last executing test programs:

6m6.623073365s ago: executing program 1 (id=2002):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x1fffffd)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x5008, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000380)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)

6m6.083017914s ago: executing program 1 (id=2003):
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x418000)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x28bd, 0x905, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}}}]}}]}}, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xb6, 0x28, 0xa3, 0x40, 0x4fa, 0x2490, 0xf853, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe3, 0xfd, 0xe2}}]}}]}}, 0x0)

6m3.902742167s ago: executing program 1 (id=2016):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000480), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
open(&(0x7f0000000440)='./file1\x00', 0x0, 0x77)
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000500)='./file0\x00')
close_range(r0, 0xffffffffffffffff, 0x0)

6m3.902340786s ago: executing program 1 (id=2018):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r0, &(0x7f0000000400)={'#! ', './file0'}, 0xb)
fcntl$lock(r0, 0x25, &(0x7f0000000080)={0x1, 0x0, 0x4, 0x3})
write$binfmt_format(r0, &(0x7f0000000200)='0\x00', 0x2)
pwritev2(r0, &(0x7f0000000980)=[{&(0x7f0000000000)="e9", 0x1}], 0x1, 0x10007, 0x9, 0x10)

6m3.82279244s ago: executing program 1 (id=2019):
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xfffffffffffffe9f}}]}}, 0x0)
syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100002439da20cd061201a2d20102030109021b0001000000000904000001717ffe000905a1"], 0x0)
syz_usb_connect(0x0, 0xdd, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xc4, 0xb8, 0x68, 0x8, 0x2357, 0x109, 0xbdda, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0xf1, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0xff, 0xff, 0xff}}]}}]}}, 0x0)
syz_usb_connect(0x0, 0x6d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003cda2a200a111022"], 0x0)
syz_usb_ep_write(0xffffffffffffffff, 0x81, 0x1, &(0x7f00000000c0)="cc")
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000400)={0x34, &(0x7f0000000180)={0x0, 0x8, 0x1, "b6"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)

5m59.203405272s ago: executing program 1 (id=2029):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_FREE(r5, 0x3305)
r6 = socket(0x11, 0x3, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x9, &(0x7f0000000280)=0x4, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000000)
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x27, 0x0, 0x1001a}}, 0x50)

5m44.032568009s ago: executing program 32 (id=2029):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_FREE(r5, 0x3305)
r6 = socket(0x11, 0x3, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x9, &(0x7f0000000280)=0x4, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000000)
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x27, 0x0, 0x1001a}}, 0x50)

2m35.757392374s ago: executing program 0 (id=2949):
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r4, 0x400442c8, &(0x7f0000000200)=ANY=[@ANYRES32=r3, @ANYBLOB="050000000500e608016810609ca260c3b85bf3cd272ae2f7cc7edbde599287b4de6528ebc0a96a6b8d3ed358e6c47ecea09762cfe30b62a46ae175c3fa05c0c534b2c0b957c5ffd4e4781ed960814868a2013d0b4cf04f9bc58e45fa53e4d7e32841a92f8f004272c2ee401dc5b0b2feb5eed674ad2c93e064833f6728ce0520f8c75fd7162826c4fea38c5413a5"])
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000070000001c0001800600010002000000080003"], 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
socket$alg(0x26, 0x5, 0x0)
socket(0x840000000002, 0x3, 0xfa)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
close(0x3)
close(0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x30, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB="24000000190001000000000000c3b2000a0000000003c8000000000008000600ffffffff"], 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
ioctl$CDROMREADTOCENTRY(0xffffffffffffffff, 0x5306, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r7, &(0x7f0000000040), 0x8)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x94)
fcntl$notify(r1, 0x402, 0xa)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000480)=ANY=[@ANYBLOB="0300000000000000e40a000000000000ab0c000000000000ab080000000000000900000000000000340b00000000000026050000000000007bb5b149a8eca7c0b405ae3d380f0a9bbbd050016a826ab9b080ca9073f37f386f2c542a55d6bccc7abcc30b704cdf20ac500908268367"])
memfd_create(&(0x7f0000000100)='mptcp_pm\x00', 0x6)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

2m35.652433908s ago: executing program 0 (id=2951):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x58, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x28, 0x2, [@TCA_BASIC_EMATCHES={0x24, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x3666, 0x7, 0x10}, {{0x3, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)

2m34.658253183s ago: executing program 0 (id=2952):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x58, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x28, 0x2, [@TCA_BASIC_EMATCHES={0x24, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x3666, 0x7, 0x10}, {{0x3, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20041090}, 0x0) (fail_nth: 2)

2m34.52293588s ago: executing program 0 (id=2954):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, &(0x7f0000000080)=ANY=[@ANYBLOB="71750cbc493c00000000756f74615f696e917b9a6f6a655f68613e0f00006d69743d"])
chdir(&(0x7f0000000240)='./file0\x00')
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
unlink(&(0x7f0000000140)='./file1\x00')
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@delqdisc={0xc4, 0x25, 0x200, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x1, 0x1}, {0xffff, 0x3}, {0xb, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x84, 0x2}}, @TCA_STAB={0x7c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0xc1, 0x1, 0x200, 0x0, 0x103, 0x5, 0x1}}, {0x6, 0x2, [0x1]}}, {{0x1c, 0x1, {0x80, 0xc, 0x0, 0x34, 0x2, 0x8, 0x0, 0x1}}, {0x6, 0x2, [0x4]}}, {{0x1c, 0x1, {0x9d, 0x3, 0xfffd, 0x2, 0x2, 0x35, 0xe, 0x8}}, {0x14, 0x2, [0x5, 0x3, 0x4, 0x2, 0x7, 0x5, 0x3, 0x7]}}]}, @qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x5, 0x7, 0x2}}}}]}, 0xc4}}, 0x0)
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r4=>0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)
unshare(0x26020400)
r5 = pidfd_getfd(r4, r4, 0x0)
setns(r5, 0x2020000)
unlinkat(r0, &(0x7f0000000180)='./file1\x00', 0x200)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x58, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x28, 0x2, [@TCA_BASIC_EMATCHES={0x24, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x3666, 0x7, 0x10}, {{0x3, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000080)='veth0_to_team\x00')

2m34.462898775s ago: executing program 0 (id=2957):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000040)={0x1c, &(0x7f0000000000)={0x0, 0xd}, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x5b03, 0x0) (fail_nth: 1)

2m34.122116581s ago: executing program 0 (id=2958):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, 0x0, 0x0)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000380)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd8b4876ce425106cecf403fbc9c91ff3f13942c4ba3d0244577dc", 0x30}], 0x1)

2m34.091327003s ago: executing program 33 (id=2958):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, 0x0, 0x0)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000380)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd8b4876ce425106cecf403fbc9c91ff3f13942c4ba3d0244577dc", 0x30}], 0x1)

1m25.856105332s ago: executing program 3 (id=3407):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x20, &(0x7f0000001ac0)={&(0x7f0000000000)={0x1c, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x5, 0xb, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x480cd}, 0x20000000)

1m25.855609328s ago: executing program 3 (id=3408):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000240)=0x4)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0x6, [@struct={0x5, 0x1, 0x0, 0x4, 0x0, 0x7, [{0x8, 0x3, 0x100}]}, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{0x4, 0x1}, {0x3, 0x1}, {0x2, 0x3}, {0xf, 0x2}, {0x6, 0x5}]}, @var={0x1, 0x0, 0x0, 0xe, 0x2}, @var={0x6, 0x0, 0x0, 0xe, 0x5, 0x1}, @fwd={0x1}]}, {0x0, [0x30, 0x30, 0x61, 0x5f]}}, &(0x7f0000000340)=""/222, 0x96, 0xde, 0x0, 0x7fffffff, 0x10000}, 0x28)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)='%pS    \x00'}, 0x20)
r5 = openat$sr(0xffffffffffffff9c, &(0x7f00000005c0), 0x4100, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r6=>0xffffffffffffffff, {<r7=>0xffffffffffffffff}}, './file0\x00'})
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000640)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x56, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x1}, 0x50)
r9 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000006c0), 0x20040, 0x0)
r10 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000700), 0x502, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x23, &(0x7f0000000080)=@raw=[@map_fd={0x18, 0x2, 0x1, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xd732}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_fd={0x18, 0x9, 0x1, 0x0, r0}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}, @map_fd={0x18, 0x4, 0x1, 0x0, r1}], &(0x7f00000001c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000, 0x78, '\x00', r2, 0x0, r3, 0x8, &(0x7f0000000480)={0x4, 0x5}, 0x8, 0x10, &(0x7f00000004c0)={0x1, 0xc, 0x0, 0x1}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000740)=[r4, r5, r7, 0x1, 0x1, r8, r9, r10], &(0x7f0000000780)=[{0x0, 0x5, 0x3}, {0x0, 0x5, 0xd}]}, 0x94)
ioctl$SCSI_IOCTL_DOORLOCK(r5, 0x5380)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r9, 0xc0189372, 0xfffffffffffffffc)
r11 = syz_init_net_socket$ax25(0x3, 0x2, 0xcd)
accept$ax25(r11, &(0x7f0000000880)={{0x3, @netrom}, [@default, @default, @null, @rose, @netrom, @remote, @remote, @bcast]}, &(0x7f0000000900)=0x48)
ioctl$KVM_CAP_HYPERV_SYNIC2(r10, 0x4068aea3, &(0x7f0000000940))
fsmount(r10, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0x8040ae9f, &(0x7f00000009c0)=@arm64)
connect$llc(r5, &(0x7f0000000a00)={0x1a, 0x313, 0xc4, 0x7, 0x9, 0x7e}, 0x10)
r12 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000a40), 0x0, 0x0)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000001c40)={&(0x7f0000000a80), &(0x7f0000000ac0)=""/111, &(0x7f0000000b40)="128ffffbd4765d6b93b15a30e42224afc594cd317a2a36ebcc9ab6de2430c5dd0e0f9552ca3dc8754849a2514dd7ecf49b8b4b9efbd444ae0698ef656a4e9752393c0a70d2038e17e71004b35f3bba03c82849932896bd3284f580440cb217a5864dde42e4bc1baade42226de01efb9191e2244453fd9e53f22975488e0767f33c5c2dc57b7753dbc12f20ef7acdd073234659481d1645042e58971f30a9df8de2356b1b38a0517220b2b5a9b52255dd18491709036531948fc394c728ed1c732dcaf3", &(0x7f0000000c40)="6d12b975a829153f10731b47fbce64b1e4518f7df0afb23ed4a7a9bd6c9862f7d9b4c1e1cfb7e4f7b794cb60f1e1f34d2bab2a9e059e538c20b6a2e1116a106b391673e371b78655fdded36ac2feabad784393bbda272ff52592d7763d49fb61adf058e6d07a3b56d6a47f86e70d0a2cedb167a356b8be8ca6ce2274594b7a540e1003e40f672aff41a15f45723538b9e0225318922850ad9044818e8d57b1f1ce5cd72b4818dd9a1175ea5304bdab9deeb8f96885f99bc9775cdd6021aabe96995fe0687771f0091ca5a47d3358bee465cb2395fae8ee1c04ee6c96efa73ed609ef329235255dd51ce12d7169217fa4e98e8acf4eae369353033e8c2430342b732824021491d3f42e6fa743a3cacbc774a6ccbca0f7c49f296a518aada4bc6d4d226d02df6eb0e2a8606c578d09b80fbee856195606e6f106279653db8b9f7bdd00b77c5596fed0518b4c8fc944f307ef8f77ad0f9822e38a6a5a9e6b7dd5c2208540bf05a97edbba22d7e9d04ec79962eddf54fc74bf2e62527bc1256f18013948ba6d65b7524899c573f97cf4eda36355110d127f116ac254305f4147ab962573d4ae48764b745c55d84ec00882e8dd9bf68e0a6d48a2771f8480a6cffa731236029cb9d2d188be12e828fe1c7e0244a0f7d0cde1c0885b56e2afed065b4cfc4ddb27485923a820cd16b62a183efc088ee4b2d642d7757ba22f0bb34ede9a4ec7d1ac3d2ecc3125e5e563d1772dd27e6652994aa2983be76accd5091f421ea236d6ecab1ac495124cb1aad2cbbb01717c7b04210f17906f8b96d872c5aa0981de9b0cc30c283bcf1f71ad5ddef1d0106dc34b437d841b437e563fc1bd816019a9041fd624d73357a6b2566dcf2fba13b002306fb7e8528264df44813346a14d24ceae0ce06c77c22eb26da318bd44ad64e7c00bb94472fe3ca684648d6027b9d63982c598d50e4996bef25decf524d9b82eaed6776c700733cc1697bb6930d83681c70945c31f46f7a66c8db1fbe82479d95954785e7856e187427478718c1348850738f7e10229bb9c55e426bf3c6f50666d509906b4eda15ba40edb0a0d58e0b92ccab3dde8ea66f633c95febcc53482f56a6d8f8448e0245070d8f0ec7315fcec90a3babb5e08ce8ff2dc703a8e9c6cbd0d49a37c8847fe3a05211a1c4f0a30eb0297ee434729cfc00f9f26a93980caeeabbf99f7c3e0dac95de920a65f93570d7dd1772b28aebc2f9098c85f606e565a4169bc3019da8315ffb293c7cdc80b2e29f1f9990b3efbb6d4d3a43048aa43d25b5f2d2739f59818ef942949b4464e03c570a8a95fe4acb70c957944fb63083481ae77c6079a334297033ae15a91a78345754522693df1d9c655f54cc1db78a7d3bc8732571c2b9cbdca6b23531dfe73f10a6c0f83dcada0336621bd4e2245597864962a4565a1add9c8fbce5b043feaee49b0e630ac6f01cad90c3e7a84e6ec499135655086fe69d03c3d2fe0255e4e9287760b757762b43248c925268292f9cabcac4070cc23bd6068914fff5c5ed142af84357959b350db8900da952d455e4f201f460d7a1a8b04ed78cb95b69b9eb18882bc56124717d0c0c6589cb4bceba7a7652591d56c0cb184bab282cdcd211bfdb30d64e4f53032ab62aaef95785d4f1b6b0081b49c72e33f844c5e325b00131de2da1921006df6dea13a40908b024badc25ce14548a8d2e4ab8adf9ba505a6df21ad3062bf9a2f99feec2c6ab4be7eb3fa7d58a72239fd0ab00a2f0ec66965ea740365324305ce399ea5f9918a0f3f85419bf34e44e3e909789d5aa1ba71a2f5c58ac3a154d78c991b3969ddef1d426500c1597d6dd88d817c19b1e2a1577095d329d4caedb744efeacf777dcae386187efb798deb89fbc9519a69bee3067948dcceec3a8171ffcc6c583505c323ead31ad30f9f14044e9c29d668a0c012098d0e9dec6ced5710f39a3df018bbf5fc311ccb9c7a62c7e0d1bd397e89a15d9f6262b32e60656ee931cf394eef7ada6abf6a3b55631efa515cb7a1b520708af53d6eb22a51849c0209d8bdcd1910f6bfbd15a6caf3fa5e571774f0cd979e08d3b2c8eb0b9d74e9319b340bf935f5f67f531f3b87b378af4cb361cca42788dea0784d05ac445e071da13af8a462e111b88301adf8fd5b2299e77352fc47a55f7fe82ea18090055189625e73f052e63c202abbcd14f6f3fbdac78a75db01513482979769ff4b57342e72de3de53a9a851407d82a3600579b81a0034ded75f1bbfdf217f2d8173e1ef01d86afbcbf085b7b1f6312348de86b4afb9ab75c64e0a16d9bb95b8f7e90dedd5adaa46b4f8d09b33ee25f14dac6bd835e237a635e574e7d624c8232ff3ea510b9f6e3cc01837c1a4bb2d37f521dc5d77a71ce95adc0cd79fee4e39508c3fa8362375cdefa8ecfbb04736c3c34dc89798ac56e6468a7c28f32696bc9120bcb2f1d6001b58a8345a038e86ac067aa367dfc4db6d9b65701f4226074107ce3bb5abf6e41522c74c7fa1b78deca48b73136a1ed892b0f62f43fab6d2adef96b51f14b21c3e37749f10d42350ff6d948d83624ed2e0fa5688d0b41d7ec3fd4911385d9a3a6d09fbfdfe88d04e0012185543ede8cfd4cab93f06f880b3d6c890625d520460cef677531313f8e0b411d0b272868aad1516720bb51409a26b3895564f45634f4954b8233067e6d12c8ed471e6049649c870ca70daf8658c719f2920b9d7e1daaf82e31dd56fc6db6101e893a7e72446092af180cb4e71aaf1e00d41d9233d2a6c458d1ab9094d1f482b90d0296bd389ffdaf1c884cb9925fc9198bfd8d13c8c577105ea4039c0e05d62be9ec9cdc46de9b66d812b802fc16cb25d693683d359ca64490c1c16e6db5e73f77350812611361d2a779f558cd93204ee4c94b0f5faa923c0622a14552381ec947b279764bef6b71702db3c63d40ad6bb27a737a30e663f59bd7e02a7d5fafa873edd6e79657de597e60482582b1246f28a2f569d731502dcd5c837136042ac7bba01d4873325484c6f5196fe10eab467e849976dcab34379340d60d0dbf2db785303c8edc0005e67014ca9dd86c5e202165913e7749c71181cb0577b09ec7719e13bba0cbfb10f9da3fcf6eff35dd4e3d7947f511f11fab0a932c27f94f3cf66c1f192ceb3f1ba50a4f4759e051631397da5d6161a3ef8ab8cfc73f08b72a9fc71f4ba09e2c13ce6edc06402e310514d0faa693b012e02ed2e25e6ae67b68e8fbae1de9fbcb4a67021ac0a64202ceab3a0a973f6f301de0a2527e68c4f9c80cd86e54007dc4034a0e85651aa11b5a1a9466cfe977f179eeb710669c30fda857a22076b1310aacbb078ffa50ae9ddc8353de9d4538f8844321687bb1045cf9eba06f44d2f2f240c321fd07f09c150d8619aceb3f1c56b9ae75c4375e7fd7d7e42ea4b976a4dc409cc4ae92adf94d83cecb0b09d025acafc5c65891cf8de98de37450342e2bb3f56b11f15310a51d27cd97633401bdab62863b0b6f5d7a3052e86565d1f2d6635840665bd3b65ebcd8926b60754e21707a9de810bda46cb93eaa31f813b1fdf8a0869858462ff622b9ccab649d694b864a55abb5c874063e5f8e4f5f6ceaf442c1f82b97d9690a047c4d068dd1e090c0241c12a2af92aac4bbcbadc0c7dfcf6cdf2a78ff0c10c88e13540a55721cd5f4e461ee0221631087473407214316b8036852016f2362a30c238eeb0a6dac5dd75f3d7cc8ee580685dd53c86be0fe68aadb2bbd26c14944349bdeb4eb7ea48d953e46f5d3325a38bade55488313372e77d829cc299a649f2d439a6e922efa5d08d1dc64b4c9100d98e607aca1f2a037f4061e260e8e2470b248b69669ca0b5f8be1b2b7a5628924dfe4d37db4bbb7440220298b447b505c2586c17cfeecbe9e0a9afb914c68e1757c645dc297ef515e3766faa2a2be8610cad9501fd3269afbc51a2251adcff6becda457d0570559646c8014857b24b7a9e38c9cf797547edc13fdcc8b47bfc2b836fae86c1fbacd1fac653e5b69fc9fe40de853a5fb222973aef787ea302e14c7f32dda7346060038e9c3434df4525fa4259c282eadc4f329a8324b446fda19de1bf52f2d08e46977984e61483d7f306ac521176e6fab503e769b7d8e3b9f86431c41743d08ebec6890df4cdc5aede37582c572cc086c9b3898669f4a32c5db624774e5cad5535ff509c3d96c6f0567bdea2c49d649e73b98bc473776a1bf92717aade925eb4cbd0da04f03afcfa60eae22660e8058e3c80dfda0a5fdc2a2eb283409b5762675819adea76faa23fa622ef93b3f68cc6804fdfe0d2d5344723c6f9eae4db053f1525ee1202c13a4be6513e68b4bbb1468c2f4c6f2bb2ff4c8aef80ccbf1f2d98a2ad2346454186f0e0e8f80c95648e16dec4d9a4a4d4f090e594922b82a4bc9bd202224358fe03050243781bfc94f00bf5196734f6ef90668689e03a3eb779b88c945fba05dd31dd8e41e5a68fbad0ee98529aba45103f7c01a051690ded8263f7abd1da1046c9a4c581456704bc9bf25c1e15cf2cd5f0dce0e6abcc6cca40f1f24ae90ea77fe7d9568d795c66ff02881b127543730925ac71bed8b3de4b5c7484fd673e8045e47eb03c71d5952c4948fca424be744d6e219deb98c77ae919390023fd6277cdf882742186bce7847a510d29a6cbb0c147343f7fb1500e7d16b6ca008f41c233be168f2eeb85544b78a5f50de30a3e7d1863de344f8ba08f066cbacc524f07e0fab4524c47ede38f0ef8828357d3ff5908140838af3ee9bee2832cc13a484fcfffd9f2f142282c7fd7254a8e53c46872da0271ee1dbd99020445a13be1697c4da2dce124c1aa0ab72cc0a64dd43b83ba592e0811b0932c51b67dc09219eda0fcb0087b427ed7a36da0a5fb329b4a59b449aaf144b3230e391dfcf6ebba49040b1a15d722406d4e57a690248dcd0dc2ed7d8876384dcb4f368e481f94975b58f7e119b21e11e929c44511776c671e1663ffdce2e200881866bb080f85b2188c39fc4c58f518eff33a70e3ec8aaa66561af955399999d51995daaf515dc5e46277b29daf1e2275ed721b897055c403b92d4eb73ea6d8ca17b2ff4476cf12d4453a77784dc15aaf73a61d43ed9aa75daee30a2966d58de24546f766112f6dcdcea298ae37f7cb6235758563d20ba10d1e831622a0ebdc270331beec4b39a15686a3bec153af57d1784a489175eeaa0c1b7c9a2ccb62f081c9384fce6eca94197d09ab3916011e46f7ba6894419a37bec1918c969c0d6d007c5f0873a71e76f3485cba4bee695fb0b7fe4412155e1fb1399572a09fb75d7e25c81033248347d3ebf4ca0bc95cdedd862025269bb94fdd6c9774e2b904871ed7ac283cbc48467864e008c45e28490545b45918262455deed7c16dc3304c284b9342c622dd59851e63df450e3b2f6ffd41b1df5c2c6a139ee8823235c88d100c049e6a087d79345489dacfff3af7b6ef761fafbe89b8d8622b35c1464e588d4988ddf1e67ebfc1f2aa7667f4aed927467bf980490b7fb1e8f15d7d82ee848dae04b2c4f64624d6440dc9aa5518c7130727cd7b3f92f44dfd39f069df5a23bf7607fb7025ec73eb2ed1630ec78134fd410d730d152c69e9472861eb372c53f0704da3d94567ce3868dc16a7f87df35998053855301fae3de66225e2c3a0b27f9b2bc44e64ef6c79cffdb7153c5616168355188b680f9bfca8e4422d21d7aef0b2e3c9de6b9b4a7f0d91ca0ef2438db2b8c7751246f5792a02dad8bf909124b583e63b04f03e06d59", 0x0, r6}, 0x38)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r6, 0xc0189377, &(0x7f0000001c80)={{0x1, 0x1, 0x18, <r13=>r11, {0x6, 0x8}}, './file0\x00'})
ioctl$CDROMREADTOCENTRY(r13, 0x5306, &(0x7f0000001cc0)={0x1, 0x8, 0x9, 0x0, @msf={0x13, 0x7, 0x8}, 0x97})
getpeername$llc(r9, &(0x7f0000001d00)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000001d40)=0x10)
ioctl$AUTOFS_IOC_PROTOVER(r11, 0x80049363, &(0x7f0000001d80))
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000001dc0)=r5, 0x4)
sendmsg$TIPC_NL_NET_SET(r13, &(0x7f0000002240)={&(0x7f0000001e00), 0xc, &(0x7f0000002200)={&(0x7f0000001e40)={0x3a8, 0x0, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x12c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x807}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'veth0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @empty}}, {0x14, 0x2, @in={0x2, 0x4e21, @multicast1}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfff}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @remote}}, {0x14, 0x2, @in={0x2, 0x4e23, @rand_addr=0x64010102}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x1, @mcast1, 0x883e}}, {0x14, 0x2, @in={0x2, 0x4e21, @local}}}}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x69}]}, @TIPC_NLA_LINK={0x184, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2f42}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8e5c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3ff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x97}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}]}, @TIPC_NLA_SOCK={0x80, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x65}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xf4f}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9f7}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x401}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xa}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}]}]}, @TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'team_slave_0\x00'}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'ib', 0x3a, 'veth0_virt_wifi\x00'}}]}]}, 0x3a8}, 0x1, 0x0, 0x0, 0x20000051}, 0x4008842)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002440)={{r5, <r14=>0xffffffffffffffff}, &(0x7f00000023c0), &(0x7f0000002400)=r5}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000025c0)={0x14, 0x18, &(0x7f0000002280)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xedd5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r13}}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3ff}, @map_fd={0x18, 0x5, 0x1, 0x0, r12}, @tail_call={{0x18, 0x2, 0x1, 0x0, r12}}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x3}], &(0x7f0000002340)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x30, '\x00', 0x0, @lirc_mode2, r10, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002380)={0x1, 0x4, 0x2, 0x446b}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x6, &(0x7f0000002500)=[r14, r10, r1, 0xffffffffffffffff], &(0x7f0000002540)=[{0x3, 0x4, 0x3, 0xc}, {0x2, 0x1, 0x7, 0x5}, {0x2, 0x4, 0x6, 0xb}, {0x3, 0x1, 0xc}, {0x4, 0x2, 0xe, 0x2}, {0x2, 0x4, 0xa, 0x1}], 0x10, 0x95c}, 0x94)

1m25.786131246s ago: executing program 3 (id=3409):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000380)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd8b4876ce425106cecf40", 0x20}], 0x1)

1m24.435790109s ago: executing program 3 (id=3411):
syz_emit_vhci(&(0x7f0000000600)=ANY=[@ANYBLOB="041817aaaaaaaaaa10"], 0x1a) (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c) (async)
setsockopt$sock_int(r0, 0x1, 0x28, &(0x7f0000000000)=0xb6, 0x4)

1m24.435537137s ago: executing program 3 (id=3412):
r0 = memfd_create(&(0x7f0000000200)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\x804\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U\xe8ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f0000000140)={0x0, 0x0, 0x1, 0x0})
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x94, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x80, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x2}}]}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4, 0x2, 0x0, 0x0}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}}, 0x0)
ftruncate(r0, 0xffff)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setresgid(0xee00, 0xee01, 0x0)
setgroups(0x0, 0x0)
setuid(0xee00)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
fcntl$addseals(r0, 0x409, 0x2)
fallocate(r0, 0x0, 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610434000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)

1m24.355863008s ago: executing program 3 (id=3413):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e21, 0xd9, @empty, 0xff}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x80, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x16, 0x13, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x107a655, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r3 = memfd_create(&(0x7f0000000100)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xca', 0x2)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000400)={0x0, 0x0, 0x20000, 0x1000004})
fcntl$addseals(r3, 0x409, 0xb)
syz_emit_ethernet(0x12, &(0x7f0000000240)={@broadcast, @broadcast, @void, {@generic={0x29, "b44338d4"}}}, 0x0)

1m8.951284741s ago: executing program 34 (id=3413):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e21, 0xd9, @empty, 0xff}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x80, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x16, 0x13, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x107a655, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r3 = memfd_create(&(0x7f0000000100)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xca', 0x2)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000400)={0x0, 0x0, 0x20000, 0x1000004})
fcntl$addseals(r3, 0x409, 0xb)
syz_emit_ethernet(0x12, &(0x7f0000000240)={@broadcast, @broadcast, @void, {@generic={0x29, "b44338d4"}}}, 0x0)

1.531728275s ago: executing program 5 (id=4044):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) (fail_nth: 8)

1.470011776s ago: executing program 5 (id=4045):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @sliced={0x3, [0x7f, 0x6, 0x6, 0xb, 0x81, 0x6, 0x6, 0x1, 0x80, 0x95e, 0x6, 0x4, 0xe06c, 0x4000, 0x9, 0xb, 0x0, 0xa52, 0x9, 0x2, 0x7, 0x4, 0xff, 0xb, 0x1, 0x8001, 0x1, 0xf132, 0x2, 0x33c, 0x65, 0x882, 0x0, 0x9, 0x5, 0xff, 0x4, 0x8001, 0x7fff, 0x7472, 0x1, 0x620, 0x2, 0x6, 0xc, 0x280, 0x1000, 0x1], 0x400}})
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b032200e0f525000200475400f6a13bb1000000080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

1.468993876s ago: executing program 5 (id=4049):
r0 = syz_open_dev$usbfs(&(0x7f0000000380), 0x1ff, 0x2)
r1 = dup(r0)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, 0x0)

1.397420107s ago: executing program 5 (id=4051):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000003b00)=[{{&(0x7f0000000100)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10, 0x0}}, {{&(0x7f0000000500)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000680)="e1c4fc70b12b46185353c3c26c00a28aedff166635ad80437219c38de091ea1c7fd198a644d00946a45a6c11f6a5b9d0c22669df8379bf2dda1ab4ee82b2c6871808e76f1253abed432b7b27e580fd5bc7405d3f51dbfddc761acde78cdee9f1d6260c4955f7e140632d04d1735bfe5446655f1830e3148e54284d039c0ddf2a1527952007b8300de4c2cb9d923b503c2223cfc15805b881dc233f5f3c44badfce68a4c27ce6daeb", 0xa8}], 0x1, &(0x7f0000000800)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @empty}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}], 0x68}}, {{&(0x7f0000000880)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000c40)=[{&(0x7f00000008c0)="767133cce04e96842c3d73c224e75341f3ae2d0e6c895557867191493ddf2779dc39", 0x22}, {&(0x7f0000000900)="f0fc9beb6553c90eab268dd7c86422ef2e7948acabd49a30aa54dfc5c6264f2be69614c2d9d581d7f4b5879df7c196f0", 0x30}, {&(0x7f0000000780)="ac1c184403ea413cf81af1170baac3f101f8405643b23070f0ba8ed0bd83978393c6a744c3a3c44b3461bee369586197808174e93058e77f55cc24e3cb6830547401780a166ce6284291ee823193fd5799fe92b862415f8ece87607950d191b828bf507e0421ed5549e7d66db13cb58b98", 0x71}, {&(0x7f00000009c0)="35a66c01a87642bbdce1674676820f3a25b75e63da9dd307bd5ab5d8660e4c6958dbc6d7a7b5e244fd18b65504fa77393980478a63bd2cbe2f7093d3604d30e90fecd6280cb753cadf9316ca4f29f6bedb5f9d01abda82c954d194e7a1", 0x5d}, {&(0x7f0000000a40)="da5bb4a708c6d26be8dc4b1e6e71f81a9ac6c29df855ac8f67c6cdf1c6fb360c9ad44f88", 0x24}, {&(0x7f0000000a80)="e48895249cf8fd152f1101cc8b99dddc4430cda90af59c5517131dbb0ef73bd5421907536cee9d0a1ff5091e1499e3033cc6f4de7789430d52932a6d390d81c6beaaf850458fa67b827042ea4cb3ff520d907528f1c6fa2691f4c20de9244d28e1e999e6a5561caba270b3462616e68f48e863243da66beacca5eaa1eab1112733ac0318b2670e38d144c18556f37f9c4f0431d84986d9af130b99125cb72102321fee3dca66ba369a6cf5e8a501bddc786405d0e663e9bc42d6ccbc98c786e0fb7f88754c553d7170484b309007db20f88d5b7af0b521136f42c712510ad56a1bdd7ff1e56fc0dfca874e1440bf739f54d3922d75", 0xf5}, {&(0x7f0000000b80)="24a16c4d82aab6b69b307c585716b3578b7d0f5cf9da06dd028dc7b89b0d2bc9f57da885f9c90c9f012b840e9cb803aac2a06974427f89851222418130a64c2f3b0ff1a5097aedad11e8ec81b53fed65fd810c7219e5e21cf668ffd80e0cb6f69e690756ad2689802a0246fcc6e887901786c02bba063d912bcc2ad5dfc04734b74d34a44865563cd2fb19d414f7353ca8503d6e34b158f7ead6714f4c1426f2", 0xa0}], 0x7}}, {{&(0x7f0000000cc0)={0x2, 0x4e20, @loopback}, 0x10, &(0x7f0000000e80)=[{&(0x7f0000000d00)="bc7b7c3ced9d5e2f2b189f0616805b553c672dcc83b72c61362c49f6bdf8a6b368c163c322057f9df3923835130d6a599aa616b54dd9074a96fcd9f5a2f073c55b3926a02aeceedddd2776925857f4bc2a37a54d25bcf5a2b89d6d89e8316f89c8daa5e9f7b03fd675e50cc450b8a5469d6677543769b12ed1bd95a39108c404e9a4551ba930d44cd6f4d2c06bb0458047851e55107c0952f46eef6e60efa29e66c902d18e9d5e267c15d8", 0xab}, {&(0x7f0000000dc0)}, {&(0x7f0000000e40)="ffe327b6dff38fa963dc14f30c052a75f942d1dd7628", 0x16}, {&(0x7f0000000fc0)="3d8a2512eb861015b286ab6d9c07f8ad1b73f2999dbca91f906e34636491800eac04aed317a6d09f9551e77b1ca22bdf679c0b4058a4999a2eb23e29c923d967d238fde10df110fc16b45cbf122a56972d8ef32679d11a1da33e704b1b2ccb9ea66281be3620d2f46d8110a5f616b6e5b2a7e53f45d1275e1810944729d8732c6c676cb3063e68b374c3a6db71244acfd33295d0f0a9a7c7011ce3727f43c308364f54395415c2ad91300ef3fb080277102ec96f7e20dd546b4428a8fcdc1763af2d2f5dfd2a03fa3407470a150d013f0da9854eac7ceea2edb4503c10ab06761a6675c32bd97a7cef488fd14bbd0209dc44d75b5ed26d7fffbb3dc295e936126b33c11996855577403f97c6fdb852c27169452b4f7db2dd3f87656cb4d0be45e1c0bc57f0da8fa53964832b98a139d04b1a395f2b6c91a710e59dfca20e3c5586c1a1e4a9c1714186dee053d4859e55a3bfd65b11390ab0032c34b8144f918463b0452088b0fe6413613716ff84ee2f62c868005b2ab20b2a818f7afe90bdcd9b0080ec89dbce0053bb00070c851199cc96535b91e366de45cc1b9a979c5cf01cf8ee8b73a8471451e94e53fb471d69f12d00930fc9face72e1e9b33a986f79cb48987a9e4fdd73f7fd4dedade6816c7e595e04a9d31ed6baa0b88c8b5d921f951d268fa0a0ebdd104da4f3db77750848a904d3eaa8ee5332cd90404844bed4d971bc1a362577fa0d9a8c51e37af0df48fe244c1c65364e229231fa049c5d8605408c3b07cf28e5fdd64ce2371bf97fb12bffe8c083dd567ecbc1db3120700b8ec296f0d7426c74cec6c4908c4b72196a79cea60e1ebbb4126354088e1136dcdfc9d2c1e2224ebc36af99d1bf0cfdadf8554ae3dc32d08ed347c49ba77f929a34119c7fa72cc9485c12fdab1d2a702569a741d9902376fcb391e5c92be5ede3d2c978614ca1e07d93a28c2ec4ee33897e101f685d8dc5ea53c1356a80c7e5c3cb72eb37b4e2be68508387dfcaf07e2121b087dd4cc5aef6838c4576c52012edd4ea0c64431286939a607b29b1d52c66522aee16394868ecfaf4c023369f7fab589de259e9ac56808341c18c484abccf02a3e03a3a1379e33e3643882efbdda00d785b2176205f6b556a9c460806dc6a308a8f39b8f57216994e135c8e3e9214e526ee2bc13bffcd9e0d9c0c9933294c50651ef4c344c26c300c885a79c35ddd4c2c92642c6495fbf3aa2952c1e1d3a84524f5223f94ff8e449c1b4ea17e52df6db4ad3bbe6bd709f256735d3ce150ddb56e70c8ec39d3d92df90e9fba5980f7e60a8bea9a0265fcda93e4ba4fc93b91a3a925899a5651e3a9c75ba07d5673963ac430a7185bf2d94b8ad834ee6ef6488c3373466166ede9e9dffe867087bd1a22a29d11b91ac601b1839452fcd6badf8427469e47aaf0cc60b5fb13c50dc6495f41b661bf805cb9d64948bc6a530870", 0x410}], 0x4, &(0x7f0000000ec0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x2}}], 0x18}}], 0x4, 0x4999fa8a21843244)

1.388751836s ago: executing program 5 (id=4054):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x111, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e25, 0x10001, @local, 0xb}, r1}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000300)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x8, @mcast1, 0xaffe}, {0xa, 0x4e20, 0x1, @loopback={0x700}, 0x7fffffff}, r1, 0x403}}, 0x48)

1.318923891s ago: executing program 5 (id=4056):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000b80)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="400901"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
read$char_usb(r1, 0x0, 0x0)

1.318591761s ago: executing program 6 (id=4057):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3ff, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4771], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000000500)={'syz0\x00', {0x8000, 0x7f, 0x3, 0x3}, 0x3a, [0x5, 0x1, 0x7, 0x83e, 0x5, 0xd, 0x6, 0x0, 0x7, 0x9, 0x4, 0x7, 0x1, 0x3ff, 0x3, 0xfffffff9, 0x27e8, 0xf93, 0x6, 0x3, 0x2, 0x1, 0x47dc, 0x10000, 0x4, 0x3, 0xfffffffc, 0x1, 0x0, 0x18, 0x8, 0x9, 0x190a, 0x1000, 0x23, 0x0, 0x4, 0x1, 0x1, 0x5, 0x2, 0xfd84, 0x200, 0x3, 0x6, 0x9, 0xffffffc0, 0x8, 0xe0000000, 0x5, 0x77, 0xb, 0x7, 0x5, 0x7, 0x22, 0x1, 0x7fffffff, 0x4, 0x80000000, 0xdc6, 0xfffffffc, 0x0, 0x7], [0x9, 0x1, 0x0, 0xffffc5b3, 0x2, 0x5, 0x2, 0xdc0, 0x0, 0x3, 0x2, 0x8, 0x6, 0x661b, 0x7, 0x5f, 0x7d, 0x10001, 0x2, 0x2, 0x8, 0x7, 0xbda, 0x80000000, 0x20, 0x4, 0x8, 0xfffffffc, 0x2, 0x9, 0x7fff, 0x4, 0x8, 0x6, 0x60, 0x6, 0x5, 0xfff, 0xfffffff9, 0x8, 0x6, 0xfffffffc, 0x7fffffff, 0x8, 0x8, 0x3, 0x2, 0xe14, 0x200, 0x7, 0x63, 0x8, 0x9, 0x7f, 0x3, 0xcbf, 0x200, 0x2, 0x2, 0x8, 0x3, 0x0, 0x400, 0x7], [0x9, 0x4, 0x0, 0x0, 0x6, 0x8, 0xffffff81, 0x4, 0x401, 0xb, 0x200, 0x9, 0xfe0, 0x5, 0x4, 0x40, 0xfffffff9, 0x956, 0x63, 0xb72, 0xf816, 0x57d, 0x0, 0x7, 0x1, 0x6, 0x1, 0xe9, 0x0, 0x3, 0x1, 0xfffffffb, 0x3, 0x3, 0x81, 0xf, 0x9, 0x3, 0x3cc, 0x9, 0xc, 0x800, 0x9e86, 0x31, 0x2, 0x0, 0x3, 0x7, 0x3, 0x6, 0x9, 0xe0, 0x7, 0x7f, 0x1ff, 0x6d, 0x7, 0xfffffffb, 0x1175, 0x5, 0x11d, 0x8f9b, 0x3, 0x6], [0x9, 0x5, 0xfffffbff, 0x5, 0x6, 0x5, 0x80000001, 0x7fff, 0xff, 0x0, 0x1, 0x1, 0x6, 0xffffd529, 0x408, 0x0, 0x2f5, 0x1ff, 0x8000, 0x3, 0x7f, 0x7fffffff, 0x40000000, 0x4b1, 0x6, 0xc, 0x5, 0x5, 0x508f, 0xc6, 0x81, 0x9, 0x7ea692d0, 0x2, 0x8, 0x1d59, 0xfff, 0xe10d, 0xc, 0x40, 0x4, 0x3, 0xfff, 0xfe, 0x1, 0x3, 0x366e, 0x7, 0xfffffffc, 0x8001, 0x3, 0x3, 0x4, 0x0, 0x8, 0x0, 0x3ff, 0x6, 0x0, 0x1, 0x9, 0xffffffff, 0x7, 0x5]}, 0x45c) (fail_nth: 8)

1.306271512s ago: executing program 2 (id=4058):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl(r0, 0x8b01, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
rmdir(&(0x7f00000002c0)='./file0\x00')
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xa0000)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r2, &(0x7f00000005c0)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47b07c7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe04], [0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x758, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x45c)
ioctl$UI_DEV_CREATE(r2, 0x5501)
r3 = dup(r2)
write$uinput_user_dev(r3, &(0x7f00000000c0)={'syz0\x00', {0xfff7, 0xc, 0x100, 0x81}, 0x12, [0x7b, 0xb7e2, 0x3, 0x9, 0x100, 0x3, 0x1, 0x7, 0x9, 0x2, 0x7, 0xa, 0x3, 0x0, 0x7f, 0xb2e, 0x7fff, 0x6, 0x6, 0x5, 0x6, 0x6, 0x7, 0x6, 0x7fffffff, 0x2, 0xa5f2b87a, 0x401, 0x0, 0xfc75, 0x8, 0x9, 0x4, 0x2, 0xffffffff, 0x83, 0xfffff765, 0x2, 0x3, 0x57d0, 0xa, 0x2, 0x5, 0x0, 0x3ff, 0x6, 0x7, 0x4c, 0xfffffffd, 0x80, 0x80000008, 0x8, 0x9, 0x7, 0x101, 0xc3c, 0x1733, 0x7fff, 0x7ffc, 0x1, 0x6, 0x5, 0x1, 0x4], [0x1, 0x3, 0x8, 0x8, 0x0, 0x8, 0x4, 0x0, 0x25, 0x10, 0x6, 0x7, 0x8, 0xe62, 0xffffff73, 0x1000, 0x6, 0x13e5, 0x1, 0x3, 0x1000, 0x7, 0x1, 0x3b40, 0x4, 0x1000, 0x5, 0x7fff, 0x8, 0x5a, 0xffff2503, 0x7fffffff, 0x6995, 0x1, 0x80000000, 0x8, 0xdab, 0x9, 0x2, 0x76c4, 0xfffffffd, 0x4, 0x401, 0x10000, 0xd, 0x2, 0x9, 0x20010, 0x4000e, 0x9, 0x7, 0xa, 0x9, 0x3, 0x8, 0x3, 0x2, 0x3a6, 0x0, 0xc0d, 0xfffffffd, 0x9, 0xc, 0xfffffffb], [0x3, 0x6, 0x6, 0x9, 0x1000, 0x0, 0x80000000, 0x5, 0x7f, 0xa, 0x100, 0x1000, 0xf1, 0x6, 0xc, 0x10000, 0x72, 0xc, 0x633, 0xd, 0x7, 0x6, 0x80000000, 0x6, 0x0, 0x7, 0x8, 0x2ef3adcb, 0x10, 0x2, 0x8, 0x8, 0x74, 0x4, 0x7, 0x7ff, 0xfffffff2, 0x63, 0x7, 0x2, 0x3, 0x3, 0x20a7fd9e, 0xfffffffd, 0x2, 0xa1, 0x0, 0x9d, 0x7, 0xa8a, 0x2, 0x6, 0x77, 0x8, 0x1ff, 0x7, 0x7, 0x2, 0x0, 0x2, 0x8, 0x2, 0x3, 0x5], [0x4, 0x4, 0x5, 0x8000, 0x493e, 0x3, 0x35ff4447, 0x7, 0x5, 0x4, 0x5d3a, 0x5, 0x5, 0x3ff, 0xb88f, 0xffff0000, 0x9, 0xf7df, 0x2, 0x10, 0x8, 0x2, 0xff, 0x9, 0x4, 0x4, 0x0, 0x0, 0x7, 0x4e6, 0x8, 0x40000000, 0x5ef, 0x8000, 0xc, 0x41, 0x400, 0x1, 0x5, 0x0, 0x9a8, 0x0, 0x231, 0x3ff, 0x8, 0x1, 0xffff0001, 0x1, 0x1, 0x10, 0x8, 0x5396, 0x6161, 0xb, 0x101, 0x1ff, 0x8, 0x431, 0x6, 0x5, 0x4, 0x7b, 0x7fc, 0x9]}, 0x45c)
read$FUSE(r3, &(0x7f0000002c40)={0x2020}, 0x2020)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7ab, &(0x7f00000000c0)={&(0x7f0000000d00)={{@my=0x0}, {@host, 0x1000}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418, 0xa95a})

1.219648442s ago: executing program 6 (id=4059):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=@newtaction={0xcc, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0xb8, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0x7}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0xffffffff, 0x5, 0x0, 0x0, 0x0, {0x81, 0x0, 0x0, 0xd85}, {0x1}, 0x4, 0x0, 0x2}}]]}, {0x4}, {0xc}, {0xc}}}, @m_mirred={0x0, 0x1d, 0x0, 0x0, {{}, {0x0, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x0, 0x2, {{0x2, 0x5, 0x7, 0x7fffffff, 0x200}, 0x1}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0xffffffb3, 0x800, 0x4, 0x6, 0x9}, 0x2}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0x6, 0xff, 0x10000000, 0x0, 0x9}, 0x1}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0x2000001, 0x4, 0x2, 0x2}, 0x1}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0x4, 0x7, 0x2, 0x8, 0x7}, 0x2}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0x2, 0x4, 0x20000000, 0x10001, 0x7}, 0x2}}]}, {0x0, 0x6, "2b728d72194af1813192d0808fd0ca2fcf7bdd40322ae24be21f31e8f266cb783821e3c1ce779ec2b706871e34046986235f44d0a036fd1b1ce3fb084c4a7cdf473384a753fee6df1d13987c7ae490c85d971df6345723dec47eeef92081cd9f5552b5eaa17338fea11930d4d7133005115e65bf960aa1b5f2715ab79b08886822151ad540803e951b885cff4376c10b963a5834f6bfe2d078747197e7340827e17d1655493406ad1f971be63945d358e98f52a3935d49fff612b4a498a6dd"}, {0x0, 0x7, {0x1, 0x1}}, {0x0, 0x8, {0x1, 0x2}}}}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x84040}, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) (async)
r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$GTP_CMD_ECHOREQ(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="200025bd7000ffdbdf250300000014000c00fc0000000000000000000d000004000005000d001d00000005000d000d000000"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x4, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000980)={&(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, 0xeeeeeeee}) (async)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000bc0)={&(0x7f00000009c0)=[0x0, 0x0], &(0x7f0000000a00)=[{}, {}, {}, {}], &(0x7f0000000b40)=[0x0, <r6=>0x0], &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x2, 0x2}) (async)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r8=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r7, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, <r9=>0x0], &(0x7f0000000200), 0x4, r8}) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r10=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r7, 0xc03864bc, &(0x7f0000000500)={0x200, 0x1, &(0x7f0000000180)=[r10], &(0x7f0000000200), &(0x7f0000000580)=[r9], &(0x7f0000000040)})
r11 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r11, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r11, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000300)=[<r12=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r11, 0xc02064b6, &(0x7f00000001c0)={r12, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r11, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, <r14=>0x0], &(0x7f0000000040), 0x2, r13})
ioctl$DRM_IOCTL_MODE_ATOMIC(r11, 0xc03864bc, &(0x7f0000000380)={0x200, 0x1, &(0x7f0000000440)=[r13], &(0x7f0000000180)=[0x7], &(0x7f0000000280)=[r14, r14], &(0x7f0000000040)=[0x0]})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000e00)={&(0x7f0000000c40)=[0x0, 0x0, 0x0], &(0x7f0000000c80)=[{}, {}, {}], &(0x7f0000000d80)=[0x0, 0x0, 0x0, 0x0, <r15=>0x0], &(0x7f0000000dc0)=[0x0, 0x0, 0x0, 0x0], 0x3, 0x5, 0x3}) (async)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000f00)={&(0x7f0000000e80)=[0x0, <r16=>0x0], &(0x7f0000000ec0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x0, 0xfbfbfbfb})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000fc0)={0x700, 0x5, &(0x7f0000000840)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000880)=[0x3, 0x1, 0xfffffffc], &(0x7f0000000f40)=[r5, r6, r9, 0x0, r14, r15, r16], &(0x7f0000000f80)=[0x26e, 0x200, 0x0, 0x1, 0x2, 0x4], 0x0, 0x7fffffffffffffff})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9)
r17 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r17, 0x4138ae84, &(0x7f0000000100)={{0x10000, 0xeeee0000, 0x8, 0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x2000, 0x10, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5}, {0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4}, {0xd000, 0xffff1000, 0xf, 0x0, 0x0, 0x8, 0x0, 0x4}, {0x5000, 0xffff1000, 0xf, 0x2, 0xfe, 0x10, 0x6, 0x0, 0x58, 0x8, 0x4}, {0x0, 0x8000000, 0xb, 0x0, 0x0, 0xfd, 0xfe, 0x0, 0x0, 0x5}, {0xe000, 0x100000, 0x4, 0x8, 0x80, 0xfb, 0x0, 0xf, 0x1a, 0x2}, {0x0, 0x3000, 0x0, 0x2, 0x0, 0x54, 0x7, 0xfd, 0x0, 0x0, 0x7, 0x5}, {0x2000, 0x400}, {}, 0xddf8ffdb, 0x0, 0x1, 0x120, 0x8, 0x8000, 0x2000, [0xdd41, 0x0, 0x2]}) (async)
ioctl$KVM_TRANSLATE(r17, 0xc018ae85, &(0x7f0000001280)={0x0, 0xdddd0000, 0x2, 0x1c, 0x54}) (async)
ioctl$KVM_RUN(r17, 0xae80, 0x0)

1.219116469s ago: executing program 2 (id=4061):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3ff, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4771], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000000500)={'syz0\x00', {0x8000, 0x7f, 0x3, 0x3}, 0x3a, [0x5, 0x1, 0x7, 0x83e, 0x5, 0xd, 0x6, 0x12, 0x7, 0x9, 0x4, 0x7, 0x1, 0x3ff, 0x3, 0xfffffff9, 0x27e8, 0xf93, 0x6, 0x3, 0x2, 0x1, 0x47dc, 0x10000, 0x4, 0x3, 0xfffffffc, 0x1, 0x0, 0x18, 0x8, 0x9, 0x190a, 0x1000, 0x23, 0x0, 0x4, 0x1, 0x1, 0x5, 0x2, 0xfd84, 0x200, 0x3, 0x6, 0x9, 0xffffffc0, 0x8, 0xe0000000, 0x5, 0x77, 0xb, 0x7, 0x5, 0x7, 0x22, 0x1, 0x7fffffff, 0x4, 0x80000000, 0xdc6, 0xfffffffc, 0x0, 0x7], [0x9, 0x1, 0x0, 0xffffc5b3, 0x2, 0x5, 0x2, 0xdc0, 0x0, 0x3, 0x2, 0x8, 0x6, 0x661b, 0x7, 0x5f, 0x7d, 0x10001, 0x2, 0x2, 0x8, 0x7, 0xbda, 0x80000000, 0x20, 0x4, 0x8, 0xfffffffc, 0x2, 0x9, 0x7fff, 0x4, 0x8, 0x6, 0x60, 0x6, 0x5, 0xfff, 0xfffffff9, 0x8, 0x6, 0xfffffffc, 0x7fffffff, 0x8, 0x8, 0x3, 0x2, 0xe14, 0x200, 0x7, 0x63, 0x8, 0x9, 0x7f, 0x3, 0xcbf, 0x200, 0x2, 0x2, 0x8, 0x3, 0x0, 0x400, 0x7], [0x9, 0x4, 0x0, 0x0, 0x6, 0x8, 0xffffff81, 0x4, 0x401, 0xb, 0x200, 0x9, 0xfe0, 0x5, 0x4, 0x40, 0xfffffff9, 0x956, 0x63, 0xb72, 0xf816, 0x57d, 0x0, 0x7, 0x1, 0x6, 0x1, 0xe9, 0x0, 0x3, 0x1, 0xfffffffb, 0x3, 0x3, 0x81, 0xf, 0x9, 0x3, 0x3cc, 0x9, 0xc, 0x800, 0x9e86, 0x31, 0x2, 0x0, 0x3, 0x7, 0x3, 0x6, 0x9, 0xe0, 0x7, 0x7f, 0x1ff, 0x6d, 0x7, 0xfffffffb, 0x1175, 0x5, 0x11d, 0x8f9b, 0x3, 0x6], [0x9, 0x5, 0xfffffbff, 0x5, 0x6, 0x5, 0x80000001, 0x7fff, 0xff, 0x0, 0x1, 0x1, 0x6, 0xffffd529, 0x408, 0x0, 0x2f5, 0x1ff, 0x8000, 0x3, 0x7f, 0x7fffffff, 0x40000000, 0x4b1, 0x6, 0xc, 0x5, 0x5, 0x508f, 0xc6, 0x81, 0x9, 0x7ea692d0, 0x2, 0x8, 0x1d59, 0xfff, 0xe10d, 0xc, 0x40, 0x4, 0x3, 0xfff, 0xfe, 0x1, 0x3, 0x366e, 0x7, 0xfffffffc, 0x8001, 0x3, 0x3, 0x4, 0x0, 0x8, 0x0, 0x3ff, 0x6, 0x0, 0x1, 0x9, 0xffffffff, 0x7, 0x5]}, 0x45c)

1.126986135s ago: executing program 6 (id=4063):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000003b00)=[{{&(0x7f0000000100)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10, 0x0}}, {{&(0x7f0000000500)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000680)="e1c4fc70b12b46185353c3c26c00a28aedff166635ad80437219c38de091ea1c7fd198a644d00946a45a6c11f6a5b9d0c22669df8379bf2dda1ab4ee82b2c6871808e76f1253abed432b7b27e580fd5bc7405d3f51dbfddc761acde78cdee9f1d6260c4955f7e140632d04d1735bfe5446655f1830e3148e54284d039c0ddf2a1527952007b8300de4c2cb9d923b503c2223cfc15805b881dc233f5f3c44badfce68a4c27ce6daeb", 0xa8}], 0x1, &(0x7f0000000800)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @empty}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}], 0x68}}, {{&(0x7f0000000880)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000c40)=[{&(0x7f00000008c0)="767133cce04e96842c3d73c224e75341f3ae2d0e6c895557867191493ddf2779dc39", 0x22}, {&(0x7f0000000900)="f0fc9beb6553c90eab268dd7c86422ef2e7948acabd49a30aa54dfc5c6264f2be69614c2d9d581d7f4b5879df7c196f0", 0x30}, {&(0x7f0000000780)="ac1c184403ea413cf81af1170baac3f101f8405643b23070f0ba8ed0bd83978393c6a744c3a3c44b3461bee369586197808174e93058e77f55cc24e3cb6830547401780a166ce6284291ee823193fd5799fe92b862415f8ece87607950d191b828bf507e0421ed5549e7d66db13cb58b98", 0x71}, {&(0x7f00000009c0)="35a66c01a87642bbdce1674676820f3a25b75e63da9dd307bd5ab5d8660e4c6958dbc6d7a7b5e244fd18b65504fa77393980478a63bd2cbe2f7093d3604d30e90fecd6280cb753cadf9316ca4f29f6bedb5f9d01abda82c954d194e7a1", 0x5d}, {&(0x7f0000000a40)="da5bb4a708c6d26be8dc4b1e6e71f81a9ac6c29df855ac8f67c6cdf1c6fb360c9ad44f88", 0x24}, {&(0x7f0000000a80)="e48895249cf8fd152f1101cc8b99dddc4430cda90af59c5517131dbb0ef73bd5421907536cee9d0a1ff5091e1499e3033cc6f4de7789430d52932a6d390d81c6beaaf850458fa67b827042ea4cb3ff520d907528f1c6fa2691f4c20de9244d28e1e999e6a5561caba270b3462616e68f48e863243da66beacca5eaa1eab1112733ac0318b2670e38d144c18556f37f9c4f0431d84986d9af130b99125cb72102321fee3dca66ba369a6cf5e8a501bddc786405d0e663e9bc42d6ccbc98c786e0fb7f88754c553d7170484b309007db20f88d5b7af0b521136f42c712510ad56a1bdd7ff1e56fc0dfca874e1440bf739f54d3922d75", 0xf5}, {&(0x7f0000000b80)="24a16c4d82aab6b69b307c585716b3578b7d0f5cf9da06dd028dc7b89b0d2bc9f57da885f9c90c9f012b840e9cb803aac2a06974427f89851222418130a64c2f3b0ff1a5097aedad11e8ec81b53fed65fd810c7219e5e21cf668ffd80e0cb6f69e690756ad2689802a0246fcc6e887901786c02bba063d912bcc2ad5dfc04734b74d34a44865563cd2fb19d414f7353ca8503d6e34b158f7ead6714f4c1426f2", 0xa0}], 0x7}}, {{&(0x7f0000000cc0)={0x2, 0x4e20, @loopback}, 0x10, &(0x7f0000000e80)=[{&(0x7f0000000d00)="bc7b7c3ced9d5e2f2b189f0616805b553c672dcc83b72c61362c49f6bdf8a6b368c163c322057f9df3923835130d6a599aa616b54dd9074a96fcd9f5a2f073c55b3926a02aeceedddd2776925857f4bc2a37a54d25bcf5a2b89d6d89e8316f89c8daa5e9f7b03fd675e50cc450b8a5469d6677543769b12ed1bd95a39108c404e9a4551ba930d44cd6f4d2c06bb0458047851e55107c0952f46eef6e60efa29e66c902d18e9d5e267c15d8", 0xab}, {&(0x7f0000000dc0)}, {&(0x7f0000000e40)="ffe327b6dff38fa963dc14f30c052a75f942d1dd7628", 0x16}, {&(0x7f0000000fc0)="3d8a2512eb861015b286ab6d9c07f8ad1b73f2999dbca91f906e34636491800eac04aed317a6d09f9551e77b1ca22bdf679c0b4058a4999a2eb23e29c923d967d238fde10df110fc16b45cbf122a56972d8ef32679d11a1da33e704b1b2ccb9ea66281be3620d2f46d8110a5f616b6e5b2a7e53f45d1275e1810944729d8732c6c676cb3063e68b374c3a6db71244acfd33295d0f0a9a7c7011ce3727f43c308364f54395415c2ad91300ef3fb080277102ec96f7e20dd546b4428a8fcdc1763af2d2f5dfd2a03fa3407470a150d013f0da9854eac7ceea2edb4503c10ab06761a6675c32bd97a7cef488fd14bbd0209dc44d75b5ed26d7fffbb3dc295e936126b33c11996855577403f97c6fdb852c27169452b4f7db2dd3f87656cb4d0be45e1c0bc57f0da8fa53964832b98a139d04b1a395f2b6c91a710e59dfca20e3c5586c1a1e4a9c1714186dee053d4859e55a3bfd65b11390ab0032c34b8144f918463b0452088b0fe6413613716ff84ee2f62c868005b2ab20b2a818f7afe90bdcd9b0080ec89dbce0053bb00070c851199cc96535b91e366de45cc1b9a979c5cf01cf8ee8b73a8471451e94e53fb471d69f12d00930fc9face72e1e9b33a986f79cb48987a9e4fdd73f7fd4dedade6816c7e595e04a9d31ed6baa0b88c8b5d921f951d268fa0a0ebdd104da4f3db77750848a904d3eaa8ee5332cd90404844bed4d971bc1a362577fa0d9a8c51e37af0df48fe244c1c65364e229231fa049c5d8605408c3b07cf28e5fdd64ce2371bf97fb12bffe8c083dd567ecbc1db3120700b8ec296f0d7426c74cec6c4908c4b72196a79cea60e1ebbb4126354088e1136dcdfc9d2c1e2224ebc36af99d1bf0cfdadf8554ae3dc32d08ed347c49ba77f929a34119c7fa72cc9485c12fdab1d2a702569a741d9902376fcb391e5c92be5ede3d2c978614ca1e07d93a28c2ec4ee33897e101f685d8dc5ea53c1356a80c7e5c3cb72eb37b4e2be68508387dfcaf07e2121b087dd4cc5aef6838c4576c52012edd4ea0c64431286939a607b29b1d52c66522aee16394868ecfaf4c023369f7fab589de259e9ac56808341c18c484abccf02a3e03a3a1379e33e3643882efbdda00d785b2176205f6b556a9c460806dc6a308a8f39b8f57216994e135c8e3e9214e526ee2bc13bffcd9e0d9c0c9933294c50651ef4c344c26c300c885a79c35ddd4c2c92642c6495fbf3aa2952c1e1d3a84524f5223f94ff8e449c1b4ea17e52df6db4ad3bbe6bd709f256735d3ce150ddb56e70c8ec39d3d92df90e9fba5980f7e60a8bea9a0265fcda93e4ba4fc93b91a3a925899a5651e3a9c75ba07d5673963ac430a7185bf2d94b8ad834ee6ef6488c3373466166ede9e9dffe867087bd1a22a29d11b91ac601b1839452fcd6badf8427469e47aaf0cc60b5fb13c50dc6495f41b661bf805cb9d64948bc6a530870", 0x410}], 0x4, &(0x7f0000000ec0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x2}}], 0x18}}], 0x4, 0x4999fa8a21843244)

1.126764515s ago: executing program 2 (id=4064):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f00000009c0)=[{{0x0, 0x500, &(0x7f0000000a80)=[{&(0x7f0000003900)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WOWLAN(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000008ac0)=ANY=[], 0xff8}, 0x1, 0x0, 0x0, 0x2404e0d0}, 0x404c845)
sendmsg$alg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x28c0}, 0x20000000)

1.124889884s ago: executing program 6 (id=4065):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) (async)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd) (async)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd27, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x582, 0x0)
r4 = socket(0x26, 0x2, 0x10)
setsockopt$inet6_group_source_req(r4, 0x29, 0x1e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x108)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000000)={0xeffffffa, 0xb, 0xfffffffe, 0xfffffffc, 0x7f, "db5909003a7f000700"})
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0xff2e)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r5 = gettid()
process_vm_writev(r5, &(0x7f0000000300)=[{&(0x7f0000000940)=""/248, 0xf8}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/227, 0xe3}], 0x1, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000040)={0x3, 0x40000000, 0xffffffff, 0x0, 0x83, "000000000000000400"})
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000080)={0x0, 0xfffffffd, 0x0, 0x6, 0x1, "e315bc1cc24ff7b7cdb242e1ff0aa6905446b3"}) (async)
ioctl$TCSETS(r3, 0x5402, &(0x7f0000000080)={0x0, 0xfffffffd, 0x0, 0x6, 0x1, "e315bc1cc24ff7b7cdb242e1ff0aa6905446b3"})
syz_open_pts(r3, 0x400) (async)
r6 = syz_open_pts(r3, 0x400)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xa)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000200)=0x2)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$sock_int(r7, 0x1, 0x35, &(0x7f0000000040)=0x1, 0x4)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r8, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) (async)
connect$inet(r8, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10)
ioctl$sock_inet_SIOCSIFDSTADDR(r8, 0x8918, &(0x7f0000000280)={'veth0_to_bond\x00', {0x2, 0x4e21, @rand_addr=0x401}}) (async)
ioctl$sock_inet_SIOCSIFDSTADDR(r8, 0x8918, &(0x7f0000000280)={'veth0_to_bond\x00', {0x2, 0x4e21, @rand_addr=0x401}})
syz_emit_ethernet(0x46, &(0x7f0000000140)=ANY=[@ANYBLOB="0380c2000000bbbbbbbbbbbb0800450000380000000000019078ac1e0001ac1414aa030490781200183f2500000000000000000100007f0000017f00000100186371ae9b1c03290cdb43a8a2571ed4bf2288bfd0663560618800b801259038f8bec8f0ca128e6e928e28d384adaca05d796fea85f952ff"], 0x0)

1.049608276s ago: executing program 2 (id=4067):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xd40, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000002c0)=""/100, &(0x7f0000000500)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)={0x4, 0x0, [{0x4000, 0x5b, &(0x7f0000000340)=""/91}, {0xdddd1000, 0x1000, &(0x7f0000000e80)=""/4096}, {0xf000, 0x20, &(0x7f0000000440)=""/32}, {0x80a0000, 0xfb, &(0x7f00000006c0)=""/251}]})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
syz_usb_connect(0x3, 0x24, 0x0, 0x0)
ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000200)=&(0x7f0000000180))
socket$inet_icmp(0x2, 0x2, 0x1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_io_uring_setup(0xec8, &(0x7f0000000c00)={0x0, 0x0, 0x80, 0x2, 0xb3}, &(0x7f0000000500), 0x0)
io_uring_register$IORING_REGISTER_IOWQ_AFF(r3, 0x11, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000080)=0x200000000)

289.916405ms ago: executing program 4 (id=4080):
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @ioapic={0xdddd1000, 0x2, 0x8001, 0x4, 0x0, [{0x5, 0xf, 0xb7, '\x00', 0x9}, {0x40, 0x5d, 0xc, '\x00', 0xa1}, {0x46, 0x9, 0x4, '\x00', 0x99}, {0x8, 0x4d, 0x3, '\x00', 0xb}, {0x0, 0x7, 0x0, '\x00', 0x1}, {0xc, 0x6, 0x47, '\x00', 0xac}, {0x5, 0x5, 0x8, '\x00', 0x7}, {0x7, 0xd8, 0x1, '\x00', 0x6}, {0x93, 0x1, 0x80, '\x00', 0x3}, {0x5, 0x4, 0x1, '\x00', 0x4a}, {0x8, 0x36, 0x7, '\x00', 0x6}, {0xb, 0x9, 0x7, '\x00', 0x4}, {0x9, 0x1, 0x9, '\x00', 0x3}, {0x40, 0x4, 0x81, '\x00', 0xf}, {0xe0, 0x0, 0x0, '\x00', 0x9}, {0x6, 0x3, 0xf7, '\x00', 0x3}, {0x9, 0x6, 0xdc, '\x00', 0x4f}, {0x48, 0x83, 0xae, '\x00', 0xd}, {0x7, 0x35, 0x0, '\x00', 0xff}, {0x6, 0x4, 0xff, '\x00', 0x5}, {0x1, 0x8, 0x9, '\x00', 0x6}, {0x3, 0x4, 0xfc, '\x00', 0x5}, {0x1, 0x4, 0x5, '\x00', 0x80}, {0x2, 0xff, 0x15, '\x00', 0x19}]}})
r2 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000090603050000000000000000010000000900020073797a31000000000500fc0007000000100007800c00018008000140fffffffe"], 0x38}, 0x1, 0x0, 0x0, 0x1004c007}, 0x140000d0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00\n'], 0x38}, 0x1, 0x0, 0x0, 0x10048047}, 0x4000050)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)

226.443228ms ago: executing program 2 (id=4081):
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x2001)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x48, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x34, 0x1, [@m_ctinfo={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4, 0x2, 0x0, 0x0}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)
writev(r0, &(0x7f0000000280)=[{&(0x7f0000000040)='/j8', 0x3}, {0x0}], 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008aec1, &(0x7f0000000f80)=ANY=[@ANYRES16])
fsopen(&(0x7f0000000ec0)='zonefs\x00', 0x0)

226.029468ms ago: executing program 2 (id=4082):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
epoll_create1(0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r5, &(0x7f0000006840)={0x2020, 0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(r5, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r5, &(0x7f0000004200)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x3b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0xfffffffffffffffe, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x2000, 0x0, r7, 0x0, 0x440}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
open(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x6, 0xfff}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x7fffffff}, 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="4043fa93875deccc2000000000000000000000000415f5d17826a8ec520f3fb5582776bc18af0d1be1af5999110001000000000000"], 0x50)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0)="24000000200099f0000000000000000002", 0x11)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="021380ee02"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0xffffffffa0018000, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300090c00000000420b00000000000200130002000000000000000000001f0300060000000051020049e4f0000001c99a00000000000002000100002000100000000200000000030005"], 0x60}}, 0x0)
socket$key(0xf, 0x3, 0x2)

225.758946ms ago: executing program 6 (id=4083):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
personality(0x8)
uname(&(0x7f0000000000)=""/67)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8b15, &(0x7f0000000000)={'wlan1\x00', @remote})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r3=>0x0})
sendto$packet(r0, &(0x7f0000000180)="02030e00d3fc02000000ab5d71acedd7c9560385dcb188a884d788a89806112405ce811cc352", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14)

150.220664ms ago: executing program 6 (id=4084):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0xc201})
write$tun(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="b445cfcdd781"], 0xfdef)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x2108069, 0x4, 0x0, 0x1, 0x57, 0x0, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000000)=<r3=>0x0)
lstat(&(0x7f0000000180)='./file0\x00', 0x0)
read$FUSE(r0, &(0x7f0000006280)={0x2020}, 0x2020)
lgetxattr(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)=@known='trusted.overlay.upper\x00', &(0x7f00000002c0)=""/185, 0xb9)
read$FUSE(r0, &(0x7f0000008340)={0x2020}, 0x2020)
lstat(&(0x7f00000009c0)='./file0/file0\x00', 0x0)
syz_fuse_handle_req(r0, &(0x7f0000004280)="c96b7d0fcd31d0fd682c6c964ddc9e6fef2cb1c7b4d6b59baac10ca64d9017b2023b337e31fd95ba2b5815e906f1c50ab8193e184ad3a4148373024f4e9efa7d83b50e1c9b8f2af4f67fa439d155089feb669cb454aaab77e2af835685c7545759633df08e306e175556c1bfce35e6ff2e0a0f56b10d825ce84ff16b860ab54c36edaf305259bb3cd25ed1c610d1e0c95a660fb550d140fe5eaa6195112913c00312419654f7ba65650573bffa6bf0ca9b1731e2108cbf00aedbeba9f17564fbe0ebfc281632d07fd99bb67590fa32a2a14e8b00c27e20e26478e0942d82490002dbbd663eacca9445af51a79f03eaaaef9b013e977ead853eb24b1e61de41c47bc7b94ccc7b1fbe5a3360c8b4987783d0ca3ec3eab88e6d590bf708e07f8b4eba2d9a3dfb918b4974300a44b8644da99aeed24769d906bab735acc715133aeffc1add0b310ca9bec3e6e527d1c0f35d9c4609cf2746895e2fca58cb64af44ff6360430ce3524253dd6afcb5e30649e7bcdcca19130872b57cc2da5f07f47a001fe0991e9e4a6b1f6df1c80bfddef193d8707564b6e11e210d9481442e8f770df48c1293af9c27ea5b8a4bf631f2c72568e214731b657322ab4266c6bec6027798ab7fb0348ad7fb43768a6c5a3ebe030d5e9f5b23e95d350ec6f407b34431ed7b9b34c2a46843507b428b6d934b5b0f1141c066b83299f657654ed8f5ca4866ef21c4fe2b424a1d5a39da37ac740a9301a7d162212b3a3b07f2a54aebd55b4d3aab94a3f7032a45cc3c72831b067993bd31bcff21d22456062cb1727aa86369cb2072e313529e8a5aa144fc943c6a3078edbd9cf2d5f8febb3b0ffa7ebf83bcc81a55d600f744f28a9b60a5a7031f332c1527f7e298edec15ea104945fab84b23ef5afb17a9c39e0e91ace050cdff33195df8e4f1425eef92704117aaf75c7448e78d11f3e1d614a0b2ce539a372e63739140663e5a140a9adfe1d0bd85492189a5d2a2a38a7dc9796d0134fca5c63081a70130bdb7e7bf4b35e211760f8af4f1bd8ff1b4df263093e08d05d9930d8c538b518493e567a2fadcd79d96a70c5f2252d7155d7397fffcca254944e595e37e2104d48aeb43f9f846e2ccac1070ea7ffecfe794f1aa13d6bd6836441d78fd9cc6ab562218e68fbdadd1a00564077c6e7a97fbabeb66690658d3507665535304cc5f0962c1d8dc3ca6c0a6dad501e5f7323a8a17129453321b04c393f543548706dd408e8f659efd82a441253351da61c65223886de1611c202ec9ae93a4523af536c4d51e637ad3bb58c2f48bbcfb4ef76829f19a0022d6789712d89d55f8bb52b6b4587d3f05dff97d3202de3792c3b79d24b980aef2749694c4d6076c05fd53bfe6ab153ff98b53cd092876a5e5101bc69f7b29d654b11341dfef68a26365672145d3d30033c51425bc9550a10218661f0121bbcfc22c45d3088f5ecc744136c6f37bd19543426291e30f475d2d8ffdd1385e62e6867083b23c0a6b147d491f5af2d1f227b9dacbc51c7a760af498d0894fbf656861d1491a65ec617419bd2fe0502d45e2becf5431c81bbecc4274c9ca8b4bacde331617dd6c1ae569038cc9945bb5524e9b45d865ef99ee427eff1baad544b9d432db7005bf489ec60e0b1ec673f5adc4e88dce93a97212fd7073acd84a1773a8be1b18b7ecfe5fbb35e80c945bffe999bc5de67315d25b591e131029b7ac9c6fcaa1409f2535221264a7ebaf7fbca66dc4dc85e0dabf8f528ff5584fd78f6fb44e8a37341ed728aabf420900b7e2da1869c4f22bebd74bddeb4bf3781527aae8a0e59367bff3c4b4149359cc5d5b35c569a20e16908dd87f561a13d9697df89a0eb143968d88d677dfd5902e8ff0462131bc5294294c955f053ad8100fd2f823bb9967d09eb088025e7fea541d342607633ea8e6b00cf8c0966c95453ec3c545de88f49d75aeb0a24a64799d55768ea5d779f8e38a7c8acfe8015cb1294c60652558ae0eaa0d12ebde44ab72cced2a4892dfac100b234f1a3488a319725f5c17ca40611e090fc565023cd2b53b0bf050e564dcbe92c2ff45b3672296ac6e933ccbd861aa060a16b0e125f050b847113b6d4c4581c45887fd732bf90e38ed9e088ae40a4e8f6d64e28d842c1d24f5f3e98709e2f929a99423f9b6ab32f151e3fcefe25c0503892d43983d02a8d09366b0c79a63c66a9d2b5677cc307d85de0a283a0036d2ed97fade7da9d9f9857fbdf125627e4dbf042dbb88fa9b30a9b8c79bd345fd328491eef9c56c5c1ee4e2d22be9d0bf2365ee518a1bc49eeb76d804e934a811b0750fd86d02cd3289c00f590987401ad8adbc0cdd314735b1fcb75c15165a2c35eef5910819075b4f821c741a40f11dcb8921180684afcdfa3132568b19dbfa12fc6d9869d86469f447b8411ae71f722a39c7db08dacb075d01e8ea2366fd4248d9772b02d27cfc7d4cfebc2e82a43d5143f54d95affccfc694711c4316dd5205c9621f960991f16d04e6b186965878b4c1a16ad455395d7734989eb105a0c1cff88865c90c054b0732daeb9f59d55671d85fe34b56a967ba546d023051073988fc8daf8ffd627bb03a2c4ccf04bfe110917cea89d4d5f8b089f4340b7c5d969c24e7afedfe91fa521283d13060c570e90acf6fda44b8e572458fcb73117d387e1729a2661d7591fc47ac9e6d8c42bea23e4e8e2f8715a79c06b9a967bacbd6a7608434ebb2c275c5a242d98ed268ef558184559742f2186a217a402fb4a7c2bb7b112376866e04ea2f583ab9c9c2c2ab1ef42d2fd56ea9a7b70cfe20a3dcbce8d9ea6a266c53685cd3908ec19d5fe1ccc5644714042e2d25caac64e28730b3e85e55e12cda5b6f9cb4bfbaae23c3ed5e29197d541facaa64cd60fd7cc7f77781c386076c1028ef988325e88416e15e5392f8ce18312e9cf775c516b777bb7f5d7cef0fc47147fa1f0166a96f7d9789fde1848a23baf771b49ed835d6b30e0e707ef65f770e00f31da67cdebc155f57bf46b90aa8a3aac4eca4f67fc013bccb7372371307184760b605ac3f920e7444a31c427f1a324ef317db51d4d86ec215ac3a382d0bd8610f2d1cc3abcfca391996ac8e3fbde64ef31f7d69deacd4d09b73e7707d1a049f10fd4df4a629ff73cb27aacd9b3f3b25597ac333426f61db7337baf7612ffd08f769b611168561bdb46aa4e5c79c6ea205651430a6a41cc994cfc2566c601b607db0413fc6a4d3a4fc3c09775c65dca855a0ce0a4ad48a1ed5e9cbc18356b888a1f11c0f7ae59b3922b1499f8ee1381786f0816d494e81582938cabefba0942dace8f632f4985bb50dc352ca84bfc1400e8f901da9bf4dd09c5260011a93b4ac65759a505ecb2f2bc3cf12e9cab4b16c7827b5442ee35cd62e5048ab8317aeefb2f6c68f95d995692da4d255836ab17f01b42407dd919a47fd4030ccd17d7daeff2d442720d89750d3a72825c201e1d111982150cf272d60d63e7d5b7b3e4fe1a006a24f9a3e7245b9a543564ac2d3e911568c1868b8a737f1e2514d33b9b5cd21a02661a1ceb1207eb2864926e945a4a4fd236078d151376515eed9d17a5ee467a7a7eebf780d0c1f165418edaf5333cb9f2b816e7b4c9560774d2deee2d4e09385f909c314964cc9f3def8f058c5612f59fe1a2f1dc15821fb9bb3c5fb34a0745a810f2fe6ad6325ee9c11d2ffcfc25277955a147bc90e9e6c1833f75e1a30dcc24e4acccd833a2ec56cde5539405f1032d597cc26c3a6ad86561956dadda005fb4c9dc844c4bb2ac14816c3b4454ae628bcdd460d9415c6aa93e219f4b2ab9e021acd775a282344dfc4bbef8c74ef629e0679fdd4e7a6c0519d879dd102d4efb815ff0ce48685201cf788041fe913cd45fc220faefa3eb92bdd565e620933a01602cbab762cebda0d25d1676608a8e4fdf2fb3a1091c7ccb8eab355ff4a55d1c0c1ce30430a6acd12a42e96b7c85103e411869b9448a8800786d132f14e63301893d2ab6dee17bd0a45e96c29072e5b56b83b7825f00a8484eb4028ed61bdcbe66a15a090db76c2c6e1634f339d3a06898b27b34cb04233e7450872ed604d7294b65cfee820c54aa7e37599d30670d1abcd991e56eb5824f987ef340ec2e1512c41507d6760e557f626e4fa8ef26391866995ec4a9ceef3f47f43b758e1f232dd5bb075a2c3a2d8197417a1db35c03a2e1fc48dc52ac576a5e0df4fa438d964fcee65452d00aa75d33a673c4e3d7afca4fc43e368bbb5d569c77a9fb20f9b0a94d491fba51728e28b8161c10fe10ae8c41edf5c45bd2a2c0bdaf74ee51507d6282413d3d260646ef5ddadb437d05cedf31190f65da3e1a94b6d206de6996957a533acc40dd9024ec35dd19406db5fbabd31fb8a53a5dffa0f5778a222f629cf82b8590a29466ebc0acd11296e9206bbee47e3e6f2c8418cb1a0b2ddae1704e2ae784ba0c058d05887ff32b7c5202bec9d1625d74a7d803d98d5d1576eb49af5cab490aeb5a3b54c03f27748f970f23b4f47716e3fbf82e1f3aaebe02f2f67bd1295987c9aadc1dd8f065143871a346ac7376f2c3fb0610ef14d6b76bc0b12838979ec921000598be28336199003480b3a94ba8b08d3ad31cbec91421aee42764942c587a823e5771d808a2ee5fcf6c3c6711b9f90baded2756e9b5673ba800d0392963a8568020af1c6c983c3d478a5dca222e8ba7820b60b7d7b7fb60cbf1403f31d747ce2c4fda0d3713f56f966ae53c7435abe4c922e2c1abc339e397b76bc88dc71b73e80ed20e1bfdfabcadb26c17df2699bf11326a7bd231074c364c77cbd7726f15d965330df376aa5001ae9f33413dfe969d8d7df593223062951447f6fc293c5623a8a828142fb5f9c0ff0ad062cb59ebf273937431b65aab73bd8a564e70249b68248c256fa1f7d6935f1493a48e42ddce0a92297793fa3d48dc8202336584c05fb09f166e73e7d2cdcbd502298427e69245212d2b745db7155754d8a1222ebee2ba457b0e71f347d7fc8dfdf2f10249716daf66137e30fd82fd31e77e7bd623293f7468d10768b34f5af2dc8205b654bdfa7ebd0166ebc9c38749441e74fe865edf4f173bac9bc3108641146d7853032b82dc41b73244ef104fb82e5c3e872e62e1eaf8ddccb15a82240949ce5212fe16b8bc7172fa4f4b2a0034bd550c4c9005f080454715ae1d0b158d80cb3d4cad206e2c0504c1d030e57c01da0f821b9ebb79c35b0ed38fe66e30e757bfa1538a55d49e2fb2464f1896c91a9071156fc0c7b3207486d89f7b0722a20884bdacb8a4234e97533a936824be36994da093dfd3568a9554f3e60cec12bdf45fa81d5cc4293dec3be55f31722a771e0d04de633b527458a1bb1b5cdaca4bcbff851e26ed01e4f4390164e9c3b925e785bc9bde674a6e148a4bffd4442f70b8ea4266ec4408445b203cc829db87e28195a315bbed6c22a21eaa67204a773094fccf0239696b9e082b5d4b8ffa751a6d6ce7fa916a9d5ad4f49582144b5ca6c9e8553a350b9a48d4be4508695b526d22ad66b8a31eb5c52919bf2786c587da56dbd0b3deab66b867fd42866a0e5b44bf58130b78ecfa6b53290a3176abcab8861fab76d4c1ae4b7f1e38b727adca09751edb154b8937d2aa1dbcf2eccb02e0f9c71ad470f3323ef2a59e14d5c77eee797ae3c3762dd731320dfd9a9516b3f177c74c47216d514c1dc785668b112419ba1d8c0e31057c51520be1ef20208cfae9e966f0c0d6cec6a60efc568f1a65209a4c1420765b693754a620e80848d84cca75c88a69e90973e5a8747938b0c621a41e6f02b69cd32eb2cf181f95f5b08a1c05cd89a7f11e894e267c518c779f5fe1b71b8df4e3bee6ac8a2ea5238c88630d6e7f216c0f0a036e53359315018d442535ce8853648ff319dc16f847c44e3eef3863bb66ad9d72d68ff578fb1e1edbe8dbca6702adfa7de404990596f05f6fa227bb1626fbc94c12956df941b653f914b496c9e9b6bca7293bdf93495ba713c7d731c92bf445b945a45cf82cfd0fb035f603bada718387861843ab2feb44ffa9a6c780e3d449ec3603ee3e8001289df0f9d2db029b30ac4af1577bc4cc088bc95b71165415a39c03984b0a75f94b1d7c0f5937b883f7435d7eae775db1bc6da547e8dcc4a99a008a8f39990cc67f619a7b09a86dc0639ec8d99e71655b6eca815c2bcbd6efdacf5a982e4991b07cde9720e420c4fa75672b0941c92c56c36b4f76d5426af6d8b31fbdff0868dca26fe8ca0a4d88a66d2e8dba5319d73472363e67acaacc5bb8db1356a440c3cfb6dfc4924e1fa8c2c04f8170e715c3624eb3c8b7ddf3c07e4bf2a9315019001c0abcdc9a224c70c456ae40b8278244ae6d2de179fedbd5740f81556e3448feabb8d9c12e9fe4d7e1c96ec304dbe3cdb4c7668c16a9e2664129eb84c8aebdb97b300457cca2407dee4fad05403554da4ac9aeadac60a79ca0e6afca83a88f298ec58d9a9460bc9f8be85db9b08b37d578da34d496d3ca2afab2f9e8fb93843ecc9035d8991b5efaabdacc1e8829ceafc0b7e728d6c22b05bf0c81665e301992996518d81d6a6cc153312ccb3c775e7a1ebb56b80e11b50793c12b76275fd0d391775da763974b9dd42e2d594095f74131297cd5b1546436822a42c6f2338bcaad662644ad7a6347af7a6baa3b664a368459c2e5822be610b75c1e65fdd2639d52c2207ae445c2e78f54e87cc7d673a5887f182b4bbb8e4b8ac7c501764b3c83c1f28253aff242406577195d7c568c0d4cdaa80224e9f6826554afeec87dd6f1ec80b032567dbc8050bf0df01dce45ae08eae22c02d2d93c373a62327339870b3e43ee6344764a6e49480feb9a26f1dac0a28d54dc6d9ca0e5353e0216b8b834d539003ae841ae3bae7239123ca6b37f73cc49dca029ff33348810dffcb6a9dfc85eb8e10bb1c4c6366b5772bdc9f4e59b152e645923be8274ff44c51636fd47b53c37560135ca390ed72eaa249ead828fff1ca580306bf527e4a8bc92d9a2bdc0a2b3f7ef59c234aa20e32c657398e72967f78270695153126ed503d875080aa352e0e3c9a2e0e0862e8717b7c70eba50ce01974026a0c9b03274967bd04f4047f867e225994434b8a9557f5480227105f820fa005aceae09309a7001bd2a5bb41c9f4a403482c952b4e620d5ee313930904968105a4e2adc53684f4036ce51b8c5c77c5e4f539d92e58b1a69f57e35685c255862204bce6ddaad6e2fd3159d939a63bbe4c1358e7a440832edfa866d0c4bc516d4caa7ef659a0701b0fa502eaf7814068ee097ed72e19d51154190f4a9770c5551b35e75ace625db1b3ce383ab18bfc2c505c34a6ac2b905405e0c7611ea10ce29db60c4fbf8c01a3da8cd7a22b5d7b5b0ef2b07cff3f320d651896375a7db9aca0a6f71312b87315c8f06324c324004eced3ab4944f3a018b26ef16c60a0afef57eaa74a1b194ae67989a9021ae65653e9bb484e7ed9bb53c63218079c4ce193699dfd65efb7057a2e05adfd73c3cce7473926e2864eac5d64be3aea58702116626554a25612ae3f3497b93fb611b2dade341cd7fc4d02025b3dc56c0d0e11327dc9ade6557e6f16596893027fabfd54aa460a135872819c4abe062783b9c9895eb53aae31a32d0b0b4fc72edbc8e2b94915b08ae638a14cff698691981a416d9682cdf17d524009aac4ccf3887ea40cbac11a7cdacc1c0021d17b436287d8c2061b6a88f98c4cfcdf882e1af2215090fd8070f47350afcb0e11841466c9287dfb0126f9fe0d3efe7703151c22e98d74c9ec0a5ec989e450b516491477aa69928ab6fbfa3d9045048787e9452fd601c24cfb7a94bc05bb93d152b2a8f4e53f5a59a80ec69909a2e9edf20e2232dccbd7308ce7a073217d5cb4bc77437cebebd37c5c6b4dcfd78b33aee4696f1967acbc44706eb68ac88d2baf1f3cc620d085b445ead020ff45b4bf06504244f38b306ac7c114387cad73b8188078f3858e4c020095279e1cff739c6fef7a47f0775ecdd28b4a65fc93b18bef1fe3d1337249e85d2bc375c06b2da5b9e48512ed0fdf2663cf5bfb492ef8e0618d1a52b6dd04c61176a8f726b1af19317aaab5ea9e4625d65e020fc87cbb2ca44658f3d7448f9c3b7b76c994e36cbf7111fb7c95a632168679d95512d41e9217864dad8de83ea8a9b047d8c0273b971fee50fba073d7b9eebe5da725cee54be54fe808e63bb99e78594b3a20bea99520a9f4de066f404e4c0a250d05cc1608028429689fec886b7e27a0f959e737454c18e03b687c3abaa728a5af416fef3da29f50c910c85704a6ecbb89cfd4ae06b5582257ad76246e708d394ef9ba987bf11e57df91d51f9a08c42604ef8127a1bdc67eecb75275933b2777aeedc85dd75ba9dad3b8128ec132262ea177abd2e522a95f99e2e64c271c7a02bfc3c36d88e27f519220fe425def11b6b079b9455248f5909afeb432af0d1c89006aa84df9d837a22e6fb327a5da110c33b3f687c67b6b7534bbb9fdd9b2ec065d0236306b29f7a39496d714c898546b56a753ddc957e47ad62c32f4f86ac32d22a5dc275c689a32b3837936ddd55947563472cac5d31469db2a36ccb61fe94dbf8bd08ab8a7a5bd5aa82eed3b507304231a44cb8e0b18a04c522d605158888669823d37ed5b962c57e6d10fc470a222e33f877476c58ce4809f118ba3ff2181788e8b6880586701173cecd07d167e54d3589ba4866d00418abb5cac4f26ef659a266cdddc5d3509fbd7a226f2efa675468578fc0bbcc519f33a64ced331a0dcb86905d682055f6f7f6a679b9212ec9a0104778374d825c3441e5169091e0449325ded725ed3c1e816284ab6334534bba500dd45bce9537f93a6cd80f931247709c7648177e55e3ca8a605a15b047562c7c82fdbea50ae0990a476fd7898f44fb4859f343f57723630b431f8066e13ba53d354f659d7134f1c51c99e0c3cd7680fd3ef9e6f0b2c07411fbad3083296b3e1a3f790fbc9a3215301da4573b529c916f739d6e21458c52e3490d60902a0614691bdd556dcac92cdcbbd8bfe83ce4a48b124d259c5ad94cbbb58b004fc4b5ba2373821892a4d4608877d3b1d883b8c5aa06ea3a70a9769e17644c82a77c7e8be815eb22af43e717278125dcd1a9556b6b674b69eaa0d8e2abc916975bfed29ac8d180c8bda27b71cf68ed50b204b3b93bc9df27592300455193eeb71ce450938b3858e302451ad9f689eddf25bbce3a86e5db5a066c32637a5348eb21f5fc5eeb59a49a42044f81e8ef32dbed50735258a36b8be6aa1412a8fe6d4ed894ea4c96ecaf27d34e70c34e5e6e10622f81424fc214ecf907941becf786e781e480b1b055bb519da8060c3fa1d9385f438f4b518d362b9f26d37b82a16a3dec7207f706ad5022dc78e2ff160298841cd2fc20623b81a3ef10e5f1546019b6057ca247eba7ce9a56e2f89bf01880fcfed4a0ae773c1f0c82ee7a7ef3674b88b918c5fa69e6bfcafbfabe3bb0ed79620b2fd306afbb94b0dc12195574387d7ce703d78953e2beb7b2a8f8d2e3b473568974066b837f69865f3dc3ff409c70cec8a741e932f61236075d4bac0b1c68e126033e02fa59162ec652e4d85428e90cd99d00368206a68716680b7609c7407c052fc182ff48c1c4f048fc3628629853fab6f09399c0eaa91e32de65f7cf9f0f2f2d28102b6e028c53e1cfd347f9b1a263bde9d140241de3722100ce78c50729f9c9552d28087d29b78172806c89c7898fb56ffbde5f3beb367fcfddb2e288e3bd217d504109e1459a0fdbfe323592ff7558783955b1a11f151402bb0dfe40ed738c0daf76e59ebf5d27570a97ad4914165a12cadde03bdba6b4f3aa9c97ce86db45aa356df754d110885d9184be5e199c01444c228d00f28b954ef6115cf855b9cba862aba1084b129bf5a4987eb4b32b3f2e29df05980c2b23ae4c67144e4942716cebe02d3092df7deb5310479f006d949f2628d57bc572ad6a0c598a05cab62ef87baddd708137ef4aa73f205eac6ad7ca8a6470018f777bbabbaf15b35a58be603c6d78e833dc1e782ff9d686bbf38fb0b358845114c17ecbc66d35d8e75e21e860c71b7e244fb4848b21b1a0292ff6284076dca2bf2df7036b7f9f65a4d9f307c8af39db12854a8278dc20215178a77e143cf021b4941ac32a4c9045f52ef69ac7fb7a9e9a26b92fffb294e5c2c2043dce0532372c67532396bc60e5a867a5957448141bcb027a30765bf6d5ab08e33cb0e2ce2a314a037773941d427aec8831a687a420e0037196a3562b030dd25c03941a6a4b6f3e1b27f5cd296bb397cbeda565ee022aeaa5a291b3b2acf762187bc6d2aff82c8d8db99c4089b9aa3040ab4ed1bd9657e79c02ee44c6f6ecde9db85c5e5c85233a30c23e6bb276e81071334e09de0660cd3b6afb481fd48bf1aaa7a3227fbeff9117ca734c62c7accf3182bb1c7ea32767a6471fff5642a2845e687a776da2948c4b3a9e52723db558e179178938a193081a3d2bce07f3506bda86a18999e2e95563b08a487b2f507ea0c799724f7c85a663fe1b240e42a9b308d7eaec095e10bb2787a8b4b9bedf9c273165c6825bfeade9e3901083ea655dd7a173c383ff423ac257e368d4da82cc76338dcac413b43125f1a9a9271cb7c364c1976828c34604162c949197188699e00b8a79a92998868525bf93063d820daa86bb8591b9a8dfee503f397239883d1c5dd9ce278108a4db2f3e5a9e9345bb748ccdcbe2b021fd2682143b3d2cb0a886f0540d66a7a7cf2fd55abd107592274eab125391da21846b77d20f866926fd5e9697c063128e6d7c7adacaeb7325315e57ab90983425c4d1b290a9f520f8d18cda0647e7feda73d6f279beb12ea89d236bdd879ac8190eb2d5dc4181524c1ecc06e41a71cdbf07cd93aa60cf2722d03f64102dd3644df4622a5b40fcf590dbab799f066a3dadd54fa2a96a64e2ded5c467a842694179f5b145533f7638c458659050adae96849ccd4b24139a26533a3a8a708dec88a7def4504e49ef2c4bae5e2cbd01f6c2e9ff3415df297769ea9ac7ae10bcb0d590ebba1bd22078aea527a31edecf915cbc131064ac360f1d326b79dd30a7f858db0c2c4eb35b9d198fdded2b1461fcd2b39383d9d84f4e4aff1cbc1b0ace58c5d5b2e715927418c41d6e04e400f055bcb4d736fd2b84ac8dcb4f69256937b88f901c1718bb648485a365ec9d396936e02bb1d7cff75790d1ff9689e92852cd0b291b36055e2c35993f19d06165ab9dfb854469ae1dec160d53e6b67f3963d9616ed6c240d01d286be65462ea708ed0fadbf43b8229b1839f79ff3415e10ca8feb9e90fde052b981a3bb04edbe0e0e40c499422ed136b22d6949eef0729ea9097fbe84d47839f32eaa503f1d40cc00a723f0bcd1f745c8c98ef54864918c650178e0176dcca98e8570601cc3d749318bf837adf5a3c660aee0c7cd926e252bee3878e7af3dd811091d9b89f079804bbac99f10dc5f7ea7844dce49f74833d2532d6d9c0186b7f57c4d4df184694b3e7e15c6ad8a6b8a", 0x2000, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

149.740435ms ago: executing program 4 (id=4085):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000800)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0xe}, @private0, 0x1, 0x6, 0x0, 0x400, 0x4006, 0x940132, r2}) (fail_nth: 5)

139.488086ms ago: executing program 4 (id=4086):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GCALLUSERDATA(r0, 0x89e4, &(0x7f0000000000)={0x30, "58db8e2886c58dedae00f13cc17206c1c0dc504ae0ebea61dbf33843be189a6a1004eea6186435b4631012686b86ccf010c0de413adc834811ebcc33107b48f6fd3178493c6e694e73fa72b695e4cf1e47e6da7e03ec772868a2c65241d21058d4b193d0e1b56474a862f8aa99283cf8f507a54735c19b92c374eb97f52788c7"})

60.071231ms ago: executing program 4 (id=4087):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601020004000000000000000000000900020073797a310000080005000100070000001c0007800c00018008000140070000000c00028008000140"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) (fail_nth: 8)

59.510527ms ago: executing program 4 (id=4088):
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x8040)
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000440)='{', 0x1a000}], 0x1}}], 0x40000000000001d, 0x0) (async)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
preadv(r1, &(0x7f00000014c0)=[{&(0x7f0000000340)=""/191, 0xfffffd90}], 0x1, 0x182, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {<r2=>0xee00, 0xffffffffffffffff}}, './file0\x00'}) (async)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000040)=<r3=>0x0)
setresuid(r2, 0xee01, r3)

0s ago: executing program 4 (id=4089):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000b80)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="400901"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
read$char_usb(r1, &(0x7f00000000c0)=""/44, 0x2c)

kernel console output (not intermixed with test programs):

rate USB device
[  597.654020][T17127] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3804'.
[  597.662803][T17125] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3808'.
[  597.665648][T17125] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3808'.
[  597.679012][T17127] 8021q: adding VLAN 0 to HW filter on device bond2
[  597.684692][T17127] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3804'.
[  597.688699][   T40] audit: type=1400 audit(1753716683.905:1093): avc:  denied  { mount } for  pid=17122 comm="syz.5.3807" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  597.745998][T17134] FAULT_INJECTION: forcing a failure.
[  597.745998][T17134] name failslab, interval 1, probability 0, space 0, times 0
[  597.752321][T17134] CPU: 2 UID: 0 PID: 17134 Comm: syz.6.3809 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  597.752338][T17134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  597.752345][T17134] Call Trace:
[  597.752350][T17134]  <TASK>
[  597.752354][T17134]  dump_stack_lvl+0x16c/0x1f0
[  597.752377][T17134]  should_fail_ex+0x512/0x640
[  597.752393][T17134]  ? __kmalloc_noprof+0xbf/0x510
[  597.752411][T17134]  ? ovl_lookup+0x1243/0x21a0
[  597.752425][T17134]  should_failslab+0xc2/0x120
[  597.752436][T17134]  __kmalloc_noprof+0xd2/0x510
[  597.752455][T17134]  ovl_lookup+0x1243/0x21a0
[  597.752471][T17134]  ? find_held_lock+0x2b/0x80
[  597.752488][T17134]  ? __pfx_ovl_lookup+0x10/0x10
[  597.752502][T17134]  ? __lock_acquire+0xb8a/0x1c90
[  597.752518][T17134]  ? do_raw_spin_lock+0x12c/0x2b0
[  597.752534][T17134]  ? do_raw_spin_unlock+0x172/0x230
[  597.752546][T17134]  ? _raw_spin_unlock+0x28/0x50
[  597.752564][T17134]  lookup_one_qstr_excl_raw.part.0+0xec/0x160
[  597.752578][T17134]  ? lookup_dcache+0x66/0x170
[  597.752592][T17134]  lookup_one_qstr_excl+0x3e/0x120
[  597.752607][T17134]  do_renameat2+0x5aa/0xc90
[  597.752623][T17134]  ? __pfx_do_renameat2+0x10/0x10
[  597.752636][T17134]  ? find_held_lock+0x2b/0x80
[  597.752648][T17134]  ? __might_fault+0xe3/0x190
[  597.752664][T17134]  ? __might_fault+0x13b/0x190
[  597.752687][T17134]  ? getname_flags.part.0+0x1c5/0x550
[  597.752704][T17134]  __x64_sys_renameat2+0xe7/0x130
[  597.752717][T17134]  do_syscall_64+0xcd/0x4c0
[  597.752729][T17134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  597.752740][T17134] RIP: 0033:0x7fdaa138e9a9
[  597.752750][T17134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  597.752764][T17134] RSP: 002b:00007fdaa21c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  597.752775][T17134] RAX: ffffffffffffffda RBX: 00007fdaa15b5fa0 RCX: 00007fdaa138e9a9
[  597.752782][T17134] RDX: ffffffffffffff9c RSI: 0000200000000080 RDI: ffffffffffffff9c
[  597.752789][T17134] RBP: 00007fdaa21c3090 R08: 0000000000000002 R09: 0000000000000000
[  597.752795][T17134] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  597.752801][T17134] R13: 0000000000000000 R14: 00007fdaa15b5fa0 R15: 00007fff0ecfb248
[  597.752816][T17134]  </TASK>
[  597.954283][T17154] overlayfs: failed to resolve './file1/file0': -2
[  597.960542][T17154] overlayfs: missing 'lowerdir'
[  598.108336][   T29] usb 11-1: new high-speed USB device number 12 using dummy_hcd
[  598.118506][   T60] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  598.259775][   T29] usb 11-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  598.263395][   T29] usb 11-1: config 1 has an invalid descriptor of length 172, skipping remainder of the config
[  598.266612][   T29] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 66
[  598.269985][   T29] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 120, changing to 10
[  598.273559][   T29] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 41290, setting to 1024
[  598.278730][   T29] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  598.280853][   T60] usb 7-1: config 129 has an invalid interface number: 229 but max is 0
[  598.281632][   T29] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  598.285113][   T60] usb 7-1: config 129 has no interface number 0
[  598.287788][   T29] usb 11-1: Product: syz
[  598.290790][   T60] usb 7-1: config 129 interface 229 altsetting 7 bulk endpoint 0x7 has invalid maxpacket 1023
[  598.291682][   T29] usb 11-1: Manufacturer: syz
[  598.295897][   T60] usb 7-1: config 129 interface 229 altsetting 7 endpoint 0xF has an invalid bInterval 255, changing to 11
[  598.300656][   T29] cdc_wdm 11-1:1.0: skipping garbage
[  598.301275][   T60] usb 7-1: config 129 interface 229 altsetting 7 endpoint 0x4 has an invalid bInterval 252, changing to 11
[  598.302853][   T29] cdc_wdm 11-1:1.0: skipping garbage
[  598.307279][   T60] usb 7-1: config 129 interface 229 altsetting 7 has a duplicate endpoint with address 0x3, skipping
[  598.310560][   T29] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device
[  598.313070][   T60] usb 7-1: config 129 interface 229 has no altsetting 0
[  598.314919][   T29] cdc_wdm 11-1:1.0: Unknown control protocol
[  598.320483][   T60] usb 7-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=3c.f5
[  598.323925][   T60] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.326938][   T60] usb 7-1: Product: �
[  598.328722][   T60] usb 7-1: Manufacturer: à ”
[  598.330525][   T60] usb 7-1: SerialNumber: ж
[  598.335511][T17144] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  598.494824][T17157] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3819'.
[  598.502941][ T6042] usb 11-1: USB disconnect, device number 12
[  598.543946][   T60] kobil_sct 7-1:129.229: KOBIL USB smart card terminal converter detected
[  598.549078][   T60] usb 7-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  598.554890][   T60] usb 7-1: USB disconnect, device number 12
[  598.563114][   T60] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  598.566943][   T60] kobil_sct 7-1:129.229: device disconnected
[  598.768140][   T24] usb 10-1: new high-speed USB device number 36 using dummy_hcd
[  598.919322][   T24] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  598.922067][   T24] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  598.925224][   T24] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  598.928385][   T24] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  598.931822][   T24] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  598.936051][   T24] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  598.939000][   T24] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  598.941589][   T24] usb 10-1: Product: syz
[  598.942935][   T24] usb 10-1: Manufacturer: syz
[  598.946977][   T24] cdc_wdm 10-1:1.0: skipping garbage
[  598.948841][   T24] cdc_wdm 10-1:1.0: skipping garbage
[  598.951255][   T24] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  598.953123][   T24] cdc_wdm 10-1:1.0: Unknown control protocol
[  598.958272][ T6042] usb 11-1: new high-speed USB device number 13 using dummy_hcd
[  599.053029][T17162] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  599.056071][T17162] overlayfs: missing 'lowerdir'
[  599.131453][ T6042] usb 11-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  599.134274][ T6042] usb 11-1: config 1 has an invalid descriptor of length 172, skipping remainder of the config
[  599.137573][ T6042] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 66
[  599.140643][ T6042] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 120, changing to 10
[  599.144012][ T6042] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 41290, setting to 1024
[  599.148198][   T10] usb 10-1: USB disconnect, device number 36
[  599.148482][ T6042] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  599.152763][ T6042] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  599.155125][ T6042] usb 11-1: Product: syz
[  599.156436][ T6042] usb 11-1: Manufacturer: syz
[  599.161052][ T6042] cdc_wdm 11-1:1.0: skipping garbage
[  599.162763][ T6042] cdc_wdm 11-1:1.0: skipping garbage
[  599.165120][ T6042] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device
[  599.167040][ T6042] cdc_wdm 11-1:1.0: Unknown control protocol
[  599.384348][T17169] FAULT_INJECTION: forcing a failure.
[  599.384348][T17169] name failslab, interval 1, probability 0, space 0, times 0
[  599.388444][T17169] CPU: 0 UID: 0 PID: 17169 Comm: syz.2.3824 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  599.388459][T17169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  599.388465][T17169] Call Trace:
[  599.388469][T17169]  <TASK>
[  599.388474][T17169]  dump_stack_lvl+0x16c/0x1f0
[  599.388494][T17169]  should_fail_ex+0x512/0x640
[  599.388511][T17169]  ? __kmalloc_noprof+0xbf/0x510
[  599.388528][T17169]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  599.388543][T17169]  should_failslab+0xc2/0x120
[  599.388554][T17169]  __kmalloc_noprof+0xd2/0x510
[  599.388572][T17169]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  599.388590][T17169]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  599.388605][T17169]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  599.388623][T17169]  ? bpf_lsm_capable+0x9/0x10
[  599.388636][T17169]  ? security_capable+0x7e/0x260
[  599.388651][T17169]  ? ns_capable+0xd7/0x110
[  599.388665][T17169]  genl_rcv_msg+0x55c/0x800
[  599.388680][T17169]  ? __pfx_genl_rcv_msg+0x10/0x10
[  599.388694][T17169]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  599.388709][T17169]  netlink_rcv_skb+0x158/0x420
[  599.388721][T17169]  ? __pfx_genl_rcv_msg+0x10/0x10
[  599.388748][T17169]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  599.388765][T17169]  ? netlink_deliver_tap+0x1ae/0xd30
[  599.388779][T17169]  genl_rcv+0x28/0x40
[  599.388790][T17169]  netlink_unicast+0x58a/0x850
[  599.388804][T17169]  ? __pfx_netlink_unicast+0x10/0x10
[  599.388820][T17169]  netlink_sendmsg+0x8d1/0xdd0
[  599.388834][T17169]  ? __pfx_netlink_sendmsg+0x10/0x10
[  599.388851][T17169]  ____sys_sendmsg+0xa98/0xc70
[  599.388865][T17169]  ? copy_msghdr_from_user+0x10a/0x160
[  599.388875][T17169]  ? __pfx_____sys_sendmsg+0x10/0x10
[  599.388894][T17169]  ___sys_sendmsg+0x134/0x1d0
[  599.388904][T17169]  ? __pfx____sys_sendmsg+0x10/0x10
[  599.388913][T17169]  ? __lock_acquire+0x622/0x1c90
[  599.388939][T17169]  __sys_sendmsg+0x16d/0x220
[  599.388949][T17169]  ? __pfx___sys_sendmsg+0x10/0x10
[  599.388967][T17169]  do_syscall_64+0xcd/0x4c0
[  599.388979][T17169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.388990][T17169] RIP: 0033:0x7fc2c4f8e9a9
[  599.388999][T17169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  599.389009][T17169] RSP: 002b:00007fc2c5d21038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  599.389020][T17169] RAX: ffffffffffffffda RBX: 00007fc2c51b5fa0 RCX: 00007fc2c4f8e9a9
[  599.389026][T17169] RDX: 0000000000000000 RSI: 0000200000000640 RDI: 0000000000000003
[  599.389032][T17169] RBP: 00007fc2c5d21090 R08: 0000000000000000 R09: 0000000000000000
[  599.389038][T17169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  599.389044][T17169] R13: 0000000000000000 R14: 00007fc2c51b5fa0 R15: 00007ffc507ec7c8
[  599.389057][T17169]  </TASK>
[  599.419479][   T29] usb 9-1: new high-speed USB device number 123 using dummy_hcd
[  599.541309][T17178] syz_tun: entered allmulticast mode
[  599.543959][T17177] syz_tun: left allmulticast mode
[  599.588306][   T24] usb 10-1: new high-speed USB device number 37 using dummy_hcd
[  599.612551][T17183] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17183 comm=syz.2.3829
[  599.668239][   T29] usb 9-1: Using ep0 maxpacket: 8
[  599.671365][   T29] usb 9-1: config 0 interface 0 has no altsetting 0
[  599.673545][   T29] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  599.676309][   T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.681064][   T29] usb 9-1: config 0 descriptor??
[  599.712896][T17188] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17188 comm=syz.2.3829
[  599.740655][   T24] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  599.744435][   T24] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  599.752417][   T24] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  599.756255][   T24] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  599.760997][   T24] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  599.766707][   T24] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  599.771020][   T24] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  599.773976][   T24] usb 10-1: Product: syz
[  599.775465][   T24] usb 10-1: Manufacturer: syz
[  599.783085][   T24] cdc_wdm 10-1:1.0: skipping garbage
[  599.785266][   T24] cdc_wdm 10-1:1.0: skipping garbage
[  599.788712][   T24] cdc_wdm 10-1:1.0: cdc-wdm1: USB WDM device
[  599.790893][   T24] cdc_wdm 10-1:1.0: Unknown control protocol
[  599.800625][T17190] netlink: 3 bytes leftover after parsing attributes in process `syz.2.3830'.
[  599.803567][T17190] FAULT_INJECTION: forcing a failure.
[  599.803567][T17190] name failslab, interval 1, probability 0, space 0, times 0
[  599.807617][T17190] CPU: 3 UID: 0 PID: 17190 Comm: syz.2.3830 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  599.807633][T17190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  599.807640][T17190] Call Trace:
[  599.807644][T17190]  <TASK>
[  599.807649][T17190]  dump_stack_lvl+0x16c/0x1f0
[  599.807688][T17190]  should_fail_ex+0x512/0x640
[  599.807707][T17190]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  599.807725][T17190]  should_failslab+0xc2/0x120
[  599.807736][T17190]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  599.807752][T17190]  ? __rtnl_unlock+0x68/0xf0
[  599.807764][T17190]  ? __alloc_skb+0x2b2/0x380
[  599.807781][T17190]  __alloc_skb+0x2b2/0x380
[  599.807797][T17190]  ? __pfx___alloc_skb+0x10/0x10
[  599.807812][T17190]  ? call_fib_rule_notifiers+0x11e/0x1d0
[  599.807823][T17190]  ? __pfx_call_fib_rule_notifiers+0x10/0x10
[  599.807837][T17190]  notify_rule_change+0xa6/0x220
[  599.807849][T17190]  fib_delrule+0x1484/0x1bd0
[  599.807863][T17190]  ? __pfx_fib_delrule+0x10/0x10
[  599.807874][T17190]  ? avc_has_perm_noaudit+0xf0/0x3b0
[  599.807905][T17190]  ? find_held_lock+0x2b/0x80
[  599.807919][T17190]  ? __pfx_fib_nl_delrule+0x10/0x10
[  599.807929][T17190]  ? __pfx_fib_nl_delrule+0x10/0x10
[  599.807965][T17190]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  599.807978][T17190]  ? __pfx_fib_nl_delrule+0x10/0x10
[  599.807989][T17190]  rtnetlink_rcv_msg+0x95b/0xe90
[  599.808001][T17190]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  599.808016][T17190]  ? ref_tracker_free+0x37c/0x830
[  599.808028][T17190]  netlink_rcv_skb+0x158/0x420
[  599.808041][T17190]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  599.808052][T17190]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  599.808069][T17190]  ? netlink_deliver_tap+0x1ae/0xd30
[  599.808083][T17190]  netlink_unicast+0x58a/0x850
[  599.808097][T17190]  ? __pfx_netlink_unicast+0x10/0x10
[  599.808108][T17190]  ? __build_skb_around+0x278/0x3b0
[  599.808125][T17190]  netlink_sendmsg+0x8d1/0xdd0
[  599.808141][T17190]  ? __pfx_netlink_sendmsg+0x10/0x10
[  599.808156][T17190]  ? schedule+0x2d7/0x3a0
[  599.808174][T17190]  sock_sendmsg+0x3c9/0x470
[  599.808188][T17190]  ? __pfx_sock_sendmsg+0x10/0x10
[  599.808209][T17190]  splice_to_socket+0xaf6/0x1110
[  599.808233][T17190]  ? __pfx_splice_to_socket+0x10/0x10
[  599.808253][T17190]  ? inode_has_perm+0x16f/0x1d0
[  599.808278][T17190]  ? bpf_lsm_file_permission+0x9/0x10
[  599.808290][T17190]  ? security_file_permission+0x71/0x210
[  599.808301][T17190]  ? rw_verify_area+0xcf/0x680
[  599.808314][T17190]  ? __pfx_splice_to_socket+0x10/0x10
[  599.808331][T17190]  do_splice+0x1478/0x1fc0
[  599.808347][T17190]  ? __lock_acquire+0x622/0x1c90
[  599.808361][T17190]  ? __pfx_do_splice+0x10/0x10
[  599.808375][T17190]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  599.808391][T17190]  ? find_held_lock+0x2b/0x80
[  599.808405][T17190]  __do_splice+0x32a/0x360
[  599.808421][T17190]  ? __pfx___do_splice+0x10/0x10
[  599.808436][T17190]  ? fput+0x50/0xf0
[  599.808450][T17190]  __x64_sys_splice+0x187/0x250
[  599.808468][T17190]  do_syscall_64+0xcd/0x4c0
[  599.808480][T17190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.808491][T17190] RIP: 0033:0x7fc2c4f8e9a9
[  599.808500][T17190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  599.808510][T17190] RSP: 002b:00007fc2c5d21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  599.808521][T17190] RAX: ffffffffffffffda RBX: 00007fc2c51b5fa0 RCX: 00007fc2c4f8e9a9
[  599.808527][T17190] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  599.808533][T17190] RBP: 00007fc2c5d21090 R08: 00000000725e65a6 R09: 0000000000000000
[  599.808539][T17190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  599.808545][T17190] R13: 0000000000000000 R14: 00007fc2c51b5fa0 R15: 00007ffc507ec7c8
[  599.808558][T17190]  </TASK>
[  600.089766][   T29] mcp2221 0003:04D8:00DD.0018: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  600.291098][   T40] audit: type=1326 audit(1753716686.515:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17163 comm="syz.4.3822" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5bb2d8e9a9 code=0x0
[  600.393812][   T24] usb 9-1: USB disconnect, device number 123
[  600.534234][T17193] FAULT_INJECTION: forcing a failure.
[  600.534234][T17193] name failslab, interval 1, probability 0, space 0, times 0
[  600.538425][T17193] CPU: 1 UID: 0 PID: 17193 Comm: syz.5.3820 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  600.538440][T17193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  600.538447][T17193] Call Trace:
[  600.538451][T17193]  <TASK>
[  600.538456][T17193]  dump_stack_lvl+0x16c/0x1f0
[  600.538476][T17193]  should_fail_ex+0x512/0x640
[  600.538492][T17193]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  600.538510][T17193]  should_failslab+0xc2/0x120
[  600.538520][T17193]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  600.538536][T17193]  ? security_file_alloc+0x34/0x2b0
[  600.538549][T17193]  security_file_alloc+0x34/0x2b0
[  600.538560][T17193]  init_file+0x93/0x4c0
[  600.538572][T17193]  alloc_empty_file+0x73/0x1e0
[  600.538585][T17193]  path_openat+0xda/0x2cb0
[  600.538600][T17193]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.538616][T17193]  ? __pfx_path_openat+0x10/0x10
[  600.538632][T17193]  ? __lock_acquire+0xb8a/0x1c90
[  600.538644][T17193]  do_filp_open+0x20b/0x470
[  600.538661][T17193]  ? __pfx_do_filp_open+0x10/0x10
[  600.538685][T17193]  ? alloc_fd+0x471/0x7d0
[  600.538704][T17193]  do_sys_openat2+0x11b/0x1d0
[  600.538716][T17193]  ? __pfx_do_sys_openat2+0x10/0x10
[  600.538729][T17193]  ? __fget_files+0x20e/0x3c0
[  600.538741][T17193]  __x64_sys_openat+0x174/0x210
[  600.538753][T17193]  ? __pfx___x64_sys_openat+0x10/0x10
[  600.538764][T17193]  ? ksys_write+0x1ac/0x250
[  600.538783][T17193]  do_syscall_64+0xcd/0x4c0
[  600.538795][T17193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.538805][T17193] RIP: 0033:0x7f707cf8d310
[  600.538814][T17193] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  600.538824][T17193] RSP: 002b:00007f707add4b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  600.538834][T17193] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f707cf8d310
[  600.538841][T17193] RDX: 0000000000000002 RSI: 00007f707add4c10 RDI: 00000000ffffff9c
[  600.538847][T17193] RBP: 00007f707add4c10 R08: 0000000000000000 R09: 00007f707add4987
[  600.538853][T17193] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  600.538860][T17193] R13: 0000000000000000 R14: 00007f707d1b6080 R15: 00007ffe0157f708
[  600.538872][T17193]  </TASK>
[  600.650842][T17196] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3831'.
[  600.725810][T17198] sp0: Synchronizing with TNC
[  600.732647][T17199] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  600.946019][T17209] syz_tun: entered allmulticast mode
[  600.948806][T17208] syz_tun: left allmulticast mode
[  600.981823][T17211] FAULT_INJECTION: forcing a failure.
[  600.981823][T17211] name failslab, interval 1, probability 0, space 0, times 0
[  600.986364][T17211] CPU: 3 UID: 0 PID: 17211 Comm: syz.2.3837 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  600.986382][T17211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  600.986391][T17211] Call Trace:
[  600.986398][T17211]  <TASK>
[  600.986405][T17211]  dump_stack_lvl+0x16c/0x1f0
[  600.986430][T17211]  should_fail_ex+0x512/0x640
[  600.986452][T17211]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  600.986475][T17211]  should_failslab+0xc2/0x120
[  600.986488][T17211]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  600.986507][T17211]  ? getname_flags.part.0+0x4c/0x550
[  600.986527][T17211]  getname_flags.part.0+0x4c/0x550
[  600.986545][T17211]  getname_flags+0x93/0xf0
[  600.986565][T17211]  __x64_sys_link+0x58/0xa0
[  600.986579][T17211]  do_syscall_64+0xcd/0x4c0
[  600.986594][T17211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.986608][T17211] RIP: 0033:0x7fc2c4f8e9a9
[  600.986620][T17211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  600.986634][T17211] RSP: 002b:00007fc2c5d21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  600.986647][T17211] RAX: ffffffffffffffda RBX: 00007fc2c51b5fa0 RCX: 00007fc2c4f8e9a9
[  600.986657][T17211] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 00002000000001c0
[  600.986666][T17211] RBP: 00007fc2c5d21090 R08: 0000000000000000 R09: 0000000000000000
[  600.986674][T17211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  600.986683][T17211] R13: 0000000000000000 R14: 00007fc2c51b5fa0 R15: 00007ffc507ec7c8
[  600.986701][T17211]  </TASK>
[  601.188516][   T29] usb 11-1: USB disconnect, device number 13
[  601.248509][T17217] netlink: 256 bytes leftover after parsing attributes in process `syz.6.3840'.
[  601.302038][T17219] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  601.362918][T17219] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  601.471330][T17219] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  601.531615][T17219] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  601.640148][T17219] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  601.649863][T17219] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  601.657325][T17219] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  601.668647][T17219] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  601.710333][T17222] FAULT_INJECTION: forcing a failure.
[  601.710333][T17222] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  601.714446][T17222] CPU: 1 UID: 0 PID: 17222 Comm: syz.6.3842 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  601.714461][T17222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  601.714468][T17222] Call Trace:
[  601.714473][T17222]  <TASK>
[  601.714478][T17222]  dump_stack_lvl+0x16c/0x1f0
[  601.714499][T17222]  should_fail_ex+0x512/0x640
[  601.714518][T17222]  _copy_from_user+0x2e/0xd0
[  601.714530][T17222]  input_event_from_user+0x133/0x3b0
[  601.714542][T17222]  ? __pfx_input_event_from_user+0x10/0x10
[  601.714552][T17222]  ? __pfx___might_resched+0x10/0x10
[  601.714566][T17222]  ? input_inject_event+0x1a5/0x390
[  601.714584][T17222]  evdev_write+0x37b/0x750
[  601.714602][T17222]  ? __pfx_evdev_write+0x10/0x10
[  601.714619][T17222]  ? bpf_lsm_file_permission+0x9/0x10
[  601.714631][T17222]  ? security_file_permission+0x71/0x210
[  601.714643][T17222]  ? rw_verify_area+0xcf/0x680
[  601.714657][T17222]  ? __pfx_evdev_write+0x10/0x10
[  601.714672][T17222]  vfs_write+0x2a0/0x1150
[  601.714691][T17222]  ? __pfx_vfs_write+0x10/0x10
[  601.714705][T17222]  ? find_held_lock+0x2b/0x80
[  601.714718][T17222]  ? __fget_files+0x204/0x3c0
[  601.714730][T17222]  ? __fget_files+0x20e/0x3c0
[  601.714743][T17222]  ksys_write+0x1f8/0x250
[  601.714758][T17222]  ? __pfx_ksys_write+0x10/0x10
[  601.714776][T17222]  do_syscall_64+0xcd/0x4c0
[  601.714788][T17222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.714799][T17222] RIP: 0033:0x7fdaa138e9a9
[  601.714808][T17222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  601.714819][T17222] RSP: 002b:00007fdaa21c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  601.714829][T17222] RAX: ffffffffffffffda RBX: 00007fdaa15b5fa0 RCX: 00007fdaa138e9a9
[  601.714836][T17222] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003
[  601.714842][T17222] RBP: 00007fdaa21c3090 R08: 0000000000000000 R09: 0000000000000000
[  601.714848][T17222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  601.714854][T17222] R13: 0000000000000000 R14: 00007fdaa15b5fa0 R15: 00007fff0ecfb248
[  601.714871][T17222]  </TASK>
[  601.749476][T14020] usb 10-1: USB disconnect, device number 37
[  601.883504][T17224] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  601.894111][T17224] overlay: filesystem on ./bus not supported
[  601.896672][   T40] audit: type=1400 audit(1753716688.116:1095): avc:  denied  { mounton } for  pid=17223 comm="syz.5.3843" path="/216/file0/bus" dev="afs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=dir permissive=1
[  601.938998][   T40] audit: type=1400 audit(1753716688.166:1096): avc:  denied  { unmount } for  pid=14403 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  602.032821][T17242] FAULT_INJECTION: forcing a failure.
[  602.032821][T17242] name failslab, interval 1, probability 0, space 0, times 0
[  602.037052][T17242] CPU: 2 UID: 0 PID: 17242 Comm: syz.5.3846 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  602.037068][T17242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  602.037085][T17242] Call Trace:
[  602.037091][T17242]  <TASK>
[  602.037096][T17242]  dump_stack_lvl+0x16c/0x1f0
[  602.037117][T17242]  should_fail_ex+0x512/0x640
[  602.037134][T17242]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  602.037150][T17242]  should_failslab+0xc2/0x120
[  602.037161][T17242]  __kmalloc_cache_noprof+0x6a/0x3e0
[  602.037174][T17242]  ? find_held_lock+0x2b/0x80
[  602.037187][T17242]  ? refill_pi_state_cache+0x89/0x250
[  602.037201][T17242]  refill_pi_state_cache+0x89/0x250
[  602.037212][T17242]  futex_lock_pi+0x173/0x740
[  602.037222][T17242]  ? io_handle_tw_list+0x3c1/0x500
[  602.037237][T17242]  ? __pfx_futex_lock_pi+0x10/0x10
[  602.037252][T17242]  ? tctx_task_work+0x84/0xd0
[  602.037264][T17242]  ? __pfx___might_resched+0x10/0x10
[  602.037283][T17242]  ? __pfx_task_work_run+0x10/0x10
[  602.037296][T17242]  ? __pfx_futex_wake_mark+0x10/0x10
[  602.037311][T17242]  ? ksys_write+0x190/0x250
[  602.037328][T17242]  do_futex+0x11a/0x350
[  602.037344][T17242]  ? __pfx_do_futex+0x10/0x10
[  602.037360][T17242]  ? arch_do_signal_or_restart+0x211/0x7d0
[  602.037375][T17242]  __x64_sys_futex+0x1e0/0x4c0
[  602.037392][T17242]  ? __pfx___x64_sys_futex+0x10/0x10
[  602.037406][T17242]  ? ksys_write+0x1ac/0x250
[  602.037420][T17242]  ? __pfx_ksys_write+0x10/0x10
[  602.037439][T17242]  do_syscall_64+0xcd/0x4c0
[  602.037450][T17242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  602.037461][T17242] RIP: 0033:0x7f707cf8e9a9
[  602.037470][T17242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  602.037480][T17242] RSP: 002b:00007f707add5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  602.037491][T17242] RAX: ffffffffffffffda RBX: 00007f707d1b6080 RCX: 00007f707cf8e9a9
[  602.037497][T17242] RDX: 0000000000000002 RSI: 0000000000000086 RDI: 0000200000000180
[  602.037504][T17242] RBP: 00007f707add5090 R08: 0000000000000000 R09: 00000000fffffffc
[  602.037510][T17242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  602.037516][T17242] R13: 0000000000000000 R14: 00007f707d1b6080 R15: 00007ffe0157f708
[  602.037529][T17242]  </TASK>
[  602.125301][   T40] audit: type=1326 audit(1753716688.346:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17246 comm="syz.2.3849" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc2c4f8e9a9 code=0x0
[  602.173775][T17249] netlink: 'syz.5.3851': attribute type 1 has an invalid length.
[  602.193543][   T40] audit: type=1400 audit(1753716688.416:1098): avc:  denied  { mounton } for  pid=17246 comm="syz.2.3849" path="/proc/1213/task/1214/net/netfilter" dev="proc" ino=4026532941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  602.199585][T17249] 8021q: adding VLAN 0 to HW filter on device bond6
[  602.363286][T17265] FAULT_INJECTION: forcing a failure.
[  602.363286][T17265] name failslab, interval 1, probability 0, space 0, times 0
[  602.367160][T17265] CPU: 3 UID: 0 PID: 17265 Comm: syz.4.3856 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  602.367175][T17265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  602.367182][T17265] Call Trace:
[  602.367187][T17265]  <TASK>
[  602.367192][T17265]  dump_stack_lvl+0x16c/0x1f0
[  602.367212][T17265]  should_fail_ex+0x512/0x640
[  602.367229][T17265]  ? __kvmalloc_node_noprof+0x124/0x620
[  602.367246][T17265]  should_failslab+0xc2/0x120
[  602.367257][T17265]  __kvmalloc_node_noprof+0x137/0x620
[  602.367272][T17265]  ? bpf_uprobe_multi_link_attach+0x4e1/0x1280
[  602.367289][T17265]  ? bpf_uprobe_multi_link_attach+0x4e1/0x1280
[  602.367301][T17265]  bpf_uprobe_multi_link_attach+0x4e1/0x1280
[  602.367315][T17265]  ? find_held_lock+0x2b/0x80
[  602.367330][T17265]  ? __fget_files+0x204/0x3c0
[  602.367341][T17265]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  602.367354][T17265]  ? __fget_files+0x20e/0x3c0
[  602.367366][T17265]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  602.367381][T17265]  __sys_bpf+0x445d/0x4ea0
[  602.367397][T17265]  ? __pfx___sys_bpf+0x10/0x10
[  602.367412][T17265]  ? ksys_write+0x190/0x250
[  602.367428][T17265]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  602.367447][T17265]  ? fput+0x70/0xf0
[  602.367458][T17265]  ? ksys_write+0x1ac/0x250
[  602.367472][T17265]  ? __pfx_ksys_write+0x10/0x10
[  602.367489][T17265]  __x64_sys_bpf+0x78/0xc0
[  602.367503][T17265]  ? lockdep_hardirqs_on+0x7c/0x110
[  602.367520][T17265]  do_syscall_64+0xcd/0x4c0
[  602.367531][T17265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  602.367542][T17265] RIP: 0033:0x7f5bb2d8e9a9
[  602.367551][T17265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  602.367561][T17265] RSP: 002b:00007f5bb3caa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  602.367571][T17265] RAX: ffffffffffffffda RBX: 00007f5bb2fb5fa0 RCX: 00007f5bb2d8e9a9
[  602.367578][T17265] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c
[  602.367584][T17265] RBP: 00007f5bb3caa090 R08: 0000000000000000 R09: 0000000000000000
[  602.367590][T17265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  602.367596][T17265] R13: 0000000000000000 R14: 00007f5bb2fb5fa0 R15: 00007fff14717288
[  602.367609][T17265]  </TASK>
[  602.503356][   T40] audit: type=1400 audit(1753716688.726:1099): avc:  denied  { mount } for  pid=17267 comm="syz.4.3857" name="/" dev="configfs" ino=3096 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  602.513526][   T40] audit: type=1400 audit(1753716688.726:1100): avc:  denied  { setattr } for  pid=17267 comm="syz.4.3857" name="/" dev="configfs" ino=3096 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  602.893429][   T40] audit: type=1400 audit(1753716689.116:1101): avc:  denied  { append } for  pid=17272 comm="syz.5.3858" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  602.900666][   T40] audit: type=1400 audit(1753716689.116:1102): avc:  denied  { map } for  pid=17272 comm="syz.5.3858" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  602.907688][   T40] audit: type=1400 audit(1753716689.116:1103): avc:  denied  { write execute } for  pid=17272 comm="syz.5.3858" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  602.928793][   T40] audit: type=1400 audit(1753716689.156:1104): avc:  denied  { unmount } for  pid=11707 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  602.994966][T17282] netlink: 'syz.5.3862': attribute type 1 has an invalid length.
[  603.000337][T17285] IPv4: Oversized IP packet from 127.202.26.0
[  603.020575][T17282] 8021q: adding VLAN 0 to HW filter on device bond7
[  603.042108][T17288] IPv4: Oversized IP packet from 127.202.26.0
[  603.077586][T17291] FAULT_INJECTION: forcing a failure.
[  603.077586][T17291] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  603.083785][T17291] CPU: 0 UID: 0 PID: 17291 Comm: syz.5.3865 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  603.083800][T17291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  603.083807][T17291] Call Trace:
[  603.083811][T17291]  <TASK>
[  603.083815][T17291]  dump_stack_lvl+0x16c/0x1f0
[  603.083837][T17291]  should_fail_ex+0x512/0x640
[  603.083855][T17291]  should_fail_alloc_page+0xe7/0x130
[  603.083868][T17291]  prepare_alloc_pages+0x3c2/0x610
[  603.083881][T17291]  ? rcu_is_watching+0x12/0xc0
[  603.083897][T17291]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  603.083920][T17291]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  603.083940][T17291]  ? rcu_is_watching+0x12/0xc0
[  603.083953][T17291]  ? trace_kmem_cache_alloc+0x28/0xc0
[  603.083964][T17291]  ? kmem_cache_alloc_node_noprof+0x225/0x3b0
[  603.083980][T17291]  ? kmalloc_reserve+0x18b/0x2c0
[  603.083993][T17291]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  603.084006][T17291]  ? policy_nodemask+0xea/0x4e0
[  603.084017][T17291]  alloc_pages_mpol+0x1fb/0x550
[  603.084028][T17291]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  603.084038][T17291]  ? __pfx___alloc_skb+0x10/0x10
[  603.084056][T17291]  alloc_pages_noprof+0x131/0x390
[  603.084067][T17291]  alloc_skb_with_frags+0x24a/0x860
[  603.084082][T17291]  sock_alloc_send_pskb+0x7fb/0x990
[  603.084098][T17291]  ? _copy_from_iter+0x15d/0x16f0
[  603.084111][T17291]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  603.084126][T17291]  ? find_held_lock+0x2b/0x80
[  603.084146][T17291]  ? dev_get_by_index+0x17c/0x380
[  603.084159][T17291]  packet_sendmsg+0x202a/0x5850
[  603.084182][T17291]  ? sock_has_perm+0x259/0x2f0
[  603.084197][T17291]  ? __pfx_sock_has_perm+0x10/0x10
[  603.084212][T17291]  ? __pfx_packet_sendmsg+0x10/0x10
[  603.084234][T17291]  __sys_sendto+0x4a3/0x520
[  603.084250][T17291]  ? __pfx___sys_sendto+0x10/0x10
[  603.084274][T17291]  ? ksys_write+0x1ac/0x250
[  603.084289][T17291]  ? __pfx_ksys_write+0x10/0x10
[  603.084306][T17291]  __x64_sys_sendto+0xe0/0x1c0
[  603.084320][T17291]  ? do_syscall_64+0x91/0x4c0
[  603.084330][T17291]  ? lockdep_hardirqs_on+0x7c/0x110
[  603.084346][T17291]  do_syscall_64+0xcd/0x4c0
[  603.084356][T17291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.084368][T17291] RIP: 0033:0x7f707cf8e9a9
[  603.084377][T17291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  603.084388][T17291] RSP: 002b:00007f707adf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  603.084398][T17291] RAX: ffffffffffffffda RBX: 00007f707d1b5fa0 RCX: 00007f707cf8e9a9
[  603.084405][T17291] RDX: 0000000000010608 RSI: 0000200000000180 RDI: 0000000000000003
[  603.084411][T17291] RBP: 00007f707adf6090 R08: 0000200000000140 R09: 0000000000000014
[  603.084418][T17291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  603.084424][T17291] R13: 0000000000000000 R14: 00007f707d1b5fa0 R15: 00007ffe0157f708
[  603.084436][T17291]  </TASK>
[  603.090540][T17293] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3866'.
[  603.131482][    C0] sr 2:0:0:0: [sr0] tag#26 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  603.133046][T17297] FAULT_INJECTION: forcing a failure.
[  603.133046][T17297] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  603.133947][    C0] sr 2:0:0:0: [sr0] tag#26 CDB: Test Unit Ready 
[  603.135568][T17297] CPU: 3 UID: 0 PID: 17297 Comm: syz.5.3868 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  603.135585][T17297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  603.135591][T17297] Call Trace:
[  603.135597][T17297]  <TASK>
[  603.135602][T17297]  dump_stack_lvl+0x16c/0x1f0
[  603.135624][T17297]  should_fail_ex+0x512/0x640
[  603.135664][T17297]  _copy_from_user+0x2e/0xd0
[  603.135681][T17297]  input_event_from_user+0x133/0x3b0
[  603.135693][T17297]  ? __pfx_input_event_from_user+0x10/0x10
[  603.135704][T17297]  ? __pfx___might_resched+0x10/0x10
[  603.135718][T17297]  ? input_inject_event+0x1a5/0x390
[  603.135736][T17297]  evdev_write+0x37b/0x750
[  603.135755][T17297]  ? __pfx_evdev_write+0x10/0x10
[  603.135772][T17297]  ? bpf_lsm_file_permission+0x9/0x10
[  603.135783][T17297]  ? security_file_permission+0x71/0x210
[  603.135795][T17297]  ? rw_verify_area+0xcf/0x680
[  603.135809][T17297]  ? __pfx_evdev_write+0x10/0x10
[  603.135824][T17297]  vfs_write+0x2a0/0x1150
[  603.135842][T17297]  ? __pfx_vfs_write+0x10/0x10
[  603.135856][T17297]  ? find_held_lock+0x2b/0x80
[  603.135870][T17297]  ? __fget_files+0x204/0x3c0
[  603.135882][T17297]  ? __fget_files+0x20e/0x3c0
[  603.135895][T17297]  ksys_write+0x1f8/0x250
[  603.135913][T17297]  ? __pfx_ksys_write+0x10/0x10
[  603.135932][T17297]  do_syscall_64+0xcd/0x4c0
[  603.135943][T17297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.135954][T17297] RIP: 0033:0x7f707cf8e9a9
[  603.135963][T17297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  603.135974][T17297] RSP: 002b:00007f707adf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  603.135985][T17297] RAX: ffffffffffffffda RBX: 00007f707d1b5fa0 RCX: 00007f707cf8e9a9
[  603.135992][T17297] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003
[  603.135998][T17297] RBP: 00007f707adf6090 R08: 0000000000000000 R09: 0000000000000000
[  603.136004][T17297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  603.136010][T17297] R13: 0000000000000000 R14: 00007f707d1b5fa0 R15: 00007ffe0157f708
[  603.136023][T17297]  </TASK>
[  603.336533][T17313] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3873'.
[  603.348123][T17313] team_slave_0: entered promiscuous mode
[  603.350662][T17313] team_slave_1: entered promiscuous mode
[  603.354010][T17313] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  603.359740][T17313] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3873'.
[  603.360992][T17315] netlink: 'syz.4.3874': attribute type 1 has an invalid length.
[  603.365059][T17315] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.3874'.
[  603.365327][T17313] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  603.377288][T17313] IPv4: Oversized IP packet from 172.20.20.24
[  603.381415][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  603.384233][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  603.808148][T14020] usb 11-1: new full-speed USB device number 14 using dummy_hcd
[  603.969322][T14020] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  603.972354][T14020] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  603.976202][T14020] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  603.979307][T14020] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.185214][T14020] usb 11-1: GET_CAPABILITIES returned 0
[  604.187068][T14020] usbtmc 11-1:16.0: can't read capabilities
[  604.261309][T17339] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  604.264080][T17339] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  604.269494][T17339] vhci_hcd vhci_hcd.0: Device attached
[  604.273017][T17340] vhci_hcd: connection closed
[  604.275250][T16134] vhci_hcd: stop threads
[  604.279117][T16134] vhci_hcd: release socket
[  604.280574][T16134] vhci_hcd: disconnect device
[  604.480959][T14020] usb 11-1: USB disconnect, device number 14
[  604.830156][T17347] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3886'.
[  604.834371][T17347] vxcan1: tx address claim with dlc 1
[  604.914651][T17357] SET target dimension over the limit!
[  604.962509][T17361] 9pnet_virtio: no channels available for device syz
[  605.020537][T17370] FAULT_INJECTION: forcing a failure.
[  605.020537][T17370] name failslab, interval 1, probability 0, space 0, times 0
[  605.024670][T17370] CPU: 0 UID: 0 PID: 17370 Comm: syz.2.3893 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  605.024686][T17370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  605.024693][T17370] Call Trace:
[  605.024698][T17370]  <TASK>
[  605.024704][T17370]  dump_stack_lvl+0x16c/0x1f0
[  605.024726][T17370]  should_fail_ex+0x512/0x640
[  605.024742][T17370]  ? fs_reclaim_acquire+0xae/0x150
[  605.024757][T17370]  should_failslab+0xc2/0x120
[  605.024767][T17370]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  605.024785][T17370]  ? p9_tag_alloc+0x9c/0x640
[  605.024797][T17370]  p9_tag_alloc+0x9c/0x640
[  605.024808][T17370]  ? __pfx_p9_tag_alloc+0x10/0x10
[  605.024817][T17370]  ? stack_depot_save_flags+0x28/0xa40
[  605.024839][T17370]  p9_client_prepare_req+0x19b/0x4d0
[  605.024850][T17370]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  605.024865][T17370]  ? do_filp_open+0x20b/0x470
[  605.024883][T17370]  ? __lock_acquire+0xb8a/0x1c90
[  605.024895][T17370]  p9_client_rpc+0x1c4/0xc50
[  605.024907][T17370]  ? __pfx_p9_client_rpc+0x10/0x10
[  605.024919][T17370]  ? idr_alloc_u32+0x20f/0x2f0
[  605.024936][T17370]  ? find_held_lock+0x2b/0x80
[  605.024949][T17370]  ? idr_preload_end+0xc2/0x230
[  605.024962][T17370]  p9_client_attach+0x156/0x2b0
[  605.024975][T17370]  ? __pfx_p9_client_attach+0x10/0x10
[  605.024987][T17370]  ? v9fs_fid_lookup+0x4bd/0xeb0
[  605.025003][T17370]  v9fs_fid_lookup+0x97a/0xeb0
[  605.025016][T17370]  ? __pfx_v9fs_mapped_dotl_flags+0x10/0x10
[  605.025034][T17370]  v9fs_vfs_lookup+0x1a1/0x5b0
[  605.025050][T17370]  ? __pfx_v9fs_vfs_lookup+0x10/0x10
[  605.025068][T17370]  ? find_held_lock+0x2b/0x80
[  605.025082][T17370]  v9fs_vfs_atomic_open_dotl+0x215/0xd40
[  605.025094][T17370]  ? d_alloc_parallel+0x6ae/0x12e0
[  605.025109][T17370]  ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10
[  605.025123][T17370]  ? __pfx_d_alloc_parallel+0x10/0x10
[  605.025139][T17370]  ? __d_lookup+0x266/0x4a0
[  605.025154][T17370]  ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10
[  605.025165][T17370]  lookup_open.isra.0+0x83d/0x1580
[  605.025183][T17370]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  605.025204][T17370]  ? mnt_get_write_access+0x20c/0x300
[  605.025220][T17370]  path_openat+0x893/0x2cb0
[  605.025240][T17370]  ? __pfx_path_openat+0x10/0x10
[  605.025260][T17370]  do_filp_open+0x20b/0x470
[  605.025276][T17370]  ? __pfx_do_filp_open+0x10/0x10
[  605.025301][T17370]  ? _raw_spin_unlock+0x28/0x50
[  605.025316][T17370]  ? alloc_fd+0x471/0x7d0
[  605.025336][T17370]  do_sys_openat2+0x11b/0x1d0
[  605.025349][T17370]  ? __pfx_do_sys_openat2+0x10/0x10
[  605.025362][T17370]  ? __fget_files+0x20e/0x3c0
[  605.025373][T17370]  __x64_sys_open+0x153/0x1e0
[  605.025385][T17370]  ? __pfx___x64_sys_open+0x10/0x10
[  605.025400][T17370]  ? rcu_is_watching+0x12/0xc0
[  605.025415][T17370]  do_syscall_64+0xcd/0x4c0
[  605.025428][T17370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.025439][T17370] RIP: 0033:0x7fc2c4f8e9a9
[  605.025449][T17370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  605.025459][T17370] RSP: 002b:00007fc2c5d21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  605.025470][T17370] RAX: ffffffffffffffda RBX: 00007fc2c51b5fa0 RCX: 00007fc2c4f8e9a9
[  605.025476][T17370] RDX: 00000000000000fe RSI: 000000000000033f RDI: 0000200000000140
[  605.025482][T17370] RBP: 00007fc2c5d21090 R08: 0000000000000000 R09: 0000000000000000
[  605.025489][T17370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  605.025495][T17370] R13: 0000000000000000 R14: 00007fc2c51b5fa0 R15: 00007ffc507ec7c8
[  605.025507][T17370]  </TASK>
[  605.271809][T17372] sd 0:0:0:0: PR command failed: 1026
[  605.274188][T17372] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[  605.277058][T17372] sd 0:0:0:0: Add. Sense: Invalid command operation code
[  605.280008][T17372] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3895'.
[  605.332291][T17377] FAULT_INJECTION: forcing a failure.
[  605.332291][T17377] name failslab, interval 1, probability 0, space 0, times 0
[  605.336432][T17377] CPU: 3 UID: 0 PID: 17377 Comm: syz.6.3894 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  605.336448][T17377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  605.336455][T17377] Call Trace:
[  605.336459][T17377]  <TASK>
[  605.336464][T17377]  dump_stack_lvl+0x16c/0x1f0
[  605.336485][T17377]  should_fail_ex+0x512/0x640
[  605.336503][T17377]  ? __kmalloc_noprof+0xbf/0x510
[  605.336519][T17377]  ? sg_kmalloc+0x35/0x70
[  605.336533][T17377]  should_failslab+0xc2/0x120
[  605.336544][T17377]  __kmalloc_noprof+0xd2/0x510
[  605.336562][T17377]  sg_kmalloc+0x35/0x70
[  605.336576][T17377]  __sg_alloc_table+0x25d/0x390
[  605.336591][T17377]  sg_alloc_table+0x37/0x1c0
[  605.336605][T17377]  ? __pfx_sg_kmalloc+0x10/0x10
[  605.336620][T17377]  system_heap_attach+0x11f/0x840
[  605.336636][T17377]  ? kasan_save_track+0x14/0x30
[  605.336651][T17377]  ? __pfx_system_heap_attach+0x10/0x10
[  605.336665][T17377]  dma_buf_dynamic_attach+0x1f3/0x530
[  605.336681][T17377]  drm_gem_prime_import_dev+0xb4/0x440
[  605.336697][T17377]  virtgpu_gem_prime_import+0x16c/0x800
[  605.336711][T17377]  ? __pfx_virtgpu_gem_prime_import+0x10/0x10
[  605.336723][T17377]  ? __pfx___mutex_lock+0x10/0x10
[  605.336733][T17377]  ? find_held_lock+0x2b/0x80
[  605.336747][T17377]  ? __fget_files+0x204/0x3c0
[  605.336759][T17377]  ? __fget_files+0x20e/0x3c0
[  605.336769][T17377]  ? __pfx_virtgpu_gem_prime_import+0x10/0x10
[  605.336782][T17377]  drm_gem_prime_fd_to_handle+0x1a6/0x5f0
[  605.336799][T17377]  drm_prime_fd_to_handle_ioctl+0xd6/0x110
[  605.336814][T17377]  drm_ioctl_kernel+0x1f4/0x3e0
[  605.336824][T17377]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  605.336839][T17377]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  605.336853][T17377]  drm_ioctl+0x5c9/0xc30
[  605.336865][T17377]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  605.336880][T17377]  ? __pfx_drm_ioctl+0x10/0x10
[  605.336895][T17377]  ? selinux_file_ioctl+0x180/0x270
[  605.336905][T17377]  ? selinux_file_ioctl+0xb4/0x270
[  605.336915][T17377]  ? __pfx_drm_ioctl+0x10/0x10
[  605.336926][T17377]  __x64_sys_ioctl+0x18e/0x210
[  605.336941][T17377]  do_syscall_64+0xcd/0x4c0
[  605.336952][T17377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.336963][T17377] RIP: 0033:0x7fdaa138e9a9
[  605.336973][T17377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  605.336983][T17377] RSP: 002b:00007fdaa21c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  605.336993][T17377] RAX: ffffffffffffffda RBX: 00007fdaa15b5fa0 RCX: 00007fdaa138e9a9
[  605.337000][T17377] RDX: 00002000000000c0 RSI: 00000000c00c642e RDI: 0000000000000005
[  605.337006][T17377] RBP: 00007fdaa21c3090 R08: 0000000000000000 R09: 0000000000000000
[  605.337012][T17377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  605.337018][T17377] R13: 0000000000000000 R14: 00007fdaa15b5fa0 R15: 00007fff0ecfb248
[  605.337031][T17377]  </TASK>
[  605.390377][T17379] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  605.422444][T17384] FAULT_INJECTION: forcing a failure.
[  605.422444][T17384] name failslab, interval 1, probability 0, space 0, times 0
[  605.424087][T17380] syzkaller0: entered promiscuous mode
[  605.426071][T17384] CPU: 3 UID: 0 PID: 17384 Comm: syz.6.3899 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  605.426087][T17384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  605.426093][T17384] Call Trace:
[  605.426098][T17384]  <TASK>
[  605.426103][T17384]  dump_stack_lvl+0x16c/0x1f0
[  605.426123][T17384]  should_fail_ex+0x512/0x640
[  605.426140][T17384]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  605.426158][T17384]  should_failslab+0xc2/0x120
[  605.426173][T17384]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  605.426188][T17384]  ? __kernfs_new_node+0xd2/0x8e0
[  605.426201][T17384]  __kernfs_new_node+0xd2/0x8e0
[  605.426213][T17384]  ? __pfx___kernfs_new_node+0x10/0x10
[  605.426226][T17384]  ? find_held_lock+0x2b/0x80
[  605.426241][T17384]  ? kernfs_root+0xee/0x2a0
[  605.426254][T17384]  kernfs_new_node+0x13c/0x1e0
[  605.426268][T17384]  __kernfs_create_file+0x53/0x350
[  605.426285][T17384]  sysfs_add_file_mode_ns+0x207/0x3c0
[  605.426304][T17384]  internal_create_group+0x578/0xf30
[  605.426318][T17384]  ? __pfx_internal_create_group+0x10/0x10
[  605.426334][T17384]  loop_configure+0xc4c/0x1720
[  605.426359][T17384]  ? __pfx_loop_configure+0x10/0x10
[  605.426384][T17384]  lo_ioctl+0x1295/0x2760
[  605.426398][T17384]  ? __lock_acquire+0xb8a/0x1c90
[  605.426410][T17384]  ? __lock_acquire+0x622/0x1c90
[  605.426424][T17384]  ? __pfx_lo_ioctl+0x10/0x10
[  605.426438][T17384]  ? find_held_lock+0x2b/0x80
[  605.426451][T17384]  ? avc_has_extended_perms+0x33a/0x1090
[  605.426466][T17384]  ? avc_has_extended_perms+0x47c/0x1090
[  605.426482][T17384]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  605.426495][T17384]  ? kasan_quarantine_put+0x10a/0x240
[  605.426510][T17384]  ? lockdep_hardirqs_on+0x7c/0x110
[  605.426527][T17384]  ? find_held_lock+0x2b/0x80
[  605.426543][T17384]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  605.426557][T17384]  ? blkdev_common_ioctl+0x1dd/0x2480
[  605.426586][T17384]  ? __pfx_lo_ioctl+0x10/0x10
[  605.426600][T17384]  blkdev_ioctl+0x274/0x6d0
[  605.426613][T17384]  ? __pfx_blkdev_ioctl+0x10/0x10
[  605.426625][T17384]  ? selinux_file_ioctl+0x180/0x270
[  605.426635][T17384]  ? selinux_file_ioctl+0xb4/0x270
[  605.426645][T17384]  ? __pfx_blkdev_ioctl+0x10/0x10
[  605.426659][T17384]  __x64_sys_ioctl+0x18e/0x210
[  605.426675][T17384]  do_syscall_64+0xcd/0x4c0
[  605.426685][T17384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.426697][T17384] RIP: 0033:0x7fdaa138e9a9
[  605.426706][T17384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  605.426717][T17384] RSP: 002b:00007fdaa21c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  605.426727][T17384] RAX: ffffffffffffffda RBX: 00007fdaa15b5fa0 RCX: 00007fdaa138e9a9
[  605.426734][T17384] RDX: 0000200000000440 RSI: 0000000000004c0a RDI: 0000000000000005
[  605.426740][T17384] RBP: 00007fdaa21c3090 R08: 0000000000000000 R09: 0000000000000000
[  605.426746][T17384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  605.426753][T17384] R13: 0000000000000000 R14: 00007fdaa15b5fa0 R15: 00007fff0ecfb248
[  605.426766][T17384]  </TASK>
[  605.561386][T17380] syzkaller0: entered allmulticast mode
[  605.592140][T17385] tipc: Resetting bearer <eth:syzkaller0>
[  605.601694][T17389] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3900'.
[  605.617327][T17389] FAULT_INJECTION: forcing a failure.
[  605.617327][T17389] name failslab, interval 1, probability 0, space 0, times 0
[  605.618382][T17385] tipc: Disabling bearer <eth:syzkaller0>
[  605.621693][T17389] CPU: 3 UID: 0 PID: 17389 Comm: syz.2.3900 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  605.621717][T17389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  605.621728][T17389] Call Trace:
[  605.621735][T17389]  <TASK>
[  605.621743][T17389]  dump_stack_lvl+0x16c/0x1f0
[  605.621775][T17389]  should_fail_ex+0x512/0x640
[  605.621801][T17389]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  605.621830][T17389]  should_failslab+0xc2/0x120
[  605.621848][T17389]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  605.621874][T17389]  ? skb_clone+0x190/0x3f0
[  605.621895][T17389]  skb_clone+0x190/0x3f0
[  605.621913][T17389]  nfnetlink_rcv_batch+0x1cf/0x2330
[  605.621935][T17389]  ? kmem_cache_free+0x2d1/0x4d0
[  605.621967][T17389]  ? __lock_acquire+0x622/0x1c90
[  605.621986][T17389]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  605.622025][T17389]  ? avc_has_perm_noaudit+0x149/0x3b0
[  605.622049][T17389]  ? __asan_memset+0x23/0x50
[  605.622073][T17389]  ? __nla_validate_parse+0x600/0x2880
[  605.622099][T17389]  ? __pfx___nla_validate_parse+0x10/0x10
[  605.622122][T17389]  ? cap_capable+0xb3/0x250
[  605.622150][T17389]  ? __nla_parse+0x40/0x60
[  605.622177][T17389]  nfnetlink_rcv+0x3c1/0x430
[  605.622201][T17389]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  605.622231][T17389]  netlink_unicast+0x58a/0x850
[  605.622255][T17389]  ? __pfx_netlink_unicast+0x10/0x10
[  605.622282][T17389]  netlink_sendmsg+0x8d1/0xdd0
[  605.622307][T17389]  ? __pfx_netlink_sendmsg+0x10/0x10
[  605.622336][T17389]  __sys_sendto+0x4a3/0x520
[  605.622362][T17389]  ? __pfx___sys_sendto+0x10/0x10
[  605.622395][T17389]  ? find_held_lock+0x2b/0x80
[  605.622433][T17389]  __x64_sys_sendto+0xe0/0x1c0
[  605.622457][T17389]  ? do_syscall_64+0x91/0x4c0
[  605.622473][T17389]  ? lockdep_hardirqs_on+0x7c/0x110
[  605.622499][T17389]  do_syscall_64+0xcd/0x4c0
[  605.622516][T17389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.622535][T17389] RIP: 0033:0x7fc2c4f9083c
[  605.622549][T17389] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  605.622566][T17389] RSP: 002b:00007fc2c5d1fec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  605.622584][T17389] RAX: ffffffffffffffda RBX: 00007fc2c5d1ffc0 RCX: 00007fc2c4f9083c
[  605.622595][T17389] RDX: 0000000000000020 RSI: 00007fc2c5d20010 RDI: 0000000000000003
[  605.622606][T17389] RBP: 0000000000000000 R08: 00007fc2c5d1ff14 R09: 000000000000000c
[  605.622617][T17389] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  605.622627][T17389] R13: 00007fc2c5d1ff68 R14: 00007fc2c5d20010 R15: 0000000000000000
[  605.622649][T17389]  </TASK>
[  605.812721][T17403] netlink: 'syz.4.3906': attribute type 10 has an invalid length.
[  605.815998][T17403] lo: entered promiscuous mode
[  605.819164][T17403] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  606.097773][T14020] usb 11-1: new high-speed USB device number 15 using dummy_hcd
[  606.133332][T17419] netlink: zone id is out of range
[  606.135299][T17419] netlink: zone id is out of range
[  606.147917][T17419] netlink: set zone limit has 4 unknown bytes
[  606.164593][T17419] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3912'.
[  606.258963][T14020] usb 11-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  606.262007][T14020] usb 11-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  606.265240][T14020] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 66
[  606.268293][T14020] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  606.271816][T14020] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  606.278729][T14020] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  606.281866][T14020] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  606.284467][T14020] usb 11-1: Product: syz
[  606.285903][T14020] usb 11-1: Manufacturer: syz
[  606.292040][T14020] cdc_wdm 11-1:1.0: skipping garbage
[  606.293836][T14020] cdc_wdm 11-1:1.0: skipping garbage
[  606.296935][T14020] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device
[  606.299316][T14020] cdc_wdm 11-1:1.0: Unknown control protocol
[  606.355304][T17428] input: syz0 as /devices/virtual/input/input35
[  606.438589][T17430] FAULT_INJECTION: forcing a failure.
[  606.438589][T17430] name failslab, interval 1, probability 0, space 0, times 0
[  606.443016][T17430] CPU: 3 UID: 0 PID: 17430 Comm: syz.2.3915 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  606.443031][T17430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  606.443038][T17430] Call Trace:
[  606.443043][T17430]  <TASK>
[  606.443047][T17430]  dump_stack_lvl+0x16c/0x1f0
[  606.443069][T17430]  should_fail_ex+0x512/0x640
[  606.443086][T17430]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  606.443105][T17430]  should_failslab+0xc2/0x120
[  606.443116][T17430]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  606.443131][T17430]  ? __alloc_skb+0x2b2/0x380
[  606.443150][T17430]  __alloc_skb+0x2b2/0x380
[  606.443165][T17430]  ? __pfx___alloc_skb+0x10/0x10
[  606.443183][T17430]  ? netlink_has_listeners+0x20f/0x430
[  606.443196][T17430]  alloc_uevent_skb+0x7d/0x210
[  606.443210][T17430]  kobject_uevent_env+0xca4/0x1870
[  606.443228][T17430]  lo_ioctl+0x7ef/0x2760
[  606.443247][T17430]  ? __lock_acquire+0x622/0x1c90
[  606.443263][T17430]  ? __pfx_lo_ioctl+0x10/0x10
[  606.443276][T17430]  ? find_held_lock+0x2b/0x80
[  606.443289][T17430]  ? avc_has_extended_perms+0x33a/0x1090
[  606.443308][T17430]  ? avc_has_extended_perms+0x47c/0x1090
[  606.443324][T17430]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  606.443337][T17430]  ? kasan_quarantine_put+0x10a/0x240
[  606.443351][T17430]  ? lockdep_hardirqs_on+0x7c/0x110
[  606.443370][T17430]  ? find_held_lock+0x2b/0x80
[  606.443385][T17430]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  606.443399][T17430]  ? blkdev_common_ioctl+0x1dd/0x2480
[  606.443413][T17430]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  606.443425][T17430]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  606.443439][T17430]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  606.443456][T17430]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  606.443467][T17430]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  606.443479][T17430]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  606.443494][T17430]  ? __pfx_lo_ioctl+0x10/0x10
[  606.443508][T17430]  blkdev_ioctl+0x274/0x6d0
[  606.443521][T17430]  ? __pfx_blkdev_ioctl+0x10/0x10
[  606.443534][T17430]  ? selinux_file_ioctl+0x180/0x270
[  606.443543][T17430]  ? selinux_file_ioctl+0xb4/0x270
[  606.443553][T17430]  ? __pfx_blkdev_ioctl+0x10/0x10
[  606.443567][T17430]  __x64_sys_ioctl+0x18e/0x210
[  606.443581][T17430]  do_syscall_64+0xcd/0x4c0
[  606.443592][T17430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.443604][T17430] RIP: 0033:0x7fc2c4f8e9a9
[  606.443633][T17430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  606.443643][T17430] RSP: 002b:00007fc2c5d21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  606.443654][T17430] RAX: ffffffffffffffda RBX: 00007fc2c51b5fa0 RCX: 00007fc2c4f8e9a9
[  606.443661][T17430] RDX: 0000000000000003 RSI: 0000000000004c06 RDI: 0000000000000004
[  606.443667][T17430] RBP: 00007fc2c5d21090 R08: 0000000000000000 R09: 0000000000000000
[  606.443673][T17430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  606.443680][T17430] R13: 0000000000000000 R14: 00007fc2c51b5fa0 R15: 00007ffc507ec7c8
[  606.443693][T17430]  </TASK>
[  606.678260][T17439] FAULT_INJECTION: forcing a failure.
[  606.678260][T17439] name failslab, interval 1, probability 0, space 0, times 0
[  606.682574][T17439] CPU: 2 UID: 0 PID: 17439 Comm: syz.2.3919 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  606.682589][T17439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  606.682596][T17439] Call Trace:
[  606.682600][T17439]  <TASK>
[  606.682605][T17439]  dump_stack_lvl+0x16c/0x1f0
[  606.682626][T17439]  should_fail_ex+0x512/0x640
[  606.682642][T17439]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  606.682659][T17439]  should_failslab+0xc2/0x120
[  606.682681][T17439]  __kmalloc_cache_noprof+0x6a/0x3e0
[  606.682696][T17439]  ? do_raw_spin_unlock+0x172/0x230
[  606.682708][T17439]  ? p9_fid_create+0x41/0x260
[  606.682724][T17439]  p9_fid_create+0x41/0x260
[  606.682734][T17439]  p9_client_walk+0xc5/0x530
[  606.682746][T17439]  ? __lock_acquire+0xb8a/0x1c90
[  606.682756][T17439]  ? __pfx_p9_client_walk+0x10/0x10
[  606.682770][T17439]  ? v9fs_fid_lookup+0xe9/0xeb0
[  606.682785][T17439]  v9fs_vfs_lookup+0x206/0x5b0
[  606.682806][T17439]  ? __pfx_v9fs_vfs_lookup+0x10/0x10
[  606.682820][T17439]  ? d_alloc+0x176/0x1e0
[  606.682832][T17439]  ? do_raw_spin_unlock+0x172/0x230
[  606.682844][T17439]  ? _raw_spin_unlock+0x28/0x50
[  606.682861][T17439]  lookup_one_qstr_excl_raw.part.0+0xec/0x160
[  606.682875][T17439]  ? lookup_dcache+0x66/0x170
[  606.682888][T17439]  lookup_one_qstr_excl+0x3e/0x120
[  606.682902][T17439]  do_renameat2+0x5aa/0xc90
[  606.682917][T17439]  ? __pfx_do_renameat2+0x10/0x10
[  606.682929][T17439]  ? find_held_lock+0x2b/0x80
[  606.682941][T17439]  ? __might_fault+0xe3/0x190
[  606.682956][T17439]  ? __might_fault+0x13b/0x190
[  606.682978][T17439]  ? getname_flags.part.0+0x1c5/0x550
[  606.682993][T17439]  __x64_sys_rename+0x7d/0xa0
[  606.683005][T17439]  do_syscall_64+0xcd/0x4c0
[  606.683016][T17439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.683029][T17439] RIP: 0033:0x7fc2c4f8e9a9
[  606.683038][T17439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  606.683050][T17439] RSP: 002b:00007fc2c5d21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  606.683061][T17439] RAX: ffffffffffffffda RBX: 00007fc2c51b5fa0 RCX: 00007fc2c4f8e9a9
[  606.683067][T17439] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000200000000180
[  606.683074][T17439] RBP: 00007fc2c5d21090 R08: 0000000000000000 R09: 0000000000000000
[  606.683080][T17439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  606.683085][T17439] R13: 0000000000000000 R14: 00007fc2c51b5fa0 R15: 00007ffc507ec7c8
[  606.683099][T17439]  </TASK>
[  606.715262][T17443] 9pnet_virtio: no channels available for device syz
[  606.715957][    C2] vkms_vblank_simulate: vblank timer overrun
[  606.773276][    C2] vkms_vblank_simulate: vblank timer overrun
[  606.861529][T17454] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3923'.
[  607.000933][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  607.000943][   T40] audit: type=1400 audit(1753716693.226:1113): avc:  denied  { map } for  pid=17466 comm="syz.5.3932" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  607.010499][   T40] audit: type=1400 audit(1753716693.236:1114): avc:  denied  { ioctl } for  pid=17466 comm="syz.5.3932" path="/dev/usbmon0" dev="devtmpfs" ino=737 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  607.014295][T17467] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3932'.
[  607.075206][T17475] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.192563][T17475] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.264058][T17475] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.372580][T17475] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.500277][T17475] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  607.509592][T17475] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  607.518178][T17475] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  607.527208][T17475] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  607.628241][   T40] audit: type=1400 audit(1753716693.846:1115): avc:  denied  { map } for  pid=17490 comm="syz.5.3942" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  607.635799][   T40] audit: type=1400 audit(1753716693.846:1116): avc:  denied  { execute } for  pid=17490 comm="syz.5.3942" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  607.638619][T17493] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  607.750451][T17505] loop7: detected capacity change from 0 to 7
[  607.753453][    C2] blk_print_req_error: 25 callbacks suppressed
[  607.753463][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.758328][    C2] buffer_io_error: 25 callbacks suppressed
[  607.758336][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.763202][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.766088][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.768932][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.771825][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.774500][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.777367][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.780051][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.783253][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.786679][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.789734][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.792441][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.795418][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.798037][T10677] ldm_validate_partition_table(): Disk read failed.
[  607.800307][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.803116][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.805597][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.808579][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.811666][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  607.815321][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  607.818280][T10677] Dev loop7: unable to read RDB block 0
[  607.821035][T10677]  loop7: unable to read partition table
[  607.823156][T10677] loop7: partition table beyond EOD, truncated
[  607.828105][T17505] ldm_validate_partition_table(): Disk read failed.
[  607.831548][T17505] Dev loop7: unable to read RDB block 0
[  607.834348][T17505]  loop7: unable to read partition table
[  607.836855][T17505] loop7: partition table beyond EOD, truncated
[  607.839725][T17505] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  607.916965][T17508] loop2: detected capacity change from 0 to 7
[  607.917633][   T24] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  607.923630][T17508] Dev loop2: unable to read RDB block 7
[  607.926039][T17508]  loop2: AHDI p1 p2 p3
[  607.928606][T17508] loop2: partition table partially beyond EOD, truncated
[  607.931232][T17508] loop2: p1 start 1601398130 is beyond EOD, truncated
[  607.933395][T17508] loop2: p2 start 1702059890 is beyond EOD, truncated
[  607.942379][T17508] can0: slcan on ptm0.
[  608.008776][T17507] can0 (unregistered): slcan off ptm0.
[  608.067724][   T24] usb 7-1: Using ep0 maxpacket: 8
[  608.072146][   T24] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  608.074740][   T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  608.078131][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  608.081209][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  608.084191][   T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  608.084918][T17511] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  608.088303][   T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  608.091433][T17511] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  608.097703][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.189106][T17511] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  608.192448][T17511] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  608.278469][T17511] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  608.282494][T17511] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  608.309396][   T24] usb 7-1: usb_control_msg returned -32
[  608.311335][   T24] usbtmc 7-1:16.0: can't read capabilities
[  608.375921][T17511] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  608.380341][T17511] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  608.485413][T17511] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  608.488249][T17511] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  608.496327][T17511] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  608.498987][T17511] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  608.508863][T17511] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  608.511464][T17511] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  608.519790][T17511] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  608.522343][T17511] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  608.564255][T17514] openvswitch: netlink: Duplicate or invalid key (type 0).
[  608.567404][T17514] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  609.060649][T17521] xfrm0: entered allmulticast mode
[  609.106731][T17523] FAULT_INJECTION: forcing a failure.
[  609.106731][T17523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  609.111087][T17523] CPU: 0 UID: 0 PID: 17523 Comm: syz.5.3952 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  609.111112][T17523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  609.111122][T17523] Call Trace:
[  609.111129][T17523]  <TASK>
[  609.111137][T17523]  dump_stack_lvl+0x16c/0x1f0
[  609.111170][T17523]  should_fail_ex+0x512/0x640
[  609.111200][T17523]  _copy_to_user+0x32/0xd0
[  609.111219][T17523]  simple_read_from_buffer+0xcb/0x170
[  609.111248][T17523]  proc_fail_nth_read+0x197/0x270
[  609.111274][T17523]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  609.111300][T17523]  ? rw_verify_area+0xcf/0x680
[  609.111321][T17523]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  609.111346][T17523]  vfs_read+0x1e1/0xc60
[  609.111374][T17523]  ? __pfx___mutex_lock+0x10/0x10
[  609.111392][T17523]  ? __pfx_vfs_read+0x10/0x10
[  609.111423][T17523]  ? __fget_files+0x20e/0x3c0
[  609.111447][T17523]  ksys_read+0x12a/0x250
[  609.111470][T17523]  ? __pfx_ksys_read+0x10/0x10
[  609.111495][T17523]  ? fdget+0x187/0x210
[  609.111513][T17523]  do_syscall_64+0xcd/0x4c0
[  609.111532][T17523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  609.111550][T17523] RIP: 0033:0x7f707cf8d3bc
[  609.111565][T17523] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  609.111581][T17523] RSP: 002b:00007f707adf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  609.111622][T17523] RAX: ffffffffffffffda RBX: 00007f707d1b5fa0 RCX: 00007f707cf8d3bc
[  609.111635][T17523] RDX: 000000000000000f RSI: 00007f707adf60a0 RDI: 0000000000000009
[  609.111647][T17523] RBP: 00007f707adf6090 R08: 0000000000000000 R09: 0000000000000000
[  609.111657][T17523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  609.111667][T17523] R13: 0000000000000000 R14: 00007f707d1b5fa0 R15: 00007ffe0157f708
[  609.111691][T17523]  </TASK>
[  609.527690][   T10] usb 10-1: new high-speed USB device number 38 using dummy_hcd
[  609.689003][   T10] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  609.691756][   T10] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  609.694927][   T10] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  609.697913][   T10] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  609.701328][   T10] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  609.705922][   T10] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  609.708896][   T10] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  609.711446][   T10] usb 10-1: Product: syz
[  609.712793][   T10] usb 10-1: Manufacturer: syz
[  609.716777][   T10] cdc_wdm 10-1:1.0: skipping garbage
[  609.718537][   T10] cdc_wdm 10-1:1.0: skipping garbage
[  610.519698][T17527] FAULT_INJECTION: forcing a failure.
[  610.519698][T17527] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  610.523878][T17527] CPU: 2 UID: 0 PID: 17527 Comm: syz.5.3953 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  610.523893][T17527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  610.523900][T17527] Call Trace:
[  610.523905][T17527]  <TASK>
[  610.523911][T17527]  dump_stack_lvl+0x16c/0x1f0
[  610.523932][T17527]  should_fail_ex+0x512/0x640
[  610.523951][T17527]  _copy_from_user+0x2e/0xd0
[  610.523963][T17527]  kstrtouint_from_user+0xd6/0x1d0
[  610.523989][T17527]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  610.524003][T17527]  ? __lock_acquire+0xb8a/0x1c90
[  610.524020][T17527]  proc_fail_nth_write+0x83/0x250
[  610.524036][T17527]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  610.524055][T17527]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  610.524069][T17527]  vfs_write+0x2a0/0x1150
[  610.524086][T17527]  ? __pfx___mutex_lock+0x10/0x10
[  610.524097][T17527]  ? __pfx_vfs_write+0x10/0x10
[  610.524116][T17527]  ? __fget_files+0x20e/0x3c0
[  610.524129][T17527]  ksys_write+0x12a/0x250
[  610.524144][T17527]  ? __pfx_ksys_write+0x10/0x10
[  610.524163][T17527]  do_syscall_64+0xcd/0x4c0
[  610.524175][T17527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  610.524186][T17527] RIP: 0033:0x7f707cf8d45f
[  610.524195][T17527] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  610.524206][T17527] RSP: 002b:00007f707adb4030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  610.524216][T17527] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f707cf8d45f
[  610.524223][T17527] RDX: 0000000000000001 RSI: 00007f707adb40a0 RDI: 0000000000000005
[  610.524229][T17527] RBP: 00007f707adb4090 R08: 0000000000000000 R09: 0000000000000000
[  610.524235][T17527] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  610.524241][T17527] R13: 0000000000000000 R14: 00007f707d1b6160 R15: 00007ffe0157f708
[  610.524255][T17527]  </TASK>
[  611.567580][    C2] cdc_wdm 11-1:1.0: Unexpected error -71
[  611.570390][    C2] cdc_wdm 11-1:1.0: nonzero urb status received: -71
[  611.572569][    C2] cdc_wdm 11-1:1.0: wdm_int_callback - 0 bytes
[  611.573391][    T9] usb 11-1: USB disconnect, device number 15
[  611.574538][    C2] cdc_wdm 11-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  611.583471][   T10] cdc_wdm 10-1:1.0: cdc-wdm2: USB WDM device
[  611.585401][   T10] cdc_wdm 10-1:1.0: Unknown control protocol
[  611.589678][T14020] usb 7-1: USB disconnect, device number 13
[  611.606245][   T24] usb 10-1: USB disconnect, device number 38
[  611.655314][   T40] audit: type=1400 audit(1753716697.876:1117): avc:  denied  { setopt } for  pid=17531 comm="syz.2.3956" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  611.661923][T17529] FAULT_INJECTION: forcing a failure.
[  611.661923][T17529] name failslab, interval 1, probability 0, space 0, times 0
[  611.661957][T17529] CPU: 2 UID: 0 PID: 17529 Comm: syz.6.3954 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  611.661970][T17529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  611.661976][T17529] Call Trace:
[  611.661980][T17529]  <TASK>
[  611.661985][T17529]  dump_stack_lvl+0x16c/0x1f0
[  611.662005][T17529]  should_fail_ex+0x512/0x640
[  611.662022][T17529]  ? __kmalloc_noprof+0xbf/0x510
[  611.662039][T17529]  ? sock_kmalloc+0x111/0x170
[  611.662051][T17529]  should_failslab+0xc2/0x120
[  611.662062][T17529]  __kmalloc_noprof+0xd2/0x510
[  611.662080][T17529]  sock_kmalloc+0x111/0x170
[  611.662093][T17529]  skcipher_recvmsg+0x4a6/0x1030
[  611.662111][T17529]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  611.662127][T17529]  sock_recvmsg+0x1f6/0x250
[  611.662140][T17529]  ____sys_recvmsg+0x218/0x6b0
[  611.662155][T17529]  ? __pfx_____sys_recvmsg+0x10/0x10
[  611.662174][T17529]  ? __lock_acquire+0x622/0x1c90
[  611.662187][T17529]  ___sys_recvmsg+0x114/0x1a0
[  611.662197][T17529]  ? __pfx____sys_recvmsg+0x10/0x10
[  611.662208][T17529]  ? find_held_lock+0x2b/0x80
[  611.662230][T17529]  do_recvmmsg+0x2fe/0x750
[  611.662242][T17529]  ? __pfx_do_recvmmsg+0x10/0x10
[  611.662254][T17529]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  611.662270][T17529]  ? __fget_files+0x20e/0x3c0
[  611.662283][T17529]  __x64_sys_recvmmsg+0x22a/0x280
[  611.662294][T17529]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  611.662309][T17529]  do_syscall_64+0xcd/0x4c0
[  611.662321][T17529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  611.662332][T17529] RIP: 0033:0x7fdaa138e9a9
[  611.662341][T17529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  611.662352][T17529] RSP: 002b:00007fdaa21c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  611.662362][T17529] RAX: ffffffffffffffda RBX: 00007fdaa15b5fa0 RCX: 00007fdaa138e9a9
[  611.662369][T17529] RDX: 0000000000000001 RSI: 00002000000009c0 RDI: 0000000000000004
[  611.662375][T17529] RBP: 00007fdaa21c3090 R08: 0000000000000000 R09: 0000000000000000
[  611.662381][T17529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  611.662387][T17529] R13: 0000000000000000 R14: 00007fdaa15b5fa0 R15: 00007fff0ecfb248
[  611.662400][T17529]  </TASK>
[  611.732448][   T60] libceph: connect (1)[c::]:6789 error -101
[  611.733152][   T40] audit: type=1326 audit(1753716697.926:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17541 comm="syz.2.3958" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc2c4f8e9a9 code=0x0
[  611.735555][   T60] libceph: mon0 (1)[c::]:6789 connect error
[  611.784006][T14020] libceph: connect (1)[c::]:6789 error -101
[  611.786465][T14020] libceph: mon0 (1)[c::]:6789 connect error
[  611.857393][   T29] usb 9-1: new high-speed USB device number 124 using dummy_hcd
[  612.007365][   T29] usb 9-1: Using ep0 maxpacket: 8
[  612.009531][   T60] libceph: connect (1)[c::]:6789 error -101
[  612.010280][   T29] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  612.012067][   T60] libceph: mon0 (1)[c::]:6789 connect error
[  612.014863][   T29] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  612.020405][   T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  612.023423][   T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  612.026457][   T29] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  612.030636][   T29] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  612.033544][   T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.047628][ T6042] libceph: connect (1)[c::]:6789 error -101
[  612.049670][ T6042] libceph: mon0 (1)[c::]:6789 connect error
[  612.244320][   T29] usb 9-1: usb_control_msg returned -32
[  612.246151][   T29] usbtmc 9-1:16.0: can't read capabilities
[  612.518250][   T60] libceph: connect (1)[c::]:6789 error -101
[  612.520507][   T60] libceph: mon0 (1)[c::]:6789 connect error
[  612.550486][T17562] usbtmc 9-1:16.0: send_request_dev_dep_msg_in returned -90
[  612.556209][T17546] ceph: No mds server is up or the cluster is laggy
[  612.556321][T17552] ceph: No mds server is up or the cluster is laggy
[  612.562833][ T6042] libceph: connect (1)[c::]:6789 error -101
[  612.564806][ T6042] libceph: mon0 (1)[c::]:6789 connect error
[  612.635432][T17565] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  612.640357][T17565] binder: 17564:17565 ioctl c0306201 200000001440 returned -11
[  612.650191][T17566] usbtmc 9-1:16.0: INITIATE_ABORT_BULK_OUT returned 0
[  612.851600][    T9] usb 9-1: USB disconnect, device number 124
[  613.647279][ T6042] usb 9-1: new high-speed USB device number 125 using dummy_hcd
[  613.820888][ T6042] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  613.823829][ T6042] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  613.827799][ T6042] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  613.830683][ T6042] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  613.838539][ T6042] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  613.841463][ T6042] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  613.847323][ T6042] usb 9-1: Product: syz
[  613.850108][ T6042] usb 9-1: Manufacturer: syz
[  613.858174][ T6042] cdc_wdm 9-1:1.0: skipping garbage
[  613.860035][ T6042] cdc_wdm 9-1:1.0: skipping garbage
[  613.863436][ T6042] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  613.865478][ T6042] cdc_wdm 9-1:1.0: Unknown control protocol
[  613.950094][T17598] netlink: 'syz.6.3976': attribute type 4 has an invalid length.
[  613.961179][T17598] netlink: 'syz.6.3976': attribute type 4 has an invalid length.
[  614.057133][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  614.057314][T14020] usb 9-1: USB disconnect, device number 125
[  614.059995][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  614.064030][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  614.141595][T17606] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  614.190040][ T6042] usb 10-1: new high-speed USB device number 39 using dummy_hcd
[  614.359201][ T6042] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  614.364079][ T6042] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  614.369115][ T6042] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  614.372298][ T6042] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  614.376288][ T6042] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  614.379624][ T6042] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.384037][ T6042] usb 10-1: config 0 descriptor??
[  614.573572][    C2] vcan0: j1939_tp_rxtimer: 0xffff88805eaa7800: rx timeout, send abort
[  614.597288][T14020] usb 9-1: new high-speed USB device number 126 using dummy_hcd
[  614.634421][   T40] audit: type=1400 audit(1753716700.856:1119): avc:  denied  { write } for  pid=17611 comm="syz.2.3983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  614.641194][   T40] audit: type=1400 audit(1753716700.856:1120): avc:  denied  { create } for  pid=17611 comm="syz.2.3983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=decnet_socket permissive=1
[  614.658229][   T40] audit: type=1400 audit(1753716700.886:1121): avc:  denied  { setopt } for  pid=17611 comm="syz.2.3983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  614.693764][   T40] audit: type=1400 audit(1753716700.916:1122): avc:  denied  { watch } for  pid=17614 comm="syz.2.3984" path="/500/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=2879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  614.708693][   T40] audit: type=1400 audit(1753716700.916:1123): avc:  denied  { watch_sb watch_reads } for  pid=17614 comm="syz.2.3984" path="/500/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=2879 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  614.782557][T14020] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  614.785724][T14020] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  614.792032][T14020] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  614.795207][T14020] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  614.799927][ T6042] usbhid 10-1:0.0: can't add hid device: -71
[  614.801915][ T6042] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  614.806544][T14020] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  614.809505][T14020] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  614.811969][T14020] usb 9-1: Product: syz
[  614.813270][T14020] usb 9-1: Manufacturer: syz
[  614.815873][ T6042] usb 10-1: USB disconnect, device number 39
[  614.827777][T14020] cdc_wdm 9-1:1.0: skipping garbage
[  614.829455][T14020] cdc_wdm 9-1:1.0: skipping garbage
[  614.832122][T14020] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  614.834008][T14020] cdc_wdm 9-1:1.0: Unknown control protocol
[  615.073642][    C2] vcan0: j1939_tp_rxtimer: 0xffff888058e8dc00: rx timeout, send abort
[  615.077758][    C2] vcan0: j1939_tp_rxtimer: 0xffff88805eaa7800: abort rx timeout. Force session deactivation
[  615.326476][T17624] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3987'.
[  615.335302][T17624] team_slave_0: entered promiscuous mode
[  615.337739][T17624] team_slave_1: entered promiscuous mode
[  615.340226][T17624] macsec1: entered promiscuous mode
[  615.342393][T17624] team0: entered promiscuous mode
[  615.345164][T17624] macsec1: entered allmulticast mode
[  615.347439][T17624] team0: entered allmulticast mode
[  615.349551][T17624] team_slave_0: entered allmulticast mode
[  615.352356][T17624] team_slave_1: entered allmulticast mode
[  615.355184][T17624] team0: Device macsec1 is already an upper device of the team interface
[  615.360347][T17624] team0: left allmulticast mode
[  615.362433][T17624] team_slave_0: left allmulticast mode
[  615.364704][T17624] team_slave_1: left allmulticast mode
[  615.366956][T17624] team0: left promiscuous mode
[  615.371171][T17624] team_slave_0: left promiscuous mode
[  615.373525][T17624] team_slave_1: left promiscuous mode
[  615.386401][T17626] sg_write: data in/out 4071/8 bytes for SCSI command 0x7f-- guessing data in;
[  615.386401][T17626]    program syz.5.3987 not setting count and/or reply_len properly
[  615.560600][T17635] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.574005][    C2] vcan0: j1939_tp_rxtimer: 0xffff888058e8f000: rx timeout, send abort
[  615.578001][    C2] vcan0: j1939_xtp_rx_abort_one: 0xffff888058e8f000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  615.580244][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  615.583888][    C2] vcan0: j1939_tp_rxtimer: 0xffff888058e8dc00: abort rx timeout. Force session deactivation
[  615.585810][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  615.586011][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  615.593996][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  615.596203][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  615.598483][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  615.600682][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  615.602770][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  615.604915][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  615.606990][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  615.609201][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  615.611313][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  615.613436][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  615.615515][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  615.617833][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  615.619896][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  615.624678][    T9] usb 9-1: USB disconnect, device number 126
[  615.626651][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  615.700191][T17635] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.750895][T17635] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.809998][T17635] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.813278][T17646] ptrace attach of "/syz-executor exec"[17647] was attempted by "/syz-executor exec"[17646]
[  615.890466][T17635] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  615.897630][T17635] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  615.908892][T17635] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  615.918663][T17635] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  615.928315][    T9] usb 9-1: new high-speed USB device number 127 using dummy_hcd
[  616.087805][    T9] usb 9-1: Using ep0 maxpacket: 8
[  616.090891][    T9] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1023
[  616.094054][    T9] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023
[  616.100176][    T9] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  616.103029][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  616.105556][    T9] usb 9-1: Product: syz
[  616.106933][    T9] usb 9-1: Manufacturer: syz
[  616.108757][    T9] usb 9-1: SerialNumber: syz
[  616.229274][   T40] audit: type=1400 audit(1753716702.456:1124): avc:  denied  { listen } for  pid=17672 comm="syz.5.4003" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  616.239154][   T40] audit: type=1400 audit(1753716702.466:1125): avc:  denied  { search } for  pid=17670 comm="syz.2.4002" name="/" dev="configfs" ino=3096 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  616.248825][   T40] audit: type=1400 audit(1753716702.476:1126): avc:  denied  { search } for  pid=17670 comm="syz.2.4002" name="/" dev="configfs" ino=3096 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  616.258706][   T40] audit: type=1400 audit(1753716702.476:1127): avc:  denied  { read open } for  pid=17670 comm="syz.2.4002" path="/" dev="configfs" ino=3096 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  616.265760][   T40] audit: type=1400 audit(1753716702.486:1128): avc:  denied  { search } for  pid=17670 comm="syz.2.4002" name="/" dev="configfs" ino=3096 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  616.517590][    T9] cdc_ncm 9-1:1.0: bind() failure
[  616.521302][    T9] cdc_ncm 9-1:1.1: CDC Union missing and no IAD found
[  616.523842][    T9] cdc_ncm 9-1:1.1: bind() failure
[  616.530459][    T9] usb 9-1: USB disconnect, device number 127
[  616.861830][T17688] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4008'.
[  616.966368][T17692] syz_tun: entered allmulticast mode
[  616.969367][T17691] syz_tun: left allmulticast mode
[  617.127751][   T24] usb 11-1: new high-speed USB device number 16 using dummy_hcd
[  617.191431][T17711] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4017'.
[  617.278534][   T24] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  617.281909][   T24] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  617.284934][   T24] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  617.289942][T13081] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  617.292639][T17714] netlink: 'syz.2.4018': attribute type 12 has an invalid length.
[  617.292979][   T24] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  617.300335][   T24] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  617.305459][   T24] usb 11-1: config 0 descriptor??
[  617.353226][T17715] all: renamed from lo (while UP)
[  617.427168][T13081] usb 9-1: device descriptor read/64, error -71
[  617.667144][T13081] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  617.764273][   T24] plantronics 0003:047F:FFFF.0019: unexpected long global item
[  617.770219][   T24] plantronics 0003:047F:FFFF.0019: parse failed
[  617.772284][   T24] plantronics 0003:047F:FFFF.0019: probe with driver plantronics failed with error -22
[  617.797378][T13081] usb 9-1: device descriptor read/64, error -71
[  617.909461][T13081] usb usb9-port1: attempt power cycle
[  617.932407][T17718] netlink: 3 bytes leftover after parsing attributes in process `syz.5.4019'.
[  617.936472][T17718] FAULT_INJECTION: forcing a failure.
[  617.936472][T17718] name failslab, interval 1, probability 0, space 0, times 0
[  617.941856][T17718] CPU: 2 UID: 0 PID: 17718 Comm: syz.5.4019 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  617.941873][T17718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  617.941880][T17718] Call Trace:
[  617.941885][T17718]  <TASK>
[  617.941891][T17718]  dump_stack_lvl+0x16c/0x1f0
[  617.941913][T17718]  should_fail_ex+0x512/0x640
[  617.941933][T17718]  should_failslab+0xc2/0x120
[  617.941944][T17718]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  617.941960][T17718]  ? skb_clone+0x190/0x3f0
[  617.941974][T17718]  skb_clone+0x190/0x3f0
[  617.941984][T17718]  netlink_deliver_tap+0xabd/0xd30
[  617.942000][T17718]  netlink_unicast+0x702/0x850
[  617.942014][T17718]  ? __pfx_netlink_unicast+0x10/0x10
[  617.942027][T17718]  ? __pfx___alloc_skb+0x10/0x10
[  617.942045][T17718]  nlmsg_notify+0x1c6/0x220
[  617.942059][T17718]  notify_rule_change+0x158/0x220
[  617.942072][T17718]  fib_delrule+0x1484/0x1bd0
[  617.942088][T17718]  ? __pfx_fib_delrule+0x10/0x10
[  617.942099][T17718]  ? avc_has_perm_noaudit+0xf0/0x3b0
[  617.942124][T17718]  ? find_held_lock+0x2b/0x80
[  617.942138][T17718]  ? __pfx_fib_nl_delrule+0x10/0x10
[  617.942148][T17718]  ? __pfx_fib_nl_delrule+0x10/0x10
[  617.942158][T17718]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  617.942170][T17718]  ? __pfx_fib_nl_delrule+0x10/0x10
[  617.942181][T17718]  rtnetlink_rcv_msg+0x95b/0xe90
[  617.942193][T17718]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  617.942208][T17718]  ? ref_tracker_free+0x37c/0x830
[  617.942219][T17718]  netlink_rcv_skb+0x158/0x420
[  617.942232][T17718]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  617.942243][T17718]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  617.942260][T17718]  ? netlink_deliver_tap+0x1ae/0xd30
[  617.942274][T17718]  netlink_unicast+0x58a/0x850
[  617.942288][T17718]  ? __pfx_netlink_unicast+0x10/0x10
[  617.942299][T17718]  ? __build_skb_around+0x278/0x3b0
[  617.942316][T17718]  netlink_sendmsg+0x8d1/0xdd0
[  617.942331][T17718]  ? __pfx_netlink_sendmsg+0x10/0x10
[  617.942344][T17718]  ? schedule+0x2d7/0x3a0
[  617.942362][T17718]  sock_sendmsg+0x3c9/0x470
[  617.942377][T17718]  ? __pfx_sock_sendmsg+0x10/0x10
[  617.942399][T17718]  splice_to_socket+0xaf6/0x1110
[  617.942423][T17718]  ? __pfx_splice_to_socket+0x10/0x10
[  617.942444][T17718]  ? inode_has_perm+0x16f/0x1d0
[  617.942468][T17718]  ? bpf_lsm_file_permission+0x9/0x10
[  617.942480][T17718]  ? security_file_permission+0x71/0x210
[  617.942491][T17718]  ? rw_verify_area+0xcf/0x680
[  617.942505][T17718]  ? __pfx_splice_to_socket+0x10/0x10
[  617.942522][T17718]  do_splice+0x1478/0x1fc0
[  617.942538][T17718]  ? __lock_acquire+0x622/0x1c90
[  617.942552][T17718]  ? __pfx_do_splice+0x10/0x10
[  617.942566][T17718]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  617.942582][T17718]  ? find_held_lock+0x2b/0x80
[  617.942596][T17718]  __do_splice+0x32a/0x360
[  617.942613][T17718]  ? __pfx___do_splice+0x10/0x10
[  617.942628][T17718]  ? fput+0x50/0xf0
[  617.942643][T17718]  __x64_sys_splice+0x187/0x250
[  617.942664][T17718]  do_syscall_64+0xcd/0x4c0
[  617.942676][T17718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  617.942687][T17718] RIP: 0033:0x7f707cf8e9a9
[  617.942697][T17718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  617.942707][T17718] RSP: 002b:00007f707adf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  617.942717][T17718] RAX: ffffffffffffffda RBX: 00007f707d1b5fa0 RCX: 00007f707cf8e9a9
[  617.942724][T17718] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  617.942729][T17718] RBP: 00007f707adf6090 R08: 00000000725e65a6 R09: 0000000000000000
[  617.942736][T17718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  617.942742][T17718] R13: 0000000000000000 R14: 00007f707d1b5fa0 R15: 00007ffe0157f708
[  617.942758][T17718]  </TASK>
[  618.063166][ T5957] usb 11-1: USB disconnect, device number 16
[  618.205383][T17725] binder: 17724:17725 ioctl c0306201 200000000080 returned -14
[  618.211045][T17725] binder: 17724:17725 ioctl c0306201 2000000003c0 returned -14
[  618.213568][T17725] binder: 17724:17725 ioctl 80045505 200000000000 returned -22
[  618.330855][T17727] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  618.335779][T17727] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  618.337209][T13081] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  618.344165][T17726] tipc: Resetting bearer <eth:syzkaller0>
[  618.367686][T13081] usb 9-1: device descriptor read/8, error -71
[  618.618750][T13081] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  618.638757][T13081] usb 9-1: device descriptor read/8, error -71
[  618.645366][T17732] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  618.686652][T17734] FAULT_INJECTION: forcing a failure.
[  618.686652][T17734] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  618.690989][T17734] CPU: 0 UID: 0 PID: 17734 Comm: syz.6.4026 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  618.691005][T17734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  618.691012][T17734] Call Trace:
[  618.691016][T17734]  <TASK>
[  618.691020][T17734]  dump_stack_lvl+0x16c/0x1f0
[  618.691041][T17734]  should_fail_ex+0x512/0x640
[  618.691059][T17734]  strncpy_from_user+0x3b/0x2e0
[  618.691076][T17734]  getname_flags.part.0+0x8f/0x550
[  618.691092][T17734]  getname_flags+0x93/0xf0
[  618.691108][T17734]  __x64_sys_link+0x58/0xa0
[  618.691119][T17734]  do_syscall_64+0xcd/0x4c0
[  618.691131][T17734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  618.691142][T17734] RIP: 0033:0x7fdaa138e9a9
[  618.691151][T17734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  618.691162][T17734] RSP: 002b:00007fdaa21c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  618.691172][T17734] RAX: ffffffffffffffda RBX: 00007fdaa15b5fa0 RCX: 00007fdaa138e9a9
[  618.691179][T17734] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 00002000000001c0
[  618.691185][T17734] RBP: 00007fdaa21c3090 R08: 0000000000000000 R09: 0000000000000000
[  618.691191][T17734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  618.691197][T17734] R13: 0000000000000000 R14: 00007fdaa15b5fa0 R15: 00007fff0ecfb248
[  618.691209][T17734]  </TASK>
[  618.757328][T13081] usb usb9-port1: unable to enumerate USB device
[  619.111518][T17747] netlink: 'syz.6.4031': attribute type 3 has an invalid length.
[  619.114795][T17747] netlink: 'syz.6.4031': attribute type 1 has an invalid length.
[  619.118316][T17747] netlink: 216 bytes leftover after parsing attributes in process `syz.6.4031'.
[  619.122104][T17747] NCSI netlink: No device for ifindex 33022
[  620.039405][T17726] tipc: Disabling bearer <eth:syzkaller0>
[  620.043830][T17749] netlink: 830 bytes leftover after parsing attributes in process `syz.6.4031'.
[  620.159778][T17767] FAULT_INJECTION: forcing a failure.
[  620.159778][T17767] name failslab, interval 1, probability 0, space 0, times 0
[  620.163648][T17767] CPU: 3 UID: 0 PID: 17767 Comm: syz.2.4038 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  620.163662][T17767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  620.163669][T17767] Call Trace:
[  620.163673][T17767]  <TASK>
[  620.163678][T17767]  dump_stack_lvl+0x16c/0x1f0
[  620.163699][T17767]  should_fail_ex+0x512/0x640
[  620.163715][T17767]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  620.163731][T17767]  should_failslab+0xc2/0x120
[  620.163755][T17767]  __kmalloc_cache_noprof+0x6a/0x3e0
[  620.163770][T17767]  ? uprobe_register+0x177/0xb60
[  620.163783][T17767]  uprobe_register+0x177/0xb60
[  620.163797][T17767]  bpf_uprobe_multi_link_attach+0x949/0x1280
[  620.163817][T17767]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  620.163830][T17767]  ? __fget_files+0x20e/0x3c0
[  620.163843][T17767]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  620.163858][T17767]  __sys_bpf+0x445d/0x4ea0
[  620.163874][T17767]  ? __pfx___sys_bpf+0x10/0x10
[  620.163889][T17767]  ? ksys_write+0x190/0x250
[  620.163907][T17767]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  620.163926][T17767]  ? fput+0x70/0xf0
[  620.163937][T17767]  ? ksys_write+0x1ac/0x250
[  620.163954][T17767]  ? __pfx_ksys_write+0x10/0x10
[  620.163972][T17767]  __x64_sys_bpf+0x78/0xc0
[  620.163986][T17767]  ? lockdep_hardirqs_on+0x7c/0x110
[  620.164002][T17767]  do_syscall_64+0xcd/0x4c0
[  620.164013][T17767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  620.164024][T17767] RIP: 0033:0x7fc2c4f8e9a9
[  620.164033][T17767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  620.164043][T17767] RSP: 002b:00007fc2c5d21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  620.164054][T17767] RAX: ffffffffffffffda RBX: 00007fc2c51b5fa0 RCX: 00007fc2c4f8e9a9
[  620.164060][T17767] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c
[  620.164067][T17767] RBP: 00007fc2c5d21090 R08: 0000000000000000 R09: 0000000000000000
[  620.164073][T17767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  620.164079][T17767] R13: 0000000000000000 R14: 00007fc2c51b5fa0 R15: 00007ffc507ec7c8
[  620.164092][T17767]  </TASK>
[  620.318162][ T5957] usb 11-1: new high-speed USB device number 17 using dummy_hcd
[  620.318763][ T6020] usb 10-1: new high-speed USB device number 40 using dummy_hcd
[  620.467403][ T5957] usb 11-1: too many configurations: 9, using maximum allowed: 8
[  620.471032][ T5957] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  620.474498][ T5957] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  620.478341][ T5957] usb 11-1: config 0 interface 0 has no altsetting 0
[  620.481349][ T5957] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  620.484707][ T5957] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  620.486929][ T6020] usb 10-1: Using ep0 maxpacket: 8
[  620.489036][ T5957] usb 11-1: config 0 interface 0 has no altsetting 0
[  620.492528][ T6020] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[  620.494329][ T5957] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  620.496045][ T6020] usb 10-1: config 0 has no interface number 0
[  620.499623][ T5957] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  620.499644][ T5957] usb 11-1: config 0 interface 0 has no altsetting 0
[  620.507568][ T6020] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  620.507759][   T60] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  620.510947][ T6020] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  620.510994][ T5957] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  620.511024][ T5957] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  620.511038][ T5957] usb 11-1: config 0 interface 0 has no altsetting 0
[  620.511940][ T5957] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  620.511982][ T5957] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  620.512002][ T5957] usb 11-1: config 0 interface 0 has no altsetting 0
[  620.512840][ T5957] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  620.512870][ T5957] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  620.512890][ T5957] usb 11-1: config 0 interface 0 has no altsetting 0
[  620.513427][T13081] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  620.513727][ T5957] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  620.513757][ T5957] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  620.513777][ T5957] usb 11-1: config 0 interface 0 has no altsetting 0
[  620.514625][ T5957] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  620.514657][ T5957] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  620.514678][ T5957] usb 11-1: config 0 interface 0 has no altsetting 0
[  620.516459][ T5957] usb 11-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  620.516481][ T5957] usb 11-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  620.516497][ T5957] usb 11-1: Product: syz
[  620.516509][ T5957] usb 11-1: Manufacturer: syz
[  620.516521][ T5957] usb 11-1: SerialNumber: syz
[  620.517016][ T6020] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  620.517033][ T6020] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  620.517055][ T6020] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  620.517067][ T6020] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  620.519813][ T6020] usb 10-1: config 0 descriptor??
[  620.519972][ T5957] usb 11-1: config 0 descriptor??
[  620.528938][ T6020] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  620.534873][ T5957] yurex 11-1:0.0: USB YUREX device now attached to Yurex #1
[  620.646970][   T60] usb 9-1: device descriptor read/64, error -71
[  620.649150][T13081] usb 7-1: device descriptor read/64, error -71
[  620.788659][ T5957] usb 11-1: USB disconnect, device number 17
[  620.887245][   T60] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  620.890669][T13081] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  621.017303][   T60] usb 9-1: device descriptor read/64, error -71
[  621.019915][T13081] usb 7-1: device descriptor read/64, error -71
[  621.137170][   T60] usb usb9-port1: attempt power cycle
[  621.139770][T13081] usb usb7-port1: attempt power cycle
[  621.476862][T13081] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  621.479927][   T60] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  621.499349][T13081] usb 7-1: device descriptor read/8, error -71
[  621.501692][   T60] usb 9-1: device descriptor read/8, error -71
[  621.756873][   T60] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  621.759283][T13081] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  621.777809][   T60] usb 9-1: device descriptor read/8, error -71
[  621.780229][T13081] usb 7-1: device descriptor read/8, error -71
[  621.887338][   T60] usb usb9-port1: unable to enumerate USB device
[  621.889589][T13081] usb usb7-port1: unable to enumerate USB device
[  622.783719][ T5957] yurex 11-1:0.0: USB YUREX #1 now disconnected
[  622.787585][    T9] usb 10-1: USB disconnect, device number 40
[  622.791725][    T9] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[  623.202302][T17782] FAULT_INJECTION: forcing a failure.
[  623.202302][T17782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  623.206335][T17782] CPU: 0 UID: 0 PID: 17782 Comm: syz.5.4044 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  623.206350][T17782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  623.206357][T17782] Call Trace:
[  623.206362][T17782]  <TASK>
[  623.206368][T17782]  dump_stack_lvl+0x16c/0x1f0
[  623.206389][T17782]  should_fail_ex+0x512/0x640
[  623.206407][T17782]  _copy_from_iter+0x29f/0x16f0
[  623.206422][T17782]  ? __pfx__copy_from_iter+0x10/0x10
[  623.206432][T17782]  ? _copy_from_iter+0x15d/0x16f0
[  623.206446][T17782]  skb_copy_datagram_from_iter+0x124/0x740
[  623.206463][T17782]  ? dev_get_by_index+0x17c/0x380
[  623.206476][T17782]  packet_sendmsg+0x226a/0x5850
[  623.206500][T17782]  ? sock_has_perm+0x259/0x2f0
[  623.206515][T17782]  ? __pfx_sock_has_perm+0x10/0x10
[  623.206531][T17782]  ? __pfx_packet_sendmsg+0x10/0x10
[  623.206552][T17782]  __sys_sendto+0x4a3/0x520
[  623.206568][T17782]  ? __pfx___sys_sendto+0x10/0x10
[  623.206594][T17782]  ? ksys_write+0x1ac/0x250
[  623.206609][T17782]  ? __pfx_ksys_write+0x10/0x10
[  623.206626][T17782]  __x64_sys_sendto+0xe0/0x1c0
[  623.206640][T17782]  ? do_syscall_64+0x91/0x4c0
[  623.206664][T17782]  ? lockdep_hardirqs_on+0x7c/0x110
[  623.206679][T17782]  do_syscall_64+0xcd/0x4c0
[  623.206690][T17782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.206701][T17782] RIP: 0033:0x7f707cf8e9a9
[  623.206711][T17782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  623.206721][T17782] RSP: 002b:00007f707adf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  623.206732][T17782] RAX: ffffffffffffffda RBX: 00007f707d1b5fa0 RCX: 00007f707cf8e9a9
[  623.206738][T17782] RDX: 0000000000010608 RSI: 0000200000000180 RDI: 0000000000000003
[  623.206745][T17782] RBP: 00007f707adf6090 R08: 0000200000000140 R09: 0000000000000014
[  623.206751][T17782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  623.206760][T17782] R13: 0000000000000000 R14: 00007f707d1b5fa0 R15: 00007ffe0157f708
[  623.206774][T17782]  </TASK>
[  623.327846][T17786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4047'.
[  623.410110][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  623.410189][   T40] audit: type=1400 audit(1753716709.637:1134): avc:  denied  { accept } for  pid=17787 comm="syz.4.4046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  623.432201][   T40] audit: type=1400 audit(1753716709.657:1135): avc:  denied  { write } for  pid=17807 comm="syz.6.4055" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  623.465603][T17814] input: syz0 as /devices/virtual/input/input36
[  623.472714][T17814] FAULT_INJECTION: forcing a failure.
[  623.472714][T17814] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  623.476972][T17814] CPU: 2 UID: 0 PID: 17814 Comm: syz.6.4057 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  623.476988][T17814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  623.476994][T17814] Call Trace:
[  623.476998][T17814]  <TASK>
[  623.477002][T17814]  dump_stack_lvl+0x16c/0x1f0
[  623.477023][T17814]  should_fail_ex+0x512/0x640
[  623.477042][T17814]  _copy_from_user+0x2e/0xd0
[  623.477054][T17814]  input_event_from_user+0x133/0x3b0
[  623.477066][T17814]  ? __pfx_input_event_from_user+0x10/0x10
[  623.477076][T17814]  ? __pfx___might_resched+0x10/0x10
[  623.477091][T17814]  ? read_tsc+0x9/0x20
[  623.477103][T17814]  ? ktime_get+0x1a7/0x310
[  623.477117][T17814]  ? input_event+0x2a/0xb0
[  623.477134][T17814]  uinput_write+0xbb4/0x12b0
[  623.477149][T17814]  ? __pfx_uinput_write+0x10/0x10
[  623.477162][T17814]  ? bpf_lsm_file_permission+0x9/0x10
[  623.477175][T17814]  ? security_file_permission+0x71/0x210
[  623.477186][T17814]  ? rw_verify_area+0xcf/0x680
[  623.477201][T17814]  ? __pfx_uinput_write+0x10/0x10
[  623.477212][T17814]  vfs_write+0x2a0/0x1150
[  623.477230][T17814]  ? __pfx_vfs_write+0x10/0x10
[  623.477244][T17814]  ? find_held_lock+0x2b/0x80
[  623.477258][T17814]  ? __fget_files+0x204/0x3c0
[  623.477270][T17814]  ? __fget_files+0x20e/0x3c0
[  623.477283][T17814]  ksys_write+0x1f8/0x250
[  623.477298][T17814]  ? __pfx_ksys_write+0x10/0x10
[  623.477317][T17814]  do_syscall_64+0xcd/0x4c0
[  623.477329][T17814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.477340][T17814] RIP: 0033:0x7fdaa138e9a9
[  623.477349][T17814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  623.477360][T17814] RSP: 002b:00007fdaa21c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  623.477370][T17814] RAX: ffffffffffffffda RBX: 00007fdaa15b5fa0 RCX: 00007fdaa138e9a9
[  623.477377][T17814] RDX: 000000000000045c RSI: 0000200000000500 RDI: 0000000000000003
[  623.477383][T17814] RBP: 00007fdaa21c3090 R08: 0000000000000000 R09: 0000000000000000
[  623.477389][T17814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  623.477395][T17814] R13: 0000000000000000 R14: 00007fdaa15b5fa0 R15: 00007fff0ecfb248
[  623.477408][T17814]  </TASK>
[  623.516072][T17816] input: syz1 as /devices/virtual/input/input37
[  623.553791][T17818] netlink: 72 bytes leftover after parsing attributes in process `syz.6.4059'.
[  623.563617][T17818] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4059'.
[  623.606290][   T40] audit: type=1400 audit(1753716709.827:1136): avc:  denied  { setopt } for  pid=17823 comm="syz.4.4060" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  623.610034][T17827] input: syz0 as /devices/virtual/input/input38
[  623.696829][ T6020] usb 10-1: new high-speed USB device number 41 using dummy_hcd
[  623.791188][T17844] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  623.797793][T17844] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  623.827360][ T6020] usb 10-1: device descriptor read/64, error -71
[  623.980576][T17851] : entered promiscuous mode
[  624.061524][T17856] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4071'.
[  624.064718][T17856] netlink: 'syz.4.4071': attribute type 30 has an invalid length.
[  624.067777][T17856] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4071'.
[  624.070391][ T6020] usb 10-1: new high-speed USB device number 42 using dummy_hcd
[  624.070701][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  624.070776][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  624.195303][T17862] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4074'.
[  624.199478][ T6020] usb 10-1: device descriptor read/64, error -71
[  624.306849][ T6020] usb usb10-port1: attempt power cycle
[  624.328201][T17865] sctp: [Deprecated]: syz.4.4075 (pid 17865) Use of struct sctp_assoc_value in delayed_ack socket option.
[  624.328201][T17865] Use struct sctp_sack_info instead
[  624.368208][T17867] MTD: Attempt to mount non-MTD device "/dev/nbd4"
[  624.373142][T17867] cramfs: wrong magic
[  624.441834][   T40] audit: type=1400 audit(1753716710.667:1137): avc:  denied  { checkpoint_restore } for  pid=17870 comm="syz.4.4078" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  624.629658][T17891] FAULT_INJECTION: forcing a failure.
[  624.629658][T17891] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  624.633775][T17891] CPU: 2 UID: 0 PID: 17891 Comm: syz.4.4085 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  624.633792][T17891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  624.633800][T17891] Call Trace:
[  624.633805][T17891]  <TASK>
[  624.633810][T17891]  dump_stack_lvl+0x16c/0x1f0
[  624.633848][T17891]  should_fail_ex+0x512/0x640
[  624.633871][T17891]  _copy_to_user+0x32/0xd0
[  624.633883][T17891]  simple_read_from_buffer+0xcb/0x170
[  624.633901][T17891]  proc_fail_nth_read+0x197/0x270
[  624.633918][T17891]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  624.633934][T17891]  ? rw_verify_area+0xcf/0x680
[  624.633948][T17891]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  624.633963][T17891]  vfs_read+0x1e1/0xc60
[  624.633991][T17891]  ? __pfx___mutex_lock+0x10/0x10
[  624.634005][T17891]  ? __pfx_vfs_read+0x10/0x10
[  624.634023][T17891]  ? __fget_files+0x20e/0x3c0
[  624.634037][T17891]  ksys_read+0x12a/0x250
[  624.634052][T17891]  ? __pfx_ksys_read+0x10/0x10
[  624.634068][T17891]  ? fput+0x70/0xf0
[  624.634081][T17891]  do_syscall_64+0xcd/0x4c0
[  624.634092][T17891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.634103][T17891] RIP: 0033:0x7f5bb2d8d3bc
[  624.634114][T17891] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  624.634124][T17891] RSP: 002b:00007f5bb3caa030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  624.634135][T17891] RAX: ffffffffffffffda RBX: 00007f5bb2fb5fa0 RCX: 00007f5bb2d8d3bc
[  624.634142][T17891] RDX: 000000000000000f RSI: 00007f5bb3caa0a0 RDI: 0000000000000005
[  624.634148][T17891] RBP: 00007f5bb3caa090 R08: 0000000000000000 R09: 0000000000000000
[  624.634154][T17891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  624.634160][T17891] R13: 0000000000000000 R14: 00007f5bb2fb5fa0 R15: 00007fff14717288
[  624.634174][T17891]  </TASK>
[  624.646787][ T6020] usb 10-1: new high-speed USB device number 43 using dummy_hcd
[  624.704535][T17897] FAULT_INJECTION: forcing a failure.
[  624.704535][T17897] name failslab, interval 1, probability 0, space 0, times 0
[  624.708806][T17897] CPU: 0 UID: 0 PID: 17897 Comm: syz.4.4087 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  624.708820][T17897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  624.708827][T17897] Call Trace:
[  624.708830][T17897]  <TASK>
[  624.708835][T17897]  dump_stack_lvl+0x16c/0x1f0
[  624.708855][T17897]  should_fail_ex+0x512/0x640
[  624.708874][T17897]  should_failslab+0xc2/0x120
[  624.708885][T17897]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  624.708901][T17897]  ? skb_clone+0x190/0x3f0
[  624.708914][T17897]  skb_clone+0x190/0x3f0
[  624.708925][T17897]  netlink_deliver_tap+0xabd/0xd30
[  624.708939][T17897]  netlink_unicast+0x702/0x850
[  624.708953][T17897]  ? __pfx_netlink_unicast+0x10/0x10
[  624.708973][T17897]  netlink_ack+0x696/0xb80
[  624.708989][T17897]  netlink_rcv_skb+0x332/0x420
[  624.709001][T17897]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  624.709017][T17897]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  624.709035][T17897]  ? ns_capable+0xd7/0x110
[  624.709050][T17897]  nfnetlink_rcv+0x1b3/0x430
[  624.709064][T17897]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  624.709077][T17897]  ? netlink_deliver_tap+0x1ae/0xd30
[  624.709091][T17897]  netlink_unicast+0x58a/0x850
[  624.709105][T17897]  ? __pfx_netlink_unicast+0x10/0x10
[  624.709121][T17897]  netlink_sendmsg+0x8d1/0xdd0
[  624.709135][T17897]  ? __pfx_netlink_sendmsg+0x10/0x10
[  624.709152][T17897]  ____sys_sendmsg+0xa98/0xc70
[  624.709166][T17897]  ? copy_msghdr_from_user+0x10a/0x160
[  624.709176][T17897]  ? __pfx_____sys_sendmsg+0x10/0x10
[  624.709195][T17897]  ___sys_sendmsg+0x134/0x1d0
[  624.709206][T17897]  ? __pfx____sys_sendmsg+0x10/0x10
[  624.709214][T17897]  ? __lock_acquire+0x622/0x1c90
[  624.709241][T17897]  __sys_sendmsg+0x16d/0x220
[  624.709251][T17897]  ? __pfx___sys_sendmsg+0x10/0x10
[  624.709269][T17897]  do_syscall_64+0xcd/0x4c0
[  624.709281][T17897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.709293][T17897] RIP: 0033:0x7f5bb2d8e9a9
[  624.709302][T17897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.709312][T17897] RSP: 002b:00007f5bb3caa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  624.709322][T17897] RAX: ffffffffffffffda RBX: 00007f5bb2fb5fa0 RCX: 00007f5bb2d8e9a9
[  624.709328][T17897] RDX: 00000000240008c4 RSI: 0000200000000000 RDI: 0000000000000005
[  624.709334][T17897] RBP: 00007f5bb3caa090 R08: 0000000000000000 R09: 0000000000000000
[  624.709341][T17897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  624.709347][T17897] R13: 0000000000000000 R14: 00007f5bb2fb5fa0 R15: 00007fff14717288
[  624.709360][T17897]  </TASK>
[  624.717203][ T6020] usb 10-1: device descriptor read/8, error -71
[  624.738664][   T40] audit: type=1400 audit(1753716710.967:1138): avc:  denied  { write } for  pid=17898 comm="syz.4.4088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  624.989660][ T6020] usb 10-1: new high-speed USB device number 44 using dummy_hcd
[  625.017318][ T6020] usb 10-1: device descriptor read/8, error -71
[  625.036702][T14020] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  625.127204][ T6020] usb usb10-port1: unable to enumerate USB device
[  625.188340][T14020] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  625.191130][T14020] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  625.194575][T14020] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  625.197618][T14020] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  625.201119][T14020] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  625.206243][T14020] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  625.209257][T14020] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  625.211808][T14020] usb 9-1: Product: syz
[  625.213135][T14020] usb 9-1: Manufacturer: syz
[  625.218042][T14020] cdc_wdm 9-1:1.0: skipping garbage
[  625.219765][T14020] cdc_wdm 9-1:1.0: skipping garbage
[  625.222195][T14020] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  625.224099][T14020] cdc_wdm 9-1:1.0: Unknown control protocol
[  625.402307][T17883] ==================================================================
[  625.405500][T17883] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0x3a/0x60
[  625.408755][T17883] Read of size 1 at addr ffff8880295d3eb0 by task syz.2.4082/17883
[  625.413020][T17883] 
[  625.414213][T17883] CPU: 3 UID: 0 PID: 17883 Comm: syz.2.4082 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  625.414228][T17883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  625.414236][T17883] Call Trace:
[  625.414242][T17883]  <TASK>
[  625.414248][T17883]  dump_stack_lvl+0x116/0x1f0
[  625.414269][T17883]  print_report+0xcd/0x630
[  625.414281][T17883]  ? __virt_addr_valid+0x81/0x610
[  625.414295][T17883]  ? __phys_addr+0xe8/0x180
[  625.414307][T17883]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  625.414331][T17883]  kasan_report+0xe0/0x110
[  625.414346][T17883]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  625.414369][T17883]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  625.414392][T17883]  __kasan_check_byte+0x36/0x50
[  625.414408][T17883]  lock_acquire+0xfc/0x350
[  625.414427][T17883]  ? find_held_lock+0x2b/0x80
[  625.414450][T17883]  _raw_spin_lock_irqsave+0x3a/0x60
[  625.414471][T17883]  ? remove_wait_queue+0x25/0x180
[  625.414485][T17883]  remove_wait_queue+0x25/0x180
[  625.414499][T17883]  poll_freewait+0xd5/0x250
[  625.414516][T17883]  do_select+0xe52/0x17e0
[  625.414534][T17883]  ? __pfx_do_select+0x10/0x10
[  625.414548][T17883]  ? psi_task_switch+0x2c1/0x8e0
[  625.414563][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.414578][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.414591][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.414605][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.414620][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.414643][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.414659][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.414675][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.414691][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.414707][T17883]  ? find_held_lock+0x2b/0x80
[  625.414720][T17883]  ? __might_fault+0xe3/0x190
[  625.414737][T17883]  ? __might_fault+0xe3/0x190
[  625.414752][T17883]  ? __might_fault+0x13b/0x190
[  625.414770][T17883]  ? core_sys_select+0x453/0xc10
[  625.414786][T17883]  core_sys_select+0x453/0xc10
[  625.414803][T17883]  ? __pfx_core_sys_select+0x10/0x10
[  625.414819][T17883]  ? find_held_lock+0x2b/0x80
[  625.414836][T17883]  ? set_user_sigmask+0x21b/0x2b0
[  625.414847][T17883]  ? __lock_acquire+0x622/0x1c90
[  625.414856][T17883]  ? __pfx_set_user_sigmask+0x10/0x10
[  625.414868][T17883]  do_pselect.constprop.0+0x19f/0x1e0
[  625.414886][T17883]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  625.414902][T17883]  ? __x64_sys_futex+0x1e0/0x4c0
[  625.414918][T17883]  __x64_sys_pselect6+0x182/0x240
[  625.414933][T17883]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  625.414950][T17883]  do_syscall_64+0xcd/0x4c0
[  625.414960][T17883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.414972][T17883] RIP: 0033:0x7fc2c4f8e9a9
[  625.414981][T17883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  625.414991][T17883] RSP: 002b:00007fc2c5d21038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  625.415002][T17883] RAX: ffffffffffffffda RBX: 00007fc2c51b5fa0 RCX: 00007fc2c4f8e9a9
[  625.415010][T17883] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  625.415017][T17883] RBP: 00007fc2c5010d69 R08: 0000000000000000 R09: 0000000000000000
[  625.415024][T17883] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000000
[  625.415032][T17883] R13: 0000000000000000 R14: 00007fc2c51b5fa0 R15: 00007ffc507ec7c8
[  625.415042][T17883]  </TASK>
[  625.415046][T17883] 
[  625.529688][T17883] Allocated by task 17083:
[  625.531363][T17883]  kasan_save_stack+0x33/0x60
[  625.533224][T17883]  kasan_save_track+0x14/0x30
[  625.535098][T17883]  __kasan_kmalloc+0xaa/0xb0
[  625.536938][T17883]  comedi_device_postconfig+0x2cb/0xc80
[  625.539119][T17883]  comedi_device_attach+0x3cf/0x900
[  625.541234][T17883]  do_devconfig_ioctl+0x1a7/0x580
[  625.543219][T17883]  comedi_unlocked_ioctl+0x165d/0x2f00
[  625.545376][T17883]  __x64_sys_ioctl+0x18e/0x210
[  625.547281][T17883]  do_syscall_64+0xcd/0x4c0
[  625.549234][T17883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.551530][T17883] 
[  625.552472][T17883] Freed by task 17895:
[  625.554183][T17883]  kasan_save_stack+0x33/0x60
[  625.556050][T17883]  kasan_save_track+0x14/0x30
[  625.557873][T17883]  kasan_save_free_info+0x3b/0x60
[  625.559848][T17883]  __kasan_slab_free+0x51/0x70
[  625.561778][T17883]  kfree+0x2b4/0x4d0
[  625.563302][T17883]  comedi_device_detach+0x2a4/0x9e0
[  625.565315][T17883]  do_devconfig_ioctl+0x46c/0x580
[  625.567329][T17883]  comedi_unlocked_ioctl+0x165d/0x2f00
[  625.569498][T17883]  __x64_sys_ioctl+0x18e/0x210
[  625.571453][T17883]  do_syscall_64+0xcd/0x4c0
[  625.573281][T17883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.575652][T17883] 
[  625.576613][T17883] The buggy address belongs to the object at ffff8880295d3e00
[  625.576613][T17883]  which belongs to the cache kmalloc-256 of size 256
[  625.582055][T17883] The buggy address is located 176 bytes inside of
[  625.582055][T17883]  freed 256-byte region [ffff8880295d3e00, ffff8880295d3f00)
[  625.587368][T17883] 
[  625.588360][T17883] The buggy address belongs to the physical page:
[  625.590874][T17883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880295d3200 pfn:0x295d2
[  625.594785][T17883] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  625.598067][T17883] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  625.601402][T17883] page_type: f5(slab)
[  625.602972][T17883] raw: 00fff00000000240 ffff88801b842b40 ffffea000124d990 ffffea0000a5ed90
[  625.606308][T17883] raw: ffff8880295d3200 000000000010000f 00000000f5000000 0000000000000000
[  625.609673][T17883] head: 00fff00000000240 ffff88801b842b40 ffffea000124d990 ffffea0000a5ed90
[  625.612929][T17883] head: ffff8880295d3200 000000000010000f 00000000f5000000 0000000000000000
[  625.616321][T17883] head: 00fff00000000001 ffffea0000a57481 00000000ffffffff 00000000ffffffff
[  625.619604][T17883] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  625.622911][T17883] page dumped because: kasan: bad access detected
[  625.625294][T17883] page_owner tracks the page as allocated
[  625.627461][T17883] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 5947, tgid 5947 (syz-executor), ts 82562861003, free_ts 79399607786
[  625.635049][T17883]  post_alloc_hook+0x1c0/0x230
[  625.636979][T17883]  get_page_from_freelist+0x1321/0x3890
[  625.639211][T17883]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  625.641559][T17883]  new_slab+0x94/0x330
[  625.643176][T17883]  ___slab_alloc+0xd9c/0x1940
[  625.645064][T17883]  __slab_alloc.constprop.0+0x56/0xb0
[  625.647164][T17883]  __kmalloc_node_noprof+0x2ed/0x500
[  625.649267][T17883]  alloc_slab_obj_exts+0x41/0xa0
[  625.651255][T17883]  new_slab+0x283/0x330
[  625.652945][T17883]  ___slab_alloc+0xd9c/0x1940
[  625.654789][T17883]  __slab_alloc.constprop.0+0x56/0xb0
[  625.656907][T17883]  kmem_cache_alloc_noprof+0xef/0x3b0
[  625.659008][T17883]  vm_area_dup+0x27/0x8d0
[  625.660755][T17883]  dup_mmap+0x877/0x21d0
[  625.662483][T17883]  copy_process+0x4081/0x7650
[  625.664354][T17883]  kernel_clone+0xfc/0x960
[  625.666110][T17883] page last free pid 5361 tgid 5361 stack trace:
[  625.668591][T17883]  __free_frozen_pages+0x7fe/0x1180
[  625.670644][T17883]  __put_partials+0x16d/0x1c0
[  625.672594][T17883]  qlist_free_all+0x4d/0x120
[  625.674430][T17883]  kasan_quarantine_reduce+0x195/0x1e0
[  625.676606][T17883]  __kasan_slab_alloc+0x69/0x90
[  625.678554][T17883]  __kmalloc_noprof+0x1d4/0x510
[  625.680488][T17883]  tomoyo_realpath_from_path+0xc2/0x6e0
[  625.682687][T17883]  tomoyo_path_perm+0x274/0x460
[  625.684616][T17883]  security_inode_getattr+0x116/0x290
[  625.686743][T17883]  vfs_fstat+0x4b/0xe0
[  625.688358][T17883]  __do_sys_newfstat+0x87/0x100
[  625.690282][T17883]  do_syscall_64+0xcd/0x4c0
[  625.692109][T17883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.694419][T17883] 
[  625.695363][T17883] Memory state around the buggy address:
[  625.697573][T17883]  ffff8880295d3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  625.700702][T17883]  ffff8880295d3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  625.703825][T17883] >ffff8880295d3e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  625.706922][T17883]                                      ^
[  625.709130][T17883]  ffff8880295d3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  625.712252][T17883]  ffff8880295d3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  625.715330][T17883] ==================================================================
[  625.718449][T17883] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  625.721254][T17883] CPU: 3 UID: 0 PID: 17883 Comm: syz.2.4082 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  625.725121][T17883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  625.729287][T17883] Call Trace:
[  625.730621][T17883]  <TASK>
[  625.731815][T17883]  dump_stack_lvl+0x3d/0x1f0
[  625.733653][T17883]  panic+0x71c/0x800
[  625.735252][T17883]  ? __pfx_panic+0x10/0x10
[  625.737023][T17883]  ? __pfx__printk+0x10/0x10
[  625.738826][T17883]  ? end_report+0x4c/0x170
[  625.740591][T17883]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  625.742711][T17883]  check_panic_on_warn+0xab/0xb0
[  625.744683][T17883]  end_report+0x107/0x170
[  625.746348][T17883]  kasan_report+0xee/0x110
[  625.748114][T17883]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  625.750243][T17883]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  625.752373][T17883]  __kasan_check_byte+0x36/0x50
[  625.754296][T17883]  lock_acquire+0xfc/0x350
[  625.755997][T17883]  ? find_held_lock+0x2b/0x80
[  625.757847][T17883]  _raw_spin_lock_irqsave+0x3a/0x60
[  625.759914][T17883]  ? remove_wait_queue+0x25/0x180
[  625.761851][T17883]  remove_wait_queue+0x25/0x180
[  625.763757][T17883]  poll_freewait+0xd5/0x250
[  625.765506][T17883]  do_select+0xe52/0x17e0
[  625.767178][T17883]  ? __pfx_do_select+0x10/0x10
[  625.769023][T17883]  ? psi_task_switch+0x2c1/0x8e0
[  625.770914][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.772704][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.774489][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.776324][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.778188][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.780002][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.781843][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.783655][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.785458][T17883]  ? __pfx_pollwake+0x10/0x10
[  625.787229][T17883]  ? find_held_lock+0x2b/0x80
[  625.789002][T17883]  ? __might_fault+0xe3/0x190
[  625.790766][T17883]  ? __might_fault+0xe3/0x190
[  625.792575][T17883]  ? __might_fault+0x13b/0x190
[  625.794380][T17883]  ? core_sys_select+0x453/0xc10
[  625.796204][T17883]  core_sys_select+0x453/0xc10
[  625.798035][T17883]  ? __pfx_core_sys_select+0x10/0x10
[  625.800044][T17883]  ? find_held_lock+0x2b/0x80
[  625.801815][T17883]  ? set_user_sigmask+0x21b/0x2b0
[  625.803750][T17883]  ? __lock_acquire+0x622/0x1c90
[  625.805635][T17883]  ? __pfx_set_user_sigmask+0x10/0x10
[  625.807695][T17883]  do_pselect.constprop.0+0x19f/0x1e0
[  625.809836][T17883]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  625.812178][T17883]  ? __x64_sys_futex+0x1e0/0x4c0
[  625.814105][T17883]  __x64_sys_pselect6+0x182/0x240
[  625.816038][T17883]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  625.818247][T17883]  do_syscall_64+0xcd/0x4c0
[  625.820026][T17883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.822268][T17883] RIP: 0033:0x7fc2c4f8e9a9
[  625.823980][T17883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  625.831174][T17883] RSP: 002b:00007fc2c5d21038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  625.834330][T17883] RAX: ffffffffffffffda RBX: 00007fc2c51b5fa0 RCX: 00007fc2c4f8e9a9
[  625.837350][T17883] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  625.840288][T17883] RBP: 00007fc2c5010d69 R08: 0000000000000000 R09: 0000000000000000
[  625.843278][T17883] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000000
[  625.846291][T17883] R13: 0000000000000000 R14: 00007fc2c51b5fa0 R15: 00007ffc507ec7c8
[  625.849399][T17883]  </TASK>
[  625.851409][T17883] Kernel Offset: disabled
[  625.853123][T17883] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:31:51  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000bdc653 RBX=0000000000000000 RCX=ffffffff8b869c99 RDX=0000000000000000
RSI=ffffffff8de30032 RDI=ffffffff8c157420 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed100d486645 R10=ffff88806a43322b R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a94250 R15=0000000000000000
RIP=ffffffff8b8687ff RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6720000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f5bb3ca9f98 CR3=0000000032d70000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004090001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411d42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411d4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411d49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411d5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411de3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411ec1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1586488 00007fdaa1586480 00007fdaa1586478 00007fdaa1586450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa20ed100 00007fdaa1586440 00007fdaa1580004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1586498 00007fdaa1586490 00007fdaa1586488 00007fdaa1586480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000e444d3 RBX=0000000000000001 RCX=ffffffff8b869c99 RDX=0000000000000000
RSI=ffffffff8de30032 RDI=ffffffff8c157420 RBP=ffffed1003c53488 RSP=ffffc90000177df8
R8 =0000000000000001 R9 =ffffed100d4a6645 R10=ffff88806a53322b R11=0000000000000001
R12=0000000000000001 R13=ffff88801e29a440 R14=ffffffff90a94250 R15=0000000000000000
RIP=ffffffff8b8687ff RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6820000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055557ecf8808 CR3=0000000029f64000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555591cba52c 0000555591cb9c50
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555591cbbbb0 0000555591cbb010
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 042ee8030fffffff ffffff042ed8030f ffffffffffff042e c8030fffffffffff
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0401000000 0806060176800fff ffffffffff042ef8 030fffffffffffff
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c25b612c01001008 02800300100002e8 1000181000060275 902e80040fffffff
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000208060601 5684028004101000 0282020001000000 08060801768c0000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0158100003800401 0000020806060156 8402800410100002 8202000100000008
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 060801768c0000c2 5b612c0100100802 800300100002e810 0018100006027590
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e80040fffffffff ffff040100000008 06060176800fffff ffffffff042ef803
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0fffffffffffff04 2ee8030fffffffff ffff042ed8030fff ffffffffff042ec8
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000981081 RBX=0000000000000002 RCX=ffffffff8b869c99 RDX=0000000000000000
RSI=ffffffff8de30032 RDI=ffffffff8c157420 RBP=ffffed1003c53910 RSP=ffffc90000187df8
R8 =0000000000000001 R9 =ffffed100d4c6645 R10=ffff88806a63322b R11=0000000000000001
R12=0000000000000002 R13=ffff88801e29c880 R14=ffffffff90a94250 R15=0000000000000000
RIP=ffffffff8b8687ff RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6920000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fdaa2160d58 CR3=000000002d11d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000002000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff0ecfb5d0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411d42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411d4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411d49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411d5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411de3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdaa1411ec1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855a57c5 RDI=ffffffff9b0b9e60 RBP=ffffffff9b0b9e20 RSP=ffffc9000418efc0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230383838666666
R12=0000000000000000 R13=0000000000000034 R14=ffffffff9b0b9e20 R15=ffffffff855a5760
RIP=ffffffff855a57ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc2c5d216c0 ffffffff 00c00000
GS =0000 ffff8880d6a20000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fdaa215ff98 CR3=000000002d11d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004090001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0200000000000000 00f0990020000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2c5011d42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2c5011d4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2c5011d49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2c5011d5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2c5011de3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2c5011ec1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1000200000010002 0000000000009ac9 010000f0e4490002 5100000000060003
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0500030000000002 0000001000200000 0100020000000004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4900025100000000 0600031f00000000 0000000000000200 1300020000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000