.765787][    T9] usb 8-1: device descriptor read/64, error -71
[  106.772546][ T7789] bridge0: port 3(veth0_to_bridge) entered blocking state
[  106.775237][ T7789] bridge0: port 3(veth0_to_bridge) entered disabled state
[  106.777946][ T7789] veth0_to_bridge: entered allmulticast mode
[  106.781461][ T7789] veth0_to_bridge: entered promiscuous mode
[  106.783846][ T7789] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  106.788900][ T7789] bridge0: port 3(veth0_to_bridge) entered blocking state
[  106.791705][ T7789] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  106.871510][    T9] usb usb8-port1: attempt power cycle
[  106.966524][ T7805] netlink: 24 bytes leftover after parsing attributes in process `syz.2.619'.
[  106.994591][ T7805] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7805 comm=syz.2.619
[  107.002281][   T40] audit: type=1400 audit(2000000033.890:452): avc:  denied  { read write } for  pid=7804 comm="syz.2.619" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  107.009547][   T40] audit: type=1400 audit(2000000033.890:453): avc:  denied  { open } for  pid=7804 comm="syz.2.619" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  107.053681][   T40] audit: type=1400 audit(2000000033.940:454): avc:  denied  { execute } for  pid=7808 comm="syz.1.621" path="/146/file0/cpu.stat" dev="overlay" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  107.103556][ T7814] @: renamed from vlan0 (while UP)
[  107.108852][ T7814] netlink: 8 bytes leftover after parsing attributes in process `syz.1.623'.
[  107.144196][   T40] audit: type=1400 audit(2000000034.030:455): avc:  denied  { connect } for  pid=7819 comm="syz.1.625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  107.145617][ T7822] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=20 sclass=netlink_audit_socket pid=7822 comm=syz.0.626
[  107.222070][    T9] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  107.248158][ T7836] IPVS: set_ctl: invalid protocol: 1 0.0.0.0:20002
[  107.252251][   T40] audit: type=1400 audit(2000000034.140:456): avc:  denied  { write } for  pid=7834 comm="syz.0.631" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  107.258805][    T9] usb 8-1: device descriptor read/8, error -71
[  107.289415][ T7842] netlink: 88 bytes leftover after parsing attributes in process `syz.0.632'.
[  107.296414][   T40] audit: type=1400 audit(2000000034.180:457): avc:  denied  { nlmsg_read } for  pid=7841 comm="syz.0.632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  107.326105][   T40] audit: type=1400 audit(2000000034.210:458): avc:  denied  { mount } for  pid=7848 comm="syz.0.633" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  107.354685][ T7851] cûÿÿ: renamed from ipvlan0
[  107.438526][   T40] audit: type=1400 audit(2000000034.320:459): avc:  denied  { connect } for  pid=7862 comm="syz.0.639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  107.445863][   T40] audit: type=1400 audit(2000000034.320:460): avc:  denied  { ioctl } for  pid=7862 comm="syz.0.639" path="socket:[19075]" dev="sockfs" ino=19075 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  107.510683][    T9] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  107.525568][ T7867] netlink: 'syz.0.641': attribute type 4 has an invalid length.
[  107.527964][ T7867] netlink: 152 bytes leftover after parsing attributes in process `syz.0.641'.
[  107.531808][    T9] usb 8-1: device descriptor read/8, error -71
[  107.534840][ T7867] wlan1: mtu less than device minimum
[  107.618405][ T7875] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  107.626410][   T29] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[  107.631147][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  107.635228][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  107.639157][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  107.640826][    T9] usb usb8-port1: unable to enumerate USB device
[  107.643072][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  107.648707][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  107.652603][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  107.656434][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  107.660212][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  107.664022][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  107.783106][   T29] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  107.786041][   T29] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  107.790194][   T29] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  107.794203][   T29] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  107.798342][   T29] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  107.800959][   T29] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  107.804264][   T29] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  107.808456][   T29] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  107.814067][   T29] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  107.816972][   T29] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  107.821393][   T29] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  107.824983][   T29] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  107.830689][   T29] usb 6-1: string descriptor 0 read error: -22
[  107.833209][   T29] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  107.835907][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.846634][   T29] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  108.230922][ T6015] usb 6-1: USB disconnect, device number 4
[  108.292326][ T7896] netlink: 'syz.0.649': attribute type 1 has an invalid length.
[  108.863886][ T7938] program syz.1.661 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  108.905926][ T7940] binder: 7939:7940 ioctl 40046205 0 returned -22
[  108.999130][ T7945] netlink: 16 bytes leftover after parsing attributes in process `syz.1.665'.
[  109.541624][  T839] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  109.670631][  T839] usb 6-1: device descriptor read/64, error -71
[  109.910796][  T839] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  110.060621][  T839] usb 6-1: device descriptor read/64, error -71
[  110.170887][  T839] usb usb6-port1: attempt power cycle
[  110.282087][ T7975] sch_tbf: burst 0 is lower than device geneve0 mtu (1464) !
[  110.458083][ T7998] kvm: user requested TSC rate below hardware speed
[  110.464966][ T8000] QAT: Device 7 not found
[  110.466573][ T7999] QAT: Device 7 not found
[  110.482471][ T8000] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  110.487007][ T8000] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  110.492987][ T8000] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  110.493418][ T7999] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  110.499183][ T8000] netlink: 52 bytes leftover after parsing attributes in process `syz.3.681'.
[  110.530863][  T839] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  110.552007][  T839] usb 6-1: device descriptor read/8, error -71
[  110.791791][  T839] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  110.811722][  T839] usb 6-1: device descriptor read/8, error -71
[  110.921345][  T839] usb usb6-port1: unable to enumerate USB device
[  111.321975][ T5309] Bluetooth: Frame is too long (len 10, expected len 4)
[  111.866820][ T8033] overlayfs: failed to clone upperpath
[  111.908354][ T8029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.692'.
[  112.354943][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  112.354955][   T40] audit: type=1400 audit(2000000039.239:477): avc:  denied  { write } for  pid=8043 comm="syz.1.695" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  112.540687][    C3] net_ratelimit: 38525 callbacks suppressed
[  112.540698][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  112.540735][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  112.543033][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  112.546559][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  112.551296][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  112.554806][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  112.559019][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  112.562627][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  112.566860][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  112.570454][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  112.574323][ T8065] netlink: 'syz.3.704': attribute type 39 has an invalid length.
[  112.732211][ T8079] netlink: 8 bytes leftover after parsing attributes in process `syz.0.710'.
[  112.732577][ T8081] netlink: 8 bytes leftover after parsing attributes in process `syz.0.710'.
[  112.769097][ T8083] 9pnet_virtio: no channels available for device syz
[  112.939309][ T8090] overlayfs: unescaped trailing colons in lowerdir mount option.
[  112.956004][   T40] audit: type=1400 audit(2000000039.839:478): avc:  denied  { ioctl } for  pid=8089 comm="syz.3.713" path="socket:[20158]" dev="sockfs" ino=20158 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  113.259477][ T8111] erofs (device sr0): cannot find valid erofs superblock
[  113.320737][ T7787] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  113.470635][ T7787] usb 8-1: Using ep0 maxpacket: 8
[  113.474706][ T7787] usb 8-1: config 0 interface 0 has no altsetting 0
[  113.477011][ T7787] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  113.480148][ T7787] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.491892][ T7787] usb 8-1: config 0 descriptor??
[  113.524253][ T8137] netlink: 180 bytes leftover after parsing attributes in process `syz.0.730'.
[  113.527314][ T8137] netlink: 180 bytes leftover after parsing attributes in process `syz.0.730'.
[  113.594262][ T8139] netlink: 24 bytes leftover after parsing attributes in process `syz.1.731'.
[  113.610633][   T40] audit: type=1400 audit(2000000040.489:479): avc:  denied  { create } for  pid=8141 comm="syz.0.732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  113.617101][   T40] audit: type=1400 audit(2000000040.489:480): avc:  denied  { getopt } for  pid=8141 comm="syz.0.732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  113.651145][ T8139] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8139 comm=syz.1.731
[  113.667958][   T40] audit: type=1400 audit(2000000040.549:481): avc:  denied  { watch } for  pid=8138 comm="syz.1.731" path="/180/cgroup" dev="tmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=lnk_file permissive=1
[  113.683406][ T8146] 8021q: adding VLAN 0 to HW filter on device bond2
[  113.685903][ T8146] netlink: 12 bytes leftover after parsing attributes in process `syz.0.734'.
[  113.835455][ T8154] overlayfs: failed to resolve './file0': -2
[  113.901040][ T7787] mcp2221 0003:04D8:00DD.0003: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  113.951494][    T9] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  114.100212][ T7787] usb 8-1: USB disconnect, device number 14
[  114.112453][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  114.115757][    T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  114.119846][    T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  114.123929][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.331323][    T9] usb 6-1: usb_control_msg returned -32
[  114.333246][    T9] usbtmc 6-1:16.0: can't read capabilities
[  114.349712][    T9] usb 6-1: USB disconnect, device number 9
[  114.517025][   T40] audit: type=1400 audit(2000000041.399:482): avc:  denied  { nlmsg_write } for  pid=8171 comm="syz.2.741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  114.526477][   T40] audit: type=1400 audit(2000000041.399:483): avc:  denied  { audit_write } for  pid=8171 comm="syz.2.741" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  114.533158][   T40] audit: type=1107 audit(2000000041.399:484): pid=8171 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  114.536727][ T8172] devpts: Bad value for 'max'
[  114.566729][   T40] audit: type=1400 audit(2000000041.419:485): avc:  denied  { remount } for  pid=8171 comm="syz.2.741" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  114.597414][   T40] audit: type=1400 audit(2000000041.479:486): avc:  denied  { unmount } for  pid=5951 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  114.633742][ T8174] netlink: 8 bytes leftover after parsing attributes in process `syz.2.742'.
[  114.636787][ T8176] netlink: 172 bytes leftover after parsing attributes in process `syz.3.743'.
[  114.648034][ T8174] can0: slcan on ptm1.
[  114.756180][ T8173] can0 (unregistered): slcan off ptm1.
[  114.802759][ T5309] Bluetooth: hci3: ACL packet for unknown connection handle 3785
[  114.871554][ T8200] netlink: 'syz.1.753': attribute type 29 has an invalid length.
[  114.882391][ T8200] netlink: 'syz.1.753': attribute type 29 has an invalid length.
[  114.899369][ T8200] netlink: 548 bytes leftover after parsing attributes in process `syz.1.753'.
[  114.905806][ T8200] netlink: 20 bytes leftover after parsing attributes in process `syz.1.753'.
[  115.225747][ T8235] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  115.228054][ T8235] overlayfs: failed to set xattr on upper
[  115.229802][ T8235] overlayfs: ...falling back to redirect_dir=nofollow.
[  115.232753][ T8235] overlayfs: ...falling back to index=off.
[  115.234599][ T8235] overlayfs: ...falling back to uuid=null.
[  115.296667][ T8240] team0: Device gtp0 is of different type
[  115.322957][ T8244] nbd: couldn't find a device at index -1605786504
[  115.355107][ T8246] ip6erspan0: entered promiscuous mode
[  115.500696][    T9] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  115.660658][    T9] usb 6-1: Using ep0 maxpacket: 8
[  115.665434][    T9] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  115.667791][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  115.671650][    T9] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  115.675260][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  115.678675][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  115.683291][    T9] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  115.685601][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  115.689083][    T9] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  115.693270][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  115.696567][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  115.700931][    T9] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  115.703251][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  115.706797][    T9] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  115.710403][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  115.714044][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  115.719992][    T9] usb 6-1: string descriptor 0 read error: -22
[  115.722140][    T9] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  115.724930][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.732755][    T9] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  115.944693][    T9] usb 6-1: USB disconnect, device number 10
[  116.416094][ T8269] veth0: entered promiscuous mode
[  116.431335][ T8269] sp0: Synchronizing with TNC
[  116.477378][ T8269] veth3: entered allmulticast mode
[  116.579152][ T8268] veth0: left promiscuous mode
[  116.753343][ T8276] Bluetooth: MGMT ver 1.23
[  116.756089][ T8276] ------------[ cut here ]------------
[  116.758476][ T8276] intf 08:02:11:00:00:00 [link=0]: bad STA 08:02:11:00:00:01 bandwidth 20 MHz (0) > channel config 5 MHz (6)
[  116.765198][ T8276] WARNING: CPU: 2 PID: 8276 at drivers/net/wireless/virtual/mac80211_hwsim.c:2650 mac80211_hwsim_sta_rc_update+0x60b/0x850
[  116.769396][ T8276] Modules linked in:
[  116.771175][ T8276] CPU: 2 UID: 0 PID: 8276 Comm: syz.3.780 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  116.776723][ T8276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.780301][ T8276] RIP: 0010:mac80211_hwsim_sta_rc_update+0x60b/0x850
[  116.783134][ T8276] Code: 8b 44 24 20 89 da 48 c7 c7 e0 71 6b 8c 44 8b 89 a8 01 00 00 41 54 48 8d b0 72 04 00 00 41 55 44 8b 44 24 14 e8 16 ff 70 fa 90 <0f> 0b 90 90 58 5a e9 36 fc ff ff e8 75 01 b2 fa e8 c0 60 7e 04 31
[  116.789746][ T8276] RSP: 0018:ffffc90003a171a8 EFLAGS: 00010282
[  116.792168][ T8276] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc900079c3000
[  116.795253][ T8276] RDX: 0000000000080000 RSI: ffffffff817af1b5 RDI: 0000000000000001
[  116.798339][ T8276] RBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000
[  116.801520][ T8276] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000006
[  116.804630][ T8276] R13: 0000000000000005 R14: ffff88802311d020 R15: ffff888025a530a0
[  116.807730][ T8276] FS:  00007f43343c56c0(0000) GS:ffff8880d6913000(0000) knlGS:0000000000000000
[  116.811276][ T8276] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  116.813852][ T8276] CR2: 00007f43335746c0 CR3: 00000000660c5000 CR4: 0000000000352ef0
[  116.816958][ T8276] Call Trace:
[  116.818290][ T8276]  <TASK>
[  116.819487][ T8276]  mac80211_hwsim_sta_add+0xc9/0x2c0
[  116.821639][ T8276]  ? __pfx_mac80211_hwsim_sta_add+0x10/0x10
[  116.823980][ T8276]  drv_sta_state+0xa05/0x1940
[  116.825839][ T8276]  sta_info_insert_rcu+0xc8d/0x1b70
[  116.827900][ T8276]  sta_info_insert+0x16/0xd0
[  116.829719][ T8276]  ieee80211_add_station+0x46d/0x6c0
[  116.831919][ T8276]  nl80211_new_station+0x14cc/0x1c50
[  116.833999][ T8276]  ? __pfx_nl80211_new_station+0x10/0x10
[  116.836236][ T8276]  ? nl80211_pre_doit+0x1b0/0xb10
[  116.838229][ T8276]  genl_family_rcv_msg_doit+0x209/0x2f0
[  116.840412][ T8276]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  116.842968][ T8276]  ? bpf_lsm_capable+0x9/0x10
[  116.844838][ T8276]  ? security_capable+0x7e/0x260
[  116.846808][ T8276]  ? ns_capable+0xd7/0x110
[  116.848595][ T8276]  genl_rcv_msg+0x55c/0x800
[  116.850430][ T8276]  ? __pfx_genl_rcv_msg+0x10/0x10
[  116.852488][ T8276]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  116.854638][ T8276]  ? __pfx_nl80211_new_station+0x10/0x10
[  116.856837][ T8276]  ? __pfx_nl80211_post_doit+0x10/0x10
[  116.858977][ T8276]  netlink_rcv_skb+0x158/0x420
[  116.860618][ T8276]  ? __pfx_genl_rcv_msg+0x10/0x10
[  116.862209][ T8276]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  116.863869][ T8276]  ? netlink_deliver_tap+0x1ae/0xd30
[  116.865541][ T8276]  genl_rcv+0x28/0x40
[  116.866827][ T8276]  netlink_unicast+0x58a/0x850
[  116.868336][ T8276]  ? __pfx_netlink_unicast+0x10/0x10
[  116.870012][ T8276]  netlink_sendmsg+0x8d1/0xdd0
[  116.871572][ T8276]  ? __pfx_netlink_sendmsg+0x10/0x10
[  116.873229][ T8276]  ____sys_sendmsg+0xa95/0xc70
[  116.874740][ T8276]  ? copy_msghdr_from_user+0x10a/0x160
[  116.876455][ T8276]  ? __pfx_____sys_sendmsg+0x10/0x10
[  116.878353][ T8276]  ? __pfx_futex_wake_mark+0x10/0x10
[  116.880073][ T8276]  ___sys_sendmsg+0x134/0x1d0
[  116.881841][ T8276]  ? __pfx____sys_sendmsg+0x10/0x10
[  116.883486][ T8276]  ? __lock_acquire+0x622/0x1c90
[  116.885055][ T8276]  __sys_sendmsg+0x16d/0x220
[  116.886533][ T8276]  ? __pfx___sys_sendmsg+0x10/0x10
[  116.888147][ T8276]  ? __x64_sys_futex+0x1e0/0x4c0
[  116.889721][ T8276]  do_syscall_64+0xcd/0x4c0
[  116.891235][ T8276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.893083][ T8276] RIP: 0033:0x7f433358e929
[  116.894532][ T8276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.900442][ T8276] RSP: 002b:00007f43343c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  116.903111][ T8276] RAX: ffffffffffffffda RBX: 00007f43337b5fa0 RCX: 00007f433358e929
[  116.905572][ T8276] RDX: 0000000000008050 RSI: 0000200000007380 RDI: 0000000000000007
[  116.908036][ T8276] RBP: 00007f4333610b39 R08: 0000000000000000 R09: 0000000000000000
[  116.910525][ T8276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  116.913045][ T8276] R13: 0000000000000000 R14: 00007f43337b5fa0 R15: 00007ffe899329d8
[  116.915514][ T8276]  </TASK>
[  116.916505][ T8276] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  116.918762][ T8276] CPU: 2 UID: 0 PID: 8276 Comm: syz.3.780 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) 
[  116.922411][ T8276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.925695][ T8276] Call Trace:
[  116.926763][ T8276]  <TASK>
[  116.927709][ T8276]  dump_stack_lvl+0x3d/0x1f0
[  116.929169][ T8276]  panic+0x71c/0x800
[  116.930432][ T8276]  ? __pfx_panic+0x10/0x10
[  116.931835][ T8276]  ? show_trace_log_lvl+0x29b/0x3e0
[  116.933464][ T8276]  ? mac80211_hwsim_sta_rc_update+0x60b/0x850
[  116.935365][ T8276]  check_panic_on_warn+0xab/0xb0
[  116.936914][ T8276]  __warn+0xf6/0x3c0
[  116.938161][ T8276]  ? mac80211_hwsim_sta_rc_update+0x60b/0x850
[  116.940078][ T8276]  report_bug+0x3c3/0x580
[  116.941444][ T8276]  ? mac80211_hwsim_sta_rc_update+0x60b/0x850
[  116.943342][ T8276]  handle_bug+0x184/0x210
[  116.944701][ T8276]  exc_invalid_op+0x17/0x50
[  116.946138][ T8276]  asm_exc_invalid_op+0x1a/0x20
[  116.947666][ T8276] RIP: 0010:mac80211_hwsim_sta_rc_update+0x60b/0x850
[  116.949732][ T8276] Code: 8b 44 24 20 89 da 48 c7 c7 e0 71 6b 8c 44 8b 89 a8 01 00 00 41 54 48 8d b0 72 04 00 00 41 55 44 8b 44 24 14 e8 16 ff 70 fa 90 <0f> 0b 90 90 58 5a e9 36 fc ff ff e8 75 01 b2 fa e8 c0 60 7e 04 31
[  116.955633][ T8276] RSP: 0018:ffffc90003a171a8 EFLAGS: 00010282
[  116.957516][ T8276] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc900079c3000
[  116.959979][ T8276] RDX: 0000000000080000 RSI: ffffffff817af1b5 RDI: 0000000000000001
[  116.962429][ T8276] RBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000
[  116.964875][ T8276] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000006
[  116.967321][ T8276] R13: 0000000000000005 R14: ffff88802311d020 R15: ffff888025a530a0
[  116.969759][ T8276]  ? __warn_printk+0x1a5/0x350
[  116.971272][ T8276]  ? mac80211_hwsim_sta_rc_update+0x60a/0x850
[  116.973171][ T8276]  mac80211_hwsim_sta_add+0xc9/0x2c0
[  116.974828][ T8276]  ? __pfx_mac80211_hwsim_sta_add+0x10/0x10
[  116.976665][ T8276]  drv_sta_state+0xa05/0x1940
[  116.978149][ T8276]  sta_info_insert_rcu+0xc8d/0x1b70
[  116.979801][ T8276]  sta_info_insert+0x16/0xd0
[  116.981254][ T8276]  ieee80211_add_station+0x46d/0x6c0
[  116.982912][ T8276]  nl80211_new_station+0x14cc/0x1c50
[  116.984567][ T8276]  ? __pfx_nl80211_new_station+0x10/0x10
[  116.986332][ T8276]  ? nl80211_pre_doit+0x1b0/0xb10
[  116.987911][ T8276]  genl_family_rcv_msg_doit+0x209/0x2f0
[  116.989685][ T8276]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  116.991680][ T8276]  ? bpf_lsm_capable+0x9/0x10
[  116.993253][ T8276]  ? security_capable+0x7e/0x260
[  116.994869][ T8276]  ? ns_capable+0xd7/0x110
[  116.996285][ T8276]  genl_rcv_msg+0x55c/0x800
[  116.997728][ T8276]  ? __pfx_genl_rcv_msg+0x10/0x10
[  116.999358][ T8276]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  117.001083][ T8276]  ? __pfx_nl80211_new_station+0x10/0x10
[  117.002855][ T8276]  ? __pfx_nl80211_post_doit+0x10/0x10
[  117.004572][ T8276]  netlink_rcv_skb+0x158/0x420
[  117.006090][ T8276]  ? __pfx_genl_rcv_msg+0x10/0x10
[  117.007678][ T8276]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  117.009338][ T8276]  ? netlink_deliver_tap+0x1ae/0xd30
[  117.011022][ T8276]  genl_rcv+0x28/0x40
[  117.012296][ T8276]  netlink_unicast+0x58a/0x850
[  117.013810][ T8276]  ? __pfx_netlink_unicast+0x10/0x10
[  117.015483][ T8276]  netlink_sendmsg+0x8d1/0xdd0
[  117.016987][ T8276]  ? __pfx_netlink_sendmsg+0x10/0x10
[  117.018655][ T8276]  ____sys_sendmsg+0xa95/0xc70
[  117.020182][ T8276]  ? copy_msghdr_from_user+0x10a/0x160
[  117.021892][ T8276]  ? __pfx_____sys_sendmsg+0x10/0x10
[  117.023563][ T8276]  ? __pfx_futex_wake_mark+0x10/0x10
[  117.025215][ T8276]  ___sys_sendmsg+0x134/0x1d0
[  117.026710][ T8276]  ? __pfx____sys_sendmsg+0x10/0x10
[  117.028343][ T8276]  ? __lock_acquire+0x622/0x1c90
[  117.029936][ T8276]  __sys_sendmsg+0x16d/0x220
[  117.031346][ T8276]  ? __pfx___sys_sendmsg+0x10/0x10
[  117.032943][ T8276]  ? __x64_sys_futex+0x1e0/0x4c0
[  117.034520][ T8276]  do_syscall_64+0xcd/0x4c0
[  117.035922][ T8276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.037718][ T8276] RIP: 0033:0x7f433358e929
[  117.039275][ T8276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.045347][ T8276] RSP: 002b:00007f43343c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  117.047940][ T8276] RAX: ffffffffffffffda RBX: 00007f43337b5fa0 RCX: 00007f433358e929
[  117.050391][ T8276] RDX: 0000000000008050 RSI: 0000200000007380 RDI: 0000000000000007
[  117.052830][ T8276] RBP: 00007f4333610b39 R08: 0000000000000000 R09: 0000000000000000
[  117.055273][ T8276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  117.057715][ T8276] R13: 0000000000000000 R14: 00007f43337b5fa0 R15: 00007ffe899329d8
[  117.060193][ T8276]  </TASK>
[  117.061741][ T8276] Kernel Offset: disabled
[  117.063116][ T8276] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:33:07  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000165ae7 RBX=0000000000000000 RCX=ffffffff8b885c99 RDX=0000000000000000
RSI=ffffffff8de32e3f RDI=ffffffff8c158f60 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed100d486645 R10=ffff88806a43322b R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a98750 R15=0000000000000000
RIP=ffffffff8b8847ff RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6713000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000007380 CR3=000000003724e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd132b0660 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9278211b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9278211b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9278211b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9278211b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9278211bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9278211c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e776f6e6b6e7500 6f6c6c3332302500 657a697320740004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b524a4b4e4b5000 4a49491617150000 405f4c560551464a 5751560541444700
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 574e24e5074ee700 0000000000001d42 75e4251d7d333ca4 276fdc6a6aeefe2d
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5287567a7e328a79 b2a312e0f4536705 f8ce7b53e6895549 c1d0aa60e1bd1545
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 58089d4380a50063 6898b1e9a5d7c271 4089448e43c2af5b b68c0457574e24e5
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 074ee70000000000 00001d4275e4251d 7d333ca4276fdc6a 6aeefe2d1a25b596
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47c7a167f3f6efdb c66a91e81d44163b 0b01e2d9581184a7 5c9106aa98f25772
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffffff93d25120 RCX=ffffffff895a5bfc RDX=ffff88801e6dc880
RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc90000677780
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000002c00
R12=00000000ffffffff R13=0000000000000000 R14=ffff88806a538120 R15=ffff888100af88c0
RIP=ffffffff895a5bfe RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6813000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f527d336e98 CR3=00000000336ca000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0302000000030000 0008000400080010 00080000000c0200 0000000000080008
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0014010000000000 000800080007000c 00080000000c0000 0354000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0302000000200000 0003000000100008 0000000000000004 000c001a00100000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 014c000001640000 017c000001900000 01a4000001bc0000 01d4000001e80000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0200000002180000 0230000002480000 0260000002780000 028c000002ac0000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02d00000001e0000 0000000000000000 0099000000000262 5a00000000140000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 001c0000000e0014 000c000000080004 001c000e00000000 0000000000000000
ZMM24=b67f28c2b67f28c2 b67f28c2b67f28c2 b67f28c2b67f28c2 b67f28c2b67f28c2 b67f28c2b67f28c2 b67f28c2b67f28c2 b67f28c2b67f28c2 b67f28c2b67f28c2
ZMM25=d463be47d463be47 d463be47d463be47 d463be47d463be47 d463be47d463be47 d463be47d463be47 d463be47d463be47 d463be47d463be47 d463be47d463be47
ZMM26=050081ce050081ce 050081ce050081ce 050081ce050081ce 050081ce050081ce 050081ce050081ce 050081ce050081ce 050081ce050081ce 050081ce050081ce
ZMM27=23e64b9623e64b96 23e64b9623e64b96 23e64b9623e64b96 23e64b9623e64b96 23e64b9623e64b96 23e64b9623e64b96 23e64b9623e64b96 23e64b9623e64b96
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=a7060000a7060000 a7060000a7060000 a7060000a7060000 a7060000a7060000 a7060000a7060000 a7060000a7060000 a7060000a7060000 a7060000a7060000
info registers vcpu 2

CPU#2
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855bced5 RDI=ffffffff9b0c72a0 RBP=ffffffff9b0c7260 RSP=ffffc90003a16b10
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000031 R14=ffffffff9b0c7260 R15=ffffffff855bce70
RIP=ffffffff855bceff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f43343c56c0 ffffffff 00c00000
GS =0000 ffff8880d6913000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f43335746c0 CR3=00000000660c5000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe89932d60 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffffffff8e5c4e00 RCX=0000000000000002 RDX=0000000000000000
RSI=ffffffff8a37e89b RDI=ffffffff8e5c4e00 RBP=0000000000000002 RSP=ffffc900006cf500
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=ffff88805af13af8
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8222a260 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6a13000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000000280 CR3=000000000e382000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333611c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000000000200 0100000000000200 0100080000000000 0503006900000015
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000010000 0000000200010000 0000000200010008 0000000000050300
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43342ed100 00007f4333785440 00007f4333780004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4333785498 00007f4333785490 00007f4333785488 00007f4333785480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000048
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000