last executing test programs:

12m14.944991552s ago: executing program 32 (id=275):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}, @NL80211_ATTR_FRAME={0x24, 0x33, @data_frame={@msdu=@type11={{0x0, 0x2, 0x9, 0x1, 0x1, 0x0, 0x1, 0x1}, {0x3}, @device_a, @device_b, @broadcast, {0x2, 0x1}, @device_b, @value={0x4, 0x1, 0x1, 0x0, 0x20}}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x40c0}, 0x0)

9m7.775663381s ago: executing program 33 (id=3776):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x80)
fchdir(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1f1)
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0)

8m46.763202348s ago: executing program 5 (id=3992):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
r1 = fcntl$dupfd(r0, 0x406, r0)
write$cgroup_pid(r1, &(0x7f0000000240), 0xfdef)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000180), 0x4)
read$FUSE(r1, &(0x7f0000002540)={0x2020}, 0xfdef)

8m46.714628407s ago: executing program 5 (id=3993):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x20042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@rdmsr={0x66, 0x18, {0x40000071}}], 0x18})
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r3, 0x4068aea3, &(0x7f00000000c0)={0xc7, 0x0, 0x1})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x4, 0x2, 0x31237648, 0x6, 0x2, 0x80}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

8m46.403132634s ago: executing program 5 (id=3998):
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="00042dbd7000fd"], 0x14}, 0x1, 0x0, 0x0, 0x2010}, 0x4001)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x38, 0xfff, 0x0, 0x180, 0x2, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x4005, 0x8, 0x0, 0x45, 0x1, 0xbdb], 0xdddd0000, 0x1c4213})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8m46.289199235s ago: executing program 5 (id=3999):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b1098, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000024c0)={0x2020}, 0x2020)

8m46.254971619s ago: executing program 5 (id=4000):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
ioctl$EVIOCSCLOCKID(r1, 0x400445a0, 0x0)

8m45.932401829s ago: executing program 5 (id=4002):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB='b\n'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"})
r1 = syz_open_pts(r0, 0x80)
r2 = dup3(r1, r0, 0x80000)
read$watch_queue(r2, &(0x7f0000001d40)=""/4095, 0xfff)

8m45.858371848s ago: executing program 34 (id=4002):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB='b\n'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"})
r1 = syz_open_pts(r0, 0x80)
r2 = dup3(r1, r0, 0x80000)
read$watch_queue(r2, &(0x7f0000001d40)=""/4095, 0xfff)

8m30.9889818s ago: executing program 3 (id=4324):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=@newqdisc={0xe0, 0x24, 0x4ee4e6a52ff56551, 0x4, 0xfffffffe, {0x0, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0xb0, 0x2, {{0x9, 0x1002, 0x0, 0x2, 0xffffffff, 0x900000}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffbff, 0x100}}, @TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0xa, 0x4, 0x2}}, @NETEM_LOSS_GI={0x18, 0x1, {0x1ff, 0x10001, 0x4, 0x0, 0x9}}]}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x9, 0x5, 0x6, 0x7, 0xffffffff, 0x1}}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x9, 0x9, 0x5, 0x5, 0xfffffffffffffffd, 0x10001}}]}}}]}, 0xe0}, 0x1, 0x0, 0x0, 0x41804}, 0x24000c04)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

8m30.063876785s ago: executing program 3 (id=4358):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f00000001c0)='cgroup.max.depth\x00', 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0x12)
sendfile(r3, r2, 0x0, 0x4)

8m29.988942448s ago: executing program 3 (id=4360):
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x1, 0xfffffffe}, 0xc)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000080)="fb", 0x1}], 0x1)

8m29.874510509s ago: executing program 3 (id=4365):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

8m29.811748175s ago: executing program 3 (id=4368):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000195"], 0x0}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r0}, 0x10)
r1 = socket$kcm(0xa, 0x1, 0x106)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r2}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0xe07e872420dfefca)

8m29.384465968s ago: executing program 3 (id=4378):
r0 = getpgrp(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x8, 0x2, 0x7fff7ffc}]})
r1 = syz_pidfd_open(r0, 0x0)
r2 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
r3 = gettid()
kcmp$KCMP_EPOLL_TFD(r0, r3, 0x7, r1, &(0x7f0000000040)={r2, r1})

8m29.33758804s ago: executing program 35 (id=4378):
r0 = getpgrp(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x8, 0x2, 0x7fff7ffc}]})
r1 = syz_pidfd_open(r0, 0x0)
r2 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180))
r3 = gettid()
kcmp$KCMP_EPOLL_TFD(r0, r3, 0x7, r1, &(0x7f0000000040)={r2, r1})

8m5.261794124s ago: executing program 1 (id=4828):
r0 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x4, r0, 0x3, &(0x7f0000000000))
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

8m5.176745943s ago: executing program 1 (id=4829):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0xee01, &(0x7f00000000c0)={0x0, 0x1, 0x2000200000a95c, 0x9, 0x1, 0x80000001, 0x48cd, 0xfffffffffffffffc, 0xffffff15})
r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x181ac1, 0x0)
fallocate(r1, 0x0, 0x7, 0x8000)
fchown(r1, 0xee01, 0x0)

8m5.176551133s ago: executing program 1 (id=4830):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f0000000000)={0x0, 0xc000})

8m4.999651416s ago: executing program 1 (id=4831):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f00000007c0)='./file0/file0\x00', 0x0, 0x1000, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000640)='./file0/file0\x00', 0x272)

8m4.902153557s ago: executing program 1 (id=4832):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80102, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd2(0xe5c, 0x80000)
r3 = eventfd2(0x7, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x7, 0x2, r2})
dup2(r4, r1)

8m4.558577447s ago: executing program 1 (id=4837):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$int_in(r0, 0x5421, &(0x7f0000000140)=0x1)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

8m4.494107615s ago: executing program 36 (id=4837):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$int_in(r0, 0x5421, &(0x7f0000000140)=0x1)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

7m37.971685052s ago: executing program 8 (id=5408):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1a8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x47)
mknodat$loop(r0, &(0x7f0000000200)='./file1\x00', 0x800, 0x1)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f00000001c0)='./file1\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
pivot_root(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

7m37.840405252s ago: executing program 8 (id=5413):
r0 = io_uring_setup(0x797a, &(0x7f0000000140)={0x0, 0x52c1, 0x8, 0xfffffffe, 0x3d})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x34014c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0x1a}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x80101, 0x101)
dup2(r3, r1)
close_range(r0, 0xffffffffffffffff, 0x0)

7m37.721269613s ago: executing program 8 (id=5419):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x0, 0xfffffffffffffffe})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x4})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000440)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r3}, @flat=@handle={0x73682a85, 0x1101, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x2b}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

7m37.671709174s ago: executing program 8 (id=5420):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

7m37.582779025s ago: executing program 8 (id=5421):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@dev, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0xe8)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in=@multicast2, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0xe8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0203100802"], 0x10}}, 0x0)
sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
sendmsg$key(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xa, 0x0, 0x9, 0x2}, 0x10}}, 0x0)

7m37.283404348s ago: executing program 8 (id=5424):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000e, 0x204031, 0xffffffffffffffff, 0xe4771000)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000080), &(0x7f00000002c0)=@udp=r2}, 0x20)
recvmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40002063)

7m37.191514773s ago: executing program 37 (id=5424):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000e, 0x204031, 0xffffffffffffffff, 0xe4771000)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000080), &(0x7f00000002c0)=@udp=r2}, 0x20)
recvmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40002063)

7m24.573154221s ago: executing program 9 (id=5620):
socket$unix(0x1, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x50, r2, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

7m24.508364575s ago: executing program 9 (id=5624):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newlink={0x20, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x50483}}, 0x20}, 0x1, 0x0, 0x0, 0x9005}, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4880)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x3ff, 0x1, 0xfffffff8, 0x0, 0x7, 0x7f, 0x8, 0x5, 0x1}}}}]}, 0x58}}, 0x44884)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x1c, 0x0, 0x200, 0x70bd2b, 0x2, {}, [@NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8}]}, 0x1c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

7m24.454149946s ago: executing program 9 (id=5627):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xc000})
openat$pmem0(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x16030424752e863, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0001}]})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7m24.211814805s ago: executing program 9 (id=5635):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x403, 0x0, 0x700, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1006}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x387a}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x440b0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r3, &(0x7f0000000380)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x1, {0x0, 0x0, 0x0, r5, {}, {0x0, 0x5}}}, 0x24}}, 0x10)

7m24.105989861s ago: executing program 9 (id=5636):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
chdir(&(0x7f0000000080)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
syz_open_procfs(r0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x200010, 0x0)

7m24.015862518s ago: executing program 9 (id=5638):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x800, 0x2, 0x4}, 0x1c)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000240)=@newlink={0x38, 0x10, 0x439, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r4, 0x69801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @broadcast}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
sendto$packet(r1, &(0x7f0000000440)="11", 0x1, 0x2400d011, &(0x7f0000000200)={0x11, 0x88a8, r4, 0x1, 0x6, 0x6, @broadcast}, 0x14)

7m7.926176612s ago: executing program 38 (id=5638):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x800, 0x2, 0x4}, 0x1c)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000240)=@newlink={0x38, 0x10, 0x439, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r4, 0x69801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @broadcast}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
sendto$packet(r1, &(0x7f0000000440)="11", 0x1, 0x2400d011, &(0x7f0000000200)={0x11, 0x88a8, r4, 0x1, 0x6, 0x6, @broadcast}, 0x14)

40.695789059s ago: executing program 6 (id=15429):
unshare(0x60060200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x100, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/150, 0x96, 0x1, 0x0}, &(0x7f0000000180)=0x2635766960cd1dc1)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000080)="66b8b2000f00d866ba4300b8902d98a7efc744240048000000c74424020c000000ff1c240f0097f3ffffff650f229e9067470f01c90f01c966b809018ee00f20e035000400000f22e0", 0x49}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r2, 0x89f7, &(0x7f0000000300)={'sit0\x00', &(0x7f00000001c0)={@remote}})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

40.447917975s ago: executing program 6 (id=15432):
open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x80801)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}], 0x1}}], 0x1, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc03064ca, &(0x7f0000000700)={&(0x7f0000000680)=[0x0, 0x0], 0x0, 0x0, 0x2, 0x2})
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000002c0)="a39c1fb4d127f197e8e3a41c9fe5567d9137e293a21d262ad6ead1253f31493569f5737c8ed607d03401d5a3edcb68d755d12873885f886046a2e5550caba204798bc956a8e35b04539a88965838ea21a464cd6511361959341849a8618e0beaa03ad408d943e7f9bbbdb28d", 0x6c}, {&(0x7f0000000500)="a608e5f2e2724fd7d00b71dc97e13f5a2a987046270dc61632cb51d1ec3c7912901302ff866747b05d5e18a21bc5d2d55d87d4683de5d6dc5aa63b9f6e1c4883c3fcae54300a236a34f1fc74e8ca8e2e807635dc41b9bc8ff385223d7d528b631d0f0538f807e106df999fba2f884d84cb60dd41aa1811cf1e995a246881f986041125fc245cf25cd2c0e73358f6981d19e1f47a8d118b4e", 0x98}, {0x0}, {&(0x7f00000006c0)="8d4fb001cf69a4e5d8cea7569c780cc8598d314562f2d2e8bf22047e364764a56d8d35000cc37feb758a43590f1bb28a3713bd28dfa24e670fb5eae6020d6fe9b35b93159c3e7d2cbf38d5f548bd105beea848805a6a01", 0x57}, {&(0x7f0000000780)}, {&(0x7f0000000880)}, {&(0x7f0000000940)="a25473c28cca42abe4e2e2ff22c40b099dc8d1401b3d70b005a30c5dee9bb2914b8ab87826d866fa20f13f1e1ea3215b34735fd7c72736516bea3e0ec3dd8bc9164fcb7f6d46dc26d12f4a78890a9492d56ef482f6861fd3d92b5e5f40a6c7362d23a3f9f3f32d32266a8d15882a83ee2d5226afe3ef90088f5082d6c986922dbac25ddabb11695f3317ba3118eb03269fff79cd4fb24c379c832eabf54dea07c0837ff258638f66bcf415e967dbba00e0120e19998eb5c5560afb510a8098491725e7c0", 0xc4}], 0x7, &(0x7f0000000d80)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x4}}}, @hopopts={{0x1a0, 0x29, 0x36, {0x5e, 0x30, '\x00', [@pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x38, {0x3, 0xc, 0x0, 0xfff, [0xffff, 0x966, 0x7, 0xfffffffffffffff7, 0x97c3, 0x1]}}, @calipso={0x7, 0x10, {0x0, 0x2, 0x7, 0x6, [0x7fff]}}, @generic={0x8, 0xe2, "c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf463cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc704b388202add651f628963a90fea5d8fa5b32a0876185144ae57b4f1c03d4f67005cdb5938591d5ea712014e358ea0808807873fd7290c6d4f033de64c7e86ab309f93fd8146e6672c844ca0c43cde3afb3f9b0e9c19b929779fe65f579221b81"}, @generic={0x1, 0x41, "9a348c3c19e341e07ee4adc61d7ea01e5c10989b56b8a6204ece9d7b40c0a8048b5a67b9d9a0001ae722193bf19685e3237a76548d6a2f0207089d2d9fb4647e81"}]}}}, @rthdr={{0x18, 0x29, 0x39, {0x62}}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x3, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x238}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, 0x3a, 0x703, 0x270bd24, 0x25dfdbf8, {0xd}}, 0x14}}, 0x4008800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

40.292059526s ago: executing program 6 (id=15436):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)

40.290760362s ago: executing program 6 (id=15437):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000010000104000000000007000000000000", @ANYRES32, @ANYBLOB="3f00000006020400280012800b0001006272696467650000180002800c002e000300000003000000050007"], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

40.235331332s ago: executing program 6 (id=15439):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x2000, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000400)={0x0, 0x1f000000})
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x2c, 0x24, 0x100, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0xb, 0x10}, {0xffff, 0xffff}, {0x6, 0x6}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x42}, 0x2004008c)

40.160710404s ago: executing program 6 (id=15441):
open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x80801)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000002c0)="a39c1fb4d127f197e8e3a41c9fe5567d9137e293a21d262ad6ead1253f31493569f5737c8ed607d03401d5a3edcb68d755d12873885f886046a2e5550caba204798bc956a8e35b04539a88965838ea21a464cd6511361959341849a8618e0beaa03a", 0x62}, {&(0x7f0000000500)="a608e5f2e2724fd7d00b71dc97e13f5a2a987046270dc61632cb51d1ec3c7912901302ff866747b05d5e18a21bc5d2d55d87d4683de5d6dc5aa63b9f6e1c4883c3fcae54300a236a34f1fc74e8ca8e2e807635dc41b9bc8ff385223d7d528b631d0f0538f807e106df999fba", 0x6c}, {&(0x7f0000000600)="d1a75a1596128c62e1a54cdce27b10c886aba86c6984512723139121091f323ea7d8140bf18a01c9c26c276bf48f99f81646de6331281fd9fa888ba2f9edd17442ed87a5543871d04e112b1431283b80844b20f2166819c03d2a8a8d7187ea24b42b9f5f93da1b2f047d36c7911f92b3b86c34ead9e7a50185ebf33763038d853922cd", 0x83}, {&(0x7f00000006c0)="8d4fb001cf69a4e5d8cea7569c780cc8598d314562f2d2e8bf22047e364764a56d8d35000cc37feb758a43590f1bb28a3713bd28dfa24e670fb5eae6020d6fe9b35b93159c3e7d2cbf38d5f548bd105beea848805a6a", 0x56}, {&(0x7f0000000780)}, {&(0x7f0000000880)="bf0171aab45469f23a3e11b9c8fb004572d990a78a7a7b3b7b4a4d2def1e711b6d7fb1742ebbca750dca13be6d89a7c1ba6f2af52f77b7735ad9ec4ccb265d37075afa82a0dbb371487e9124126e5b4e245dee2fafc80ac8609a2acd770acccafd112e302e93afbf01f8bfd4262df4ad9a09f59efecff400e2b06fb698b1641a41e82a2369875f9a2fe3e358420a8b3371f3", 0x92}, {&(0x7f0000000940)="a25473c28cca42abe4e2e2ff22c40b099dc8d1401b3d70b005a30c5dee9bb2914b8ab87826d866fa20f13f1e1ea3215b34735fd7c72736516bea3e0ec3dd8bc9164fcb7f6d46dc26d12f4a78890a9492d56ef482f6861fd3d92b5e5f40a6c7362d23a3f9f3f32d32266a8d15882a83ee2d5226afe3ef90088f5082d6c986922dbac25ddabb11695f3317ba3118eb03269fff79cd4fb24c379c832eabf54dea07c0837ff258638f66bcf415e967dbba00e0120e19998eb5c5", 0xb8}], 0x7, &(0x7f0000000d80)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x4}}}, @hopopts={{0x1a0, 0x29, 0x36, {0x5e, 0x30, '\x00', [@pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x38, {0x3, 0xc, 0x0, 0xfff, [0xffff, 0x966, 0x7, 0xfffffffffffffff7, 0x97c3, 0x1]}}, @calipso={0x7, 0x10, {0x0, 0x2, 0x7, 0x6, [0x7fff]}}, @generic={0x8, 0xe2, "c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf463cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc704b388202add651f628963a90fea5d8fa5b32a0876185144ae57b4f1c03d4f67005cdb5938591d5ea712014e358ea0808807873fd7290c6d4f033de64c7e86ab309f93fd8146e6672c844ca0c43cde3afb3f9b0e9c19b929779fe65f579221b81"}, @generic={0x1, 0x41, "9a348c3c19e341e07ee4adc61d7ea01e5c10989b56b8a6204ece9d7b40c0a8048b5a67b9d9a0001ae722193bf19685e3237a76548d6a2f0207089d2d9fb4647e81"}]}}}, @rthdr={{0x18, 0x29, 0x39, {0x62}}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x3, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x238}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

24.154676965s ago: executing program 39 (id=15441):
open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x80801)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000002c0)="a39c1fb4d127f197e8e3a41c9fe5567d9137e293a21d262ad6ead1253f31493569f5737c8ed607d03401d5a3edcb68d755d12873885f886046a2e5550caba204798bc956a8e35b04539a88965838ea21a464cd6511361959341849a8618e0beaa03a", 0x62}, {&(0x7f0000000500)="a608e5f2e2724fd7d00b71dc97e13f5a2a987046270dc61632cb51d1ec3c7912901302ff866747b05d5e18a21bc5d2d55d87d4683de5d6dc5aa63b9f6e1c4883c3fcae54300a236a34f1fc74e8ca8e2e807635dc41b9bc8ff385223d7d528b631d0f0538f807e106df999fba", 0x6c}, {&(0x7f0000000600)="d1a75a1596128c62e1a54cdce27b10c886aba86c6984512723139121091f323ea7d8140bf18a01c9c26c276bf48f99f81646de6331281fd9fa888ba2f9edd17442ed87a5543871d04e112b1431283b80844b20f2166819c03d2a8a8d7187ea24b42b9f5f93da1b2f047d36c7911f92b3b86c34ead9e7a50185ebf33763038d853922cd", 0x83}, {&(0x7f00000006c0)="8d4fb001cf69a4e5d8cea7569c780cc8598d314562f2d2e8bf22047e364764a56d8d35000cc37feb758a43590f1bb28a3713bd28dfa24e670fb5eae6020d6fe9b35b93159c3e7d2cbf38d5f548bd105beea848805a6a", 0x56}, {&(0x7f0000000780)}, {&(0x7f0000000880)="bf0171aab45469f23a3e11b9c8fb004572d990a78a7a7b3b7b4a4d2def1e711b6d7fb1742ebbca750dca13be6d89a7c1ba6f2af52f77b7735ad9ec4ccb265d37075afa82a0dbb371487e9124126e5b4e245dee2fafc80ac8609a2acd770acccafd112e302e93afbf01f8bfd4262df4ad9a09f59efecff400e2b06fb698b1641a41e82a2369875f9a2fe3e358420a8b3371f3", 0x92}, {&(0x7f0000000940)="a25473c28cca42abe4e2e2ff22c40b099dc8d1401b3d70b005a30c5dee9bb2914b8ab87826d866fa20f13f1e1ea3215b34735fd7c72736516bea3e0ec3dd8bc9164fcb7f6d46dc26d12f4a78890a9492d56ef482f6861fd3d92b5e5f40a6c7362d23a3f9f3f32d32266a8d15882a83ee2d5226afe3ef90088f5082d6c986922dbac25ddabb11695f3317ba3118eb03269fff79cd4fb24c379c832eabf54dea07c0837ff258638f66bcf415e967dbba00e0120e19998eb5c5", 0xb8}], 0x7, &(0x7f0000000d80)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x4}}}, @hopopts={{0x1a0, 0x29, 0x36, {0x5e, 0x30, '\x00', [@pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x38, {0x3, 0xc, 0x0, 0xfff, [0xffff, 0x966, 0x7, 0xfffffffffffffff7, 0x97c3, 0x1]}}, @calipso={0x7, 0x10, {0x0, 0x2, 0x7, 0x6, [0x7fff]}}, @generic={0x8, 0xe2, "c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf463cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc704b388202add651f628963a90fea5d8fa5b32a0876185144ae57b4f1c03d4f67005cdb5938591d5ea712014e358ea0808807873fd7290c6d4f033de64c7e86ab309f93fd8146e6672c844ca0c43cde3afb3f9b0e9c19b929779fe65f579221b81"}, @generic={0x1, 0x41, "9a348c3c19e341e07ee4adc61d7ea01e5c10989b56b8a6204ece9d7b40c0a8048b5a67b9d9a0001ae722193bf19685e3237a76548d6a2f0207089d2d9fb4647e81"}]}}}, @rthdr={{0x18, 0x29, 0x39, {0x62}}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x3, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x238}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.19131407s ago: executing program 2 (id=16176):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r1, 0x1, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @random="2716157f3354"}, 0x10)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x80400, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40081271, &(0x7f0000000980)=0x4000)
ioctl$BLKRRPART(r2, 0x125f, 0x0)

1.080127984s ago: executing program 2 (id=16180):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004700)={'team0\x00', <r2=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000000c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="05042bbd7000fedbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="4400028040000100240001006d6f64650000001f0005000000000000000000000000000000000000000000000500030005000000100004006c"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)

1.067657682s ago: executing program 2 (id=16182):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x3f00, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000010000104000000000007000000000000", @ANYRES32=r2, @ANYBLOB="3f00000006020400280012800b0001006272696467650000180002800c002e000300000003000000050007"], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

994.29523ms ago: executing program 2 (id=16184):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
io_setup(0x38c6b09d, &(0x7f0000000000))
unshare(0x20000600)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x702, 0xe, 0xff0f, &(0x7f0000000540)="e460334470b8d480eb00c15286dd", 0x0, 0x8001, 0x0, 0xfffffffffffffd1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000a80))
r3 = fcntl$getown(r0, 0x9)
capset(&(0x7f0000000080)={0x20071026, r3}, &(0x7f0000000040)={0x800003, 0x21fffd, 0x4, 0x0, 0x2, 0xfffffffe})
pipe(&(0x7f0000000280)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
creat(&(0x7f0000000180)='./file0\x00', 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$netrom(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000)={{0x6, @bcast, 0x2}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r7, @ANYBLOB="00000000100000001c001a80", @ANYRES32=r8], 0x44}}, 0x0)
r9 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r9, 0xc0045516, &(0x7f0000000000))
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
splice(r4, 0x0, r6, 0x0, 0x4ffe6, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)

500.901642ms ago: executing program 4 (id=16203):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[], 0x18}}, 0x20004000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001e80)=@newtaction={0x48, 0x31, 0x1, 0xfffffffd, 0x25dfdbfb, {0x0, 0x0, 0x11}, [{0x34, 0x1, [@m_police={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x3, {0x1, 0xc1cec2645649c048}}, {0xc}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x63, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x4, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x13, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='environ\x00')
read$FUSE(r1, 0x0, 0xa00)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

498.256727ms ago: executing program 4 (id=16205):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x6}, @NFTA_QUOTA_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x100000000000000}, 0x0)

427.401245ms ago: executing program 4 (id=16206):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="760a000000000000611150ff0f00000018000000004fb85525a8a7230000000000000000243e74ae34d09e"], &(0x7f0000000000)='GPL\x00'}, 0x80)
r0 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501)
r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000080)=0x14, 0x80000) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3701)
ioctl$USBDEVFS_GET_SPEED(r4, 0x551f) (async)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000700)=ANY=[@ANYBLOB="400000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="00010400000000002000128008000100677470001400028005001296a207916358170f000a230102a97ae4825fa90212ac65119a1613c6b9c95994670265d40fce7e07dd4267ade6b54dff8424bbe94e5260300325e4c2a5105c57d6cc354c05c42c04b5f8214014c7ac32317c34ef679493f9801e00"/129], 0x40}}, 0x50) (async)
r5 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x1) (async)
ioctl$TCSETS(r5, 0x80047456, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f0000000680))
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000002, 0x13, r8, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
r9 = openat$procfs(0xffffff9c, &(0x7f0000001080)='/proc/slabinfo\x00', 0x0, 0x0)
ppoll(&(0x7f0000000240)=[{r9}], 0x1, &(0x7f0000000280)={0x0, 0x989680}, 0x0, 0x0)
recvmmsg(r9, &(0x7f0000002140), 0x1, 0x2031, &(0x7f00000022c0))
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r10, 0x6, 0xc, &(0x7f0000000040)=0x5, 0x4) (async)
accept4(r1, &(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r11=>0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f00000002c0)=0x80, 0x80800) (async)
r12 = socket(0x25, 0x5, 0x0) (async)
r13 = socket$nl_route(0x10, 0x3, 0x0)
r14 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r15 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r14, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r15, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r13, @ANYRES64=r12], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x20000810)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r11, &(0x7f00000024c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f0000002440)={0x64, r15, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f00000004c0)={0x4b5a9da54893e123, 0x3, 0x17, 0x2}, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0})

371.451564ms ago: executing program 7 (id=16210):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5800000010000104000002000000000000000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000300012800b00010067656e6576650000200002801400070020010000000000000000000000000000080001000100000008000a00", @ANYRES32], 0x58}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)

371.325242ms ago: executing program 0 (id=16211):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@bridge_newneigh={0x30, 0x1c, 0x1, 0x70bd29, 0x25dfdc00, {0x7, 0x0, 0x0, r1, 0x80, 0x7f, 0xa}, [@NDA_FLAGS_EXT={0x8}, @NDA_LLADDR={0xa, 0x2, @random="f5cd1533841a"}]}, 0x30}, 0x1, 0x0, 0x0, 0x2400c001}, 0x4040004)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000800000000000000000000850000007d000000850000000700000095"], &(0x7f00000000c0)='GPL\x00', 0x4}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@RTM_GETMDB={0x18, 0x56, 0xd23}, 0x18}, 0x1, 0x0, 0x0, 0x408c4}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='i2c_write\x00', r2, 0x0, 0x800}, 0x18)
r4 = syz_open_procfs(0x0, &(0x7f0000000280)='fdinfo/4\x00')
preadv(r4, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/51, 0x33}], 0x1, 0x0, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x106)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000200), 0x802, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f00000000c0), 0x0)
sendmsg$inet(r5, &(0x7f0000000040)={&(0x7f0000000380)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000080)="fbd2b9ed29d8974a6ce75f08916ac3b4da11bc1a", 0xffeb}], 0x1}, 0x0)

371.267248ms ago: executing program 4 (id=16212):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1f00000010000104000000000007000000000000", @ANYRES32=r2, @ANYBLOB="3f00000006020400280012800b0001006272696467650000180002800c002e000300000003000000050007"], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

299.031013ms ago: executing program 4 (id=16213):
move_pages(0x0, 0x0, 0x0, &(0x7f0000000040)=[0x1], 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000140), 0x8, 0x400800)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000000c0)={<r1=>0x0, 0x1})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x20000000}, @IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4040080}, 0x0)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x15)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(r0, 0xc01064c1, &(0x7f0000000080)={r1, 0x1, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f0000000040)={0x0, 0x1, r3})
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x500)
ioctl$EVIOCSABS0(r4, 0x401845c0, 0x0)

298.812918ms ago: executing program 0 (id=16214):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d80000001e0081054e81f7820600000000ff9e0006007c095dd2466518000e800a00142603600e1208000f0000000406a80016c00800094014000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791433a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad909d5e1cace81ed0bffece0b42a9eca0200e6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)

298.566746ms ago: executing program 0 (id=16215):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001080)=ANY=[@ANYBLOB="b702000024000000bfa30000000000000703000000feffff7a0af0fff8bffffd79a4f0ff00000000b7060000ffffffff2d640500000000006502040001001f000404000001007d60b7030000000000006a0a00fefdff00008500000026000000b7000000000000009500000000000000c743a0c8e3ebbadc20e5a7efcc9ac1467fb2ea80dbcf8df265e1b40e4c8afd5c0c000000008da68076774bbcdb2c769937000090af27db5b56024db96bcbbbd2cb2000ce03000000000000007e357754508535766c80114604a86fe569b05614eab9297eb290a248a120c9c6e39f403ff065fd3052aae80675eeba68562eaeaea5fecf298ca20f274233106eab63ecf772de7b265040b6c50b7420b48a93fe94c756108afcd0b2eb78040000005f02a5a6474ae549070004000000001294fba0ed5020e6474ac921fee1f6d8ad6a80c0947cd6d4a561ced21a0b4a902be6af7ec2d1ba002e57f301000000000000000000000000100000aaf25343063e6581f9e6de14ad72e5ad84309f47f96a576cd20cef7ed951a73ea73d7c7f14e306f1f1d1377e57abb19700f0077e9d0000b93eb0f2c6f8141e350dc68147e5958128d22d58625cf9dba211bfff9c3709c9b134625d3d2369f516a49eeeb1a662c8dfb875bdf5c6ba73cccdfacb202994c40d322717faff03323dce8a34ee0ca2cf61efb4b30000642735d6d482ba98d252f36c54333aab1aa736369392b9067665339820f5f1557b0bf7cc06a5a13c714e0b1a1f000000ff3283076cda3d0b1a2905cfc3d04f1db264b530abcbe44bc405f600807970727fb819afa1907228fa9e83433eedb4ac88d0285594ffb0d14c09d5c77f33702822b02488ea570204c8441ced81cacf945dcb2486d65ceec8bcaffbe800a041a378b40dc9e3600e916ae6307bd8325a442095bc9a8b0c95905979f34adddbb26f0d24425c8ab9d937d84b521914f92eed3d3e9de82942a952e86b567aff5bc2e3c1fcc00f618363df5d0d181ee8f4b8fd356c9eb365adc037e443820c05c5db16ff07a9cf471e2ebf91ab00a05f88c1cd55f8c81f5eb1f8d615ca27efb2193bb61665a1ce37f30c2efc9c3b5a4a5d95479fac471ba60fbd0e50225563cd37343d09da72472efc2b2877fbab12a891513e5f0763ae06c0610a2869747c143d75007606000000b2310e19ac58bf29d7f178d09a9f634a3ae492f54649589e3692768a0f3a082c5242c8fa7f01e0873c9c5c604108ad85950d8e08465fa1067ea8f383b3e7a7ddf5977d46f4bc38f914b4a496426d8468f9ba618b6b2218b50c8fc9efbce3ba799cf70de7e13be871aa7eb402e2b11f440361e18d4e334bfc6ae54e62e67a0338c756c544189e4519a029674e2a2bbbc7f6600000000000800000e5e30b70b198246d3a62660600000030a0af132e680510811d3ab71af5d98e2d3d928a749e8b9402d14655612bd58fb40b4625cb69bf6cea97b447f2d970d99100000000086000001b881afb2cc500003a73562af4878f75b4c98274eeb666aa1f5fcf91990cf0dcfef9540057b8a3fff2bc02c5941626d2015f414546e87835ba18e9101734a9e9c6955fc6b9a25fe2a3dd8bab7f21beccba5493a164c663eceed401737c12c65804712236a9a29a43b1e27e9b6816f2328ea8423121f12b7b35aa721fef26934ccafde573bee5c33ef15309f43cbd5d61aa679a9c402d337ebf57a5eacb569401c1df7b9c45b09743c61d1db37f0000000000020000000000de00d23dd63b7761d7d6818db785d8ba13dc577fe61a68eb365de5661f43d4c789bb117a3d208ae44a38e7868dc32e132124ecf52327631b718b3157e218959156ff8e92b7e92bc275d2c9114547351a0d0f2a70d13be0194b6cb68b03000000000000004f153bbc7f52861e4e5df0d19e4e40ac44cfda6f87807e5b5ed7072c04da88afd3d4b79f060e004a0e2f00b9e726ac75d2ac0691314c627e9a8a07bdd607919fd48f01ad6d2f7621d9a75b134f1bc25ed7c33d411a5baa4daa3add16afc502b2b7629541d722e91d631e5ffb9d4beb5aa5a2c4e490a5bd038c1817f0d4652a29353b05b16b3c5cf4538ba310b8cbc221af38ea842d4cb908bcd574f794459fd54b58c6a791e6df625a47bade4ba41ee014184395a479544619f749ff70088b0fd115077f7eff7c5a3315ca604d110df1c54407f191a78d8362e4dc6e1138391c2a65246779bb76c9f1daea4f085f38810edef6dd047937c231cba791a4e7713c5b3b0a0b6ba37db5016e02d114d714459d065a79609fea4efebad04edac11aac0e53dd094827453144fa419ee81823d00a90a9058ba740d2f41253a8d01a8c1a7265a084e30ad10d412aee8170a7111d62473e7bd8f3d64fb7ebdd32aada331900000000000000000000000084ef49dd020000000000000000000000d9dcb285038ec38d5f4969ed0e98a71ac7bf8159a234833a5241722b2d24aa2fa4965d4eb7966fb27d118b6ef3308627e67d42f1041d5e92da28e0a7724ce715854775cbe06c5166f1dac0745f1373156a536cb6394c2c4473e2050cacf693fdf8e305080000001a901ecd90a5f53b8327a485557bc2a147b036477915e600000000034258ebbb6099b597d17ee2fc97ca850b8580b1337016a40566814594c13052b9d2b0741326825f19a244609ac04a0c29691a7c8f7a78c1a7590a293c561f304533c638ae635f5ce026f7fa034d8cfe0e11831d4829692beab26891ef583cfcb713a4d3a2d8b958c0875d7e4bdcf98802db086ebcbb9d82fa569a18f06facc2ffe1ea9ae4231e1e7a5dd7503faa2de7f898c97788c4b9c61c70ff92abdf7476cc351156d11c0ada7614f315f4c6cca119d16827d4e864f5a7a9b690272a510c451dc07f391309d02e31e53b2bf0b5f86e776b1bcfe6c85ccd7ddf8a9559d58bb5603895f265685fdd11263c946f8ef3ccec1b0d45a47a89b8237cbbdab14e4ca6dc76b2c41e071b93a065c0f5aa718e1cfab29beea78a6bd9a3114f0fb92be9a5862627b4bd99db2c08e4636e43f05f33535d5d1f9bb40e1fd8e5125a3d29b31dd94a6744bbc21722222b976089f073a4d3fcafc6d06518cf0c4fc6c8e3da0000000000000000000000007d3b60775243f2143d9f54804b11102cf0e4c641db1ba8bf75e46ab3a8fdece6562e7ebb3e407f3c7504dfa3da3aecbd49af3d1edeea11cc970416fadeedc8423bfdc85041ac4d8243a1130e6f4cb5bbfed9d095e18c98c7d690e4c491a7ddcd5635bc61dbed719ca28e8ca3f1fbbe588913ed057f1d6e34a79f4dc10df54d1993a5bc5f9ef6dbd339ee4b0b5764169f305e284ef82cc23e9366d4bc7eb45c7230b13433e5240657cb8eba33260147be8620b6d98cc48b000000000000000000000000c1ce872b18984f080100000000000000bd3fded92547d41809b398f36749083a147eb09ff1ed601bd36b873d3947fb223da647052528e0466cb917db7800f7c7000b593fca1903991cca1343882e3a1f60044f11c081dae4fc5bcf20efacdd2c577f4bcda2eea6f75a31dc90eebb6135b6fb824052181b0ad8a49ebf03ccf61d7e39bf6b0762d24d19796016301d1415b5110ba9df7f204aedb2a2e4e621c0553d312b309db67192f98ef7800000d629c04e216afc8fc66616bbf304e452373aa927c2ad6f5417f1b9bc322b802c1c42112a92a331cdc113b9ace3ff52ede7a853f9a89002ba070bac2f635a03db3375e5564f1a798bf9c0f8c72725d2eca9b0ec7e453d78ea20eca61530fe574299b393ca144adcb06108dfbb934065a87972739150a8752ac111c4d9062ccb95c54034fbdee131d94dfbaab1854d55665746fb7b47d25e54070b0d14c0a29c57bc4930075e1761913b036d43852c6df9f10e15105b2a18668298a3577943514db0dce953dcec62139ff3f16066efec5d8cbc0600000000007289be5883aab951ea67cf2ff691d05c1ea91dd569ed9897fe8d88a0a6977dc8955be17e8026aff11c61fa5cc76196c1423cd597345253baa1537eb6962a3ce1fe5d5ab46938e8fb23fa7047bc59c4345e912585a9adb5fe2ff51b64a326321b594e3f2d339f4090bdae6b30b62064bacbc155d3c930576f506b093ca7c60957bdfdd6536baaa871cf6a603c736b78761e6463b8ac503e219cc3d98f649602ad24d5667368290ee926fba76ee482a201a03efece3b236f4ee2ffcd5d90d92a2f0c5cfa48c87f27c2f1e92988a6508c12f6b7755cc48eb10edafca92cb0260c72295a27a24846d3a2334bd60e94c0fd07e5db0a4964a7fc4e89f11a300510776934e87bb3c21394f46954a012b2a3b0760f1bad1dbd6b466ed7153bd18ee2c0b2353c38df9e0782eb"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfe37}, 0x48) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$inet(0x2, 0x3, 0xa)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f00000001c0)=0xc)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
finit_module(r2, 0x0, 0x3) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000180)='task_newtask\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
waitid(0x0, 0x0, 0x0, 0x4, 0x0) (async)
r3 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f0000000400)=0xffffff63) (async)
r4 = syz_pidfd_open(r1, 0x0)
pidfd_send_signal(r4, 0x2, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000040)={{0xa, 0x5, 0x9, 0x8, '\x00', 0x8}, 0x4, 0x30, 0x18, r1, 0x2, 0x4, 'syz1\x00', &(0x7f0000000000)=['-\x00', '/dev/snd/controlC#\x00'], 0x15})

298.418557ms ago: executing program 4 (id=16216):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000040)="7aa5224a2c05436b18951af818e2b0f0", 0x10)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) (async)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=@newqdisc={0xe0, 0x24, 0x4ee4e6a52ff56551, 0x4, 0xfffffffe, {0x0, 0x0, 0x0, r3, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0xb0, 0x2, {{0x9, 0x1002, 0x0, 0x2, 0xffffffff, 0x900000}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffbff, 0x100}}, @TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0xa, 0x4, 0x2}}, @NETEM_LOSS_GI={0x18, 0x1, {0x1ff, 0x10001, 0x4, 0x0, 0x9}}]}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x9, 0x5, 0x6, 0x7, 0xffffffff, 0x1}}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x9, 0x9, 0x5, 0x5, 0xfffffffffffffffd, 0x10001}}]}}}]}, 0xe0}, 0x1, 0x0, 0x0, 0x41804}, 0x24000c04)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) (async)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

223.274639ms ago: executing program 0 (id=16217):
r0 = socket(0x840000000002, 0x3, 0x9)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0x4001, 0x3, 0x250, 0x3000000, 0x700001b, 0x148, 0x0, 0x148, 0x1b8, 0x206, 0x240, 0x1b8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@loopback, @empty, 0xffffffff, 0x0, 'tunl0\x00', 'veth0_to_bond\x00', {0xff}, {}, 0x1}, 0x1ea, 0xc0, 0x120, 0x0, {0x390, 0x8f00}, [@common=@inet=@socket3={{0x28}, 0x1}, @common=@icmp={{0x28}, {0x12, "e07c", 0x1}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x2, 0x3, 0x1, 0x2, 0x7], 0x2, 0x5}, {0x0, [0x3, 0x6f455bfb4ce26171, 0x6, 0x6, 0x2, 0x21debfafc4f76fce], 0x3}}}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xe2002454fb7b9fcc, 0xff, 'team0\x00', 'gre0\x00', {}, {0xff}, 0x8, 0x2, 0x5}, 0x0, 0x70, 0x98}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x10, 0x9, 0xf9}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b0)

223.039559ms ago: executing program 7 (id=16218):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x38, r1, 0x1, 0x0, 0x10, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x38}, 0x1, 0x0, 0xfffffffe, 0x800}, 0x0)

222.808894ms ago: executing program 0 (id=16219):
socket$inet(0x2, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
r0 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$alg(r0, &(0x7f00000021c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000100)="a92e81d0991808e33c2330164cf023df", 0xfffffc81}], 0x1, &(0x7f0000001040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x880}], 0x1, 0x80001)
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r1)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000400eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x8800)

159.744434ms ago: executing program 0 (id=16220):
r0 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x7fff, 0x40024e}, &(0x7f0000000340), &(0x7f0000000040))
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000070000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@gettfilter={0x3c, 0x2e, 0x400, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xe, 0xf}, {0x8, 0xffff}}, [{0x8, 0xb, 0x5}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0xc0e}]}, 0x3c}}, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x54, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x40, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'batadv0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x5e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x6}]}]}, 0x54}}, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000000))
exit(0x0)
ppoll(&(0x7f0000000240)=[{0xffffffffffffffff, 0x4400}, {r0, 0x4004}], 0x2, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f00000002c0)={[0x3]}, 0x8)

159.57127ms ago: executing program 7 (id=16221):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000100)={'team_slave_0\x00', {0x2, 0x4e21, @empty}})
r1 = socket$kcm(0x29, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000000)={r0}) (async)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000000)={r0})

159.263639ms ago: executing program 7 (id=16222):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)

84.885517ms ago: executing program 7 (id=16223):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="240000001800090000fffe000000000002000000ff0000010000000008000500ac"], 0x24}}, 0x0)

84.663847ms ago: executing program 2 (id=16224):
syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000000680)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a00e4ff0186f94625a5665a3247e500f61681905db88235f8a5447dd2a2ed6e918588068881e50f6853772b21a100ba37ff7e7b262865362b5aa646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed821f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f30da60fd53ded22c87eb2be016ed04983fe5c5ca033dfce0a82555ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2d1f600"})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
futex(&(0x7f0000000500), 0xb, 0x0, &(0x7f0000000540), &(0x7f0000000580), 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x3f}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x8}}, @qdisc_kind_options=@q_ingress={0xc}]}, 0x38}}, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

84.520007ms ago: executing program 7 (id=16225):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r0, &(0x7f00000003c0), 0x0}, 0x20)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)=0x7)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x1000000000000, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r3, 0xc0884113, &(0x7f0000000300)={0x1, 0xfffffe00, 0x2, 0x8, 0x7, 0x0, 0x6, 0x9, 0x0, 0x1, 0x100100, 0x1})
r4 = socket$packet(0x11, 0x2, 0x300)
r5 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000180), 0x161a02, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x14)
ioctl$TIOCSSOFTCAR(r5, 0x541a, &(0x7f0000000140)=0x5)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r7 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000001c0)=0x14)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000280)=[@acquire_done], 0x0, 0x0, 0x0})
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x5, &(0x7f0000000100))
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYRES8=r6, @ANYRESDEC=r7, @ANYBLOB="00000000000000000c001a80080004"], 0x2c}}, 0x0)

0s ago: executing program 2 (id=16226):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x8, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xffff, 0xfd, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0xfd}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f00000012c0)={0x0, 0x22, 0x5, {0x5, 0xc, "26ed60"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1) (async)
r1 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000040)={0x1, 0x5, 0x5, &(0x7f00000000c0)={0x3, "700831000721aea2c04839013004cf53c8a0fc85aea1ae6140fc38663200"}}) (async)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000040)={0x1, 0x5, 0x5, &(0x7f00000000c0)={0x3, "700831000721aea2c04839013004cf53c8a0fc85aea1ae6140fc38663200"}})
syz_emit_vhci(&(0x7f0000003140)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_le_read_num_supported_adv_sets={{0xd}}}}, 0x8)

kernel console output (not intermixed with test programs):

adv: batadv0: Adding interface: batadv_slave_1
[  760.299284][T13120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  760.315904][T13120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  760.349690][T13154] bridge0: port 2(bridge_slave_1) entered disabled state
[  760.351977][T13154] bridge0: port 1(bridge_slave_0) entered disabled state
[  760.373950][T13120] hsr_slave_0: entered promiscuous mode
[  760.376395][T13120] hsr_slave_1: entered promiscuous mode
[  760.381304][T13120] debugfs: 'hsr0' already exists in 'hsr'
[  760.383160][T13120] Cannot create hsr debugfs directory
[  760.387965][T29496] Bluetooth: hci3: command tx timeout
[  760.455099][   T40] audit: type=1400 audit(1766307047.001:1177): avc:  denied  { remount } for  pid=13163 comm="syz.4.15467" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  760.461420][T13164] binder: Binderfs stats mode cannot be changed during a remount
[  760.468584][T13164] netlink: 'syz.4.15467': attribute type 178 has an invalid length.
[  760.529865][T13120] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.627905][T13120] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.742456][T13120] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.840725][T13120] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  761.047473][T13120] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  761.054947][T13120] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  761.075620][T13120] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  761.082717][T13120] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  761.154423][T13120] 8021q: adding VLAN 0 to HW filter on device bond0
[  761.167564][T13120] 8021q: adding VLAN 0 to HW filter on device team0
[  761.180910][T13212] __nla_validate_parse: 16 callbacks suppressed
[  761.180921][T13212] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15481'.
[  761.189253][T17947] bridge0: port 1(bridge_slave_0) entered blocking state
[  761.191583][T17947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  761.201529][T17947] bridge0: port 2(bridge_slave_1) entered blocking state
[  761.203899][T17947] bridge0: port 2(bridge_slave_1) entered forwarding state
[  761.246167][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  761.246914][T13215] netlink: 20 bytes leftover after parsing attributes in process `syz.0.15482'.
[  761.326665][T13226] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15485'.
[  761.350259][T13120] 8021q: adding VLAN 0 to HW filter on device batadv0
[  761.440109][T13241] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15490'.
[  761.500400][T13120] veth0_vlan: entered promiscuous mode
[  761.505199][T13120] veth1_vlan: entered promiscuous mode
[  761.518298][T13120] veth0_macvtap: entered promiscuous mode
[  761.529140][T13120] veth1_macvtap: entered promiscuous mode
[  761.536197][T13252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  761.539073][T13120] batman_adv: batadv0: Interface activated: batadv_slave_0
[  761.546539][T13252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  761.551142][T13120] batman_adv: batadv0: Interface activated: batadv_slave_1
[  761.564039][T17937] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  761.568802][T17937] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  761.572268][T17937] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  761.579814][T17937] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  761.616732][ T5041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  761.620766][ T5041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  761.635696][T17937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  761.638895][T17937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  761.738730][T13262] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15496'.
[  761.792712][T13269] netlink: 28 bytes leftover after parsing attributes in process `syz.7.15499'.
[  761.792712][T13268] netlink: 28 bytes leftover after parsing attributes in process `syz.7.15499'.
[  761.815367][T13271] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15500'.
[  761.929238][T29496] Bluetooth: hci2: command tx timeout
[  762.071868][T13286] netlink: 156 bytes leftover after parsing attributes in process `syz.7.15504'.
[  762.112862][   T40] audit: type=1400 audit(1766307048.544:1178): avc:  denied  { getopt } for  pid=13287 comm="syz.7.15505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  762.150878][T13291] ip6t_srh: unknown srh invflags 51E8
[  762.213848][ T5947] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  762.229331][ T5947] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  762.234504][ T5947] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  762.235838][T13295] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15508'.
[  762.237253][ T5947] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  762.241129][T13295] bridge0: port 2(bridge_slave_1) entered disabled state
[  762.243145][ T5947] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  762.245896][T13295] bridge0: port 1(bridge_slave_0) entered disabled state
[  762.366918][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  762.407921][T13292] chnl_net:caif_netlink_parms(): no params data found
[  762.540477][T13292] bridge0: port 1(bridge_slave_0) entered blocking state
[  762.543586][T13292] bridge0: port 1(bridge_slave_0) entered disabled state
[  762.546638][T13292] bridge_slave_0: entered allmulticast mode
[  762.551604][T13292] bridge_slave_0: entered promiscuous mode
[  762.556319][T13313] netlink: 'syz.4.15513': attribute type 10 has an invalid length.
[  762.557018][T13292] bridge0: port 2(bridge_slave_1) entered blocking state
[  762.562923][T13292] bridge0: port 2(bridge_slave_1) entered disabled state
[  762.566134][T13292] bridge_slave_1: entered allmulticast mode
[  762.570946][T13292] bridge_slave_1: entered promiscuous mode
[  762.574107][T13313] team0: Device veth1_macvtap failed to register rx_handler
[  762.605465][T13292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  762.612058][T13292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  762.623467][T29496] Bluetooth: hci3: command tx timeout
[  762.624725][ T6020] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  762.640092][T13292] team0: Port device team_slave_0 added
[  762.643353][T13292] team0: Port device team_slave_1 added
[  762.657132][T13292] batman_adv: batadv0: Adding interface: batadv_slave_0
[  762.659455][T13292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  762.667389][T13292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  762.673557][T13292] batman_adv: batadv0: Adding interface: batadv_slave_1
[  762.675718][T13292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  762.683631][T13292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  762.733586][T13292] hsr_slave_0: entered promiscuous mode
[  762.736067][T13292] hsr_slave_1: entered promiscuous mode
[  762.738155][T13292] debugfs: 'hsr0' already exists in 'hsr'
[  762.739940][T13292] Cannot create hsr debugfs directory
[  762.866257][T13292] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  762.989513][T13292] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.068941][T13292] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.175709][T13292] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.364494][T13292] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  763.369303][T13292] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  763.375329][T13292] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  763.379729][T13292] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  763.426036][T13292] 8021q: adding VLAN 0 to HW filter on device bond0
[  763.435155][T13292] 8021q: adding VLAN 0 to HW filter on device team0
[  763.440916][ T5041] bridge0: port 1(bridge_slave_0) entered blocking state
[  763.443202][ T5041] bridge0: port 1(bridge_slave_0) entered forwarding state
[  763.451021][ T5041] bridge0: port 2(bridge_slave_1) entered blocking state
[  763.453647][ T5041] bridge0: port 2(bridge_slave_1) entered forwarding state
[  763.470209][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  763.615059][T13292] 8021q: adding VLAN 0 to HW filter on device batadv0
[  763.675791][T13292] veth0_vlan: entered promiscuous mode
[  763.685675][T13292] veth1_vlan: entered promiscuous mode
[  763.704078][T13292] veth0_macvtap: entered promiscuous mode
[  763.708276][T13292] veth1_macvtap: entered promiscuous mode
[  763.719797][T13292] batman_adv: batadv0: Interface activated: batadv_slave_0
[  763.748931][T13292] batman_adv: batadv0: Interface activated: batadv_slave_1
[  763.770408][T17947] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  763.773730][T17947] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  763.777147][T17947] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  763.785174][T17947] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  763.847547][ T5033] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  763.854590][ T5033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  763.868064][ T5033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  763.875816][ T5033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  763.982706][T17947] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  764.152622][ T5947] Bluetooth: hci2: command tx timeout
[  764.411456][ T5947] Bluetooth: hci4: command tx timeout
[  764.583145][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  764.849668][ T5947] Bluetooth: hci3: command tx timeout
[  765.087241][T13455] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  765.096924][T13455] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  765.119257][T13459] ip6t_srh: unknown srh invflags 51E8
[  765.290268][T13464] bridge0: port 2(bridge_slave_1) entered disabled state
[  765.292697][T13464] bridge0: port 1(bridge_slave_0) entered disabled state
[  765.703988][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  765.725819][T13472] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  766.381982][T13475] netlink: 'syz.4.15570': attribute type 10 has an invalid length.
[  766.385283][T13475] team0: Device veth1_macvtap failed to register rx_handler
[  766.387960][ T5947] Bluetooth: hci2: command tx timeout
[  766.646475][ T5947] Bluetooth: hci4: command tx timeout
[  766.659574][T13486] __nla_validate_parse: 12 callbacks suppressed
[  766.659586][T13486] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15574'.
[  766.709405][T13490] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15577'.
[  766.806110][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  766.887116][T13509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15586'.
[  766.933042][T13514] netlink: 40 bytes leftover after parsing attributes in process `syz.0.15588'.
[  766.937929][T13515] netlink: 'syz.7.15589': attribute type 5 has an invalid length.
[  766.945735][T13515] ip6erspan0: entered promiscuous mode
[  767.020464][T13525] FAULT_INJECTION: forcing a failure.
[  767.020464][T13525] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  767.025202][T13525] CPU: 3 UID: 0 PID: 13525 Comm: syz.4.15593 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  767.025229][T13525] Tainted: [L]=SOFTLOCKUP
[  767.025235][T13525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  767.025245][T13525] Call Trace:
[  767.025252][T13525]  <TASK>
[  767.025260][T13525]  dump_stack_lvl+0x16c/0x1f0
[  767.025302][T13525]  should_fail_ex+0x512/0x640
[  767.025336][T13525]  _copy_from_iter+0x2a4/0x16c0
[  767.025367][T13525]  ? __pfx__copy_from_iter+0x10/0x10
[  767.025391][T13525]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  767.025424][T13525]  copy_page_from_iter+0xde/0x180
[  767.025464][T13525]  tun_build_skb.constprop.0+0x2e8/0x1560
[  767.025497][T13525]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  767.025521][T13525]  ? arch_stack_walk+0xa6/0x100
[  767.025557][T13525]  ? _kstrtoull+0x145/0x200
[  767.025577][T13525]  tun_get_user+0x149c/0x3cc0
[  767.025629][T13525]  ? __pfx_tun_get_user+0x10/0x10
[  767.025646][T13525]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  767.025660][T13525]  ? find_held_lock+0x2b/0x80
[  767.025684][T13525]  ? tun_get+0x191/0x370
[  767.025708][T13525]  tun_chr_write_iter+0xdc/0x210
[  767.025731][T13525]  vfs_write+0x7d3/0x11d0
[  767.025752][T13525]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  767.025779][T13525]  ? __pfx_vfs_write+0x10/0x10
[  767.025796][T13525]  ? find_held_lock+0x2b/0x80
[  767.025836][T13525]  ksys_write+0x12a/0x250
[  767.025856][T13525]  ? __pfx_ksys_write+0x10/0x10
[  767.025877][T13525]  ? fput+0x70/0xf0
[  767.025898][T13525]  do_syscall_64+0xcd/0xf80
[  767.025919][T13525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.025937][T13525] RIP: 0033:0x7f4ca138e27f
[  767.025952][T13525] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  767.025969][T13525] RSP: 002b:00007f4ca22bc000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  767.025985][T13525] RAX: ffffffffffffffda RBX: 00007f4ca15e5fa0 RCX: 00007f4ca138e27f
[  767.025996][T13525] RDX: 0000000000000036 RSI: 0000200000000100 RDI: 00000000000000c8
[  767.026005][T13525] RBP: 00007f4ca22bc090 R08: 0000000000000000 R09: 0000000000000000
[  767.026016][T13525] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  767.026026][T13525] R13: 00007f4ca15e6038 R14: 00007f4ca15e5fa0 R15: 00007ffc64acbd88
[  767.026051][T13525]  </TASK>
[  767.072386][ T5947] Bluetooth: hci3: command tx timeout
[  767.173480][T13535] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15596'.
[  767.223522][T13541] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15600'.
[  767.417853][T13549] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15603'.
[  767.918002][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  768.092527][ T5989] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  768.270555][T13561] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15607'.
[  768.362051][T13568] netlink: 40 bytes leftover after parsing attributes in process `syz.7.15610'.
[  768.503422][   T40] audit: type=1400 audit(1766307054.528:1179): avc:  denied  { setopt } for  pid=13572 comm="syz.4.15612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  768.533189][T13563] FAULT_INJECTION: forcing a failure.
[  768.533189][T13563] name failslab, interval 1, probability 0, space 0, times 0
[  768.537511][T13563] CPU: 1 UID: 0 PID: 13563 Comm: syz.0.15608 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  768.537540][T13563] Tainted: [L]=SOFTLOCKUP
[  768.537544][T13563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  768.537551][T13563] Call Trace:
[  768.537557][T13563]  <TASK>
[  768.537562][T13563]  dump_stack_lvl+0x16c/0x1f0
[  768.537609][T13563]  should_fail_ex+0x512/0x640
[  768.537628][T13563]  ? fs_reclaim_acquire+0xae/0x150
[  768.537657][T13563]  should_failslab+0xc2/0x120
[  768.537671][T13563]  __kmalloc_noprof+0xeb/0x910
[  768.537689][T13563]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  768.537707][T13563]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  768.537720][T13563]  tomoyo_realpath_from_path+0xc2/0x6e0
[  768.537736][T13563]  ? tomoyo_profile+0x47/0x60
[  768.537753][T13563]  tomoyo_path_number_perm+0x245/0x580
[  768.537765][T13563]  ? tomoyo_path_number_perm+0x237/0x580
[  768.537778][T13563]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  768.537791][T13563]  ? find_held_lock+0x2b/0x80
[  768.537831][T13563]  ? find_held_lock+0x2b/0x80
[  768.537848][T13563]  ? hook_file_ioctl_common+0x144/0x410
[  768.537868][T13563]  ? __fget_files+0x20e/0x3c0
[  768.537885][T13563]  security_file_ioctl+0x9b/0x240
[  768.537900][T13563]  __x64_sys_ioctl+0xb7/0x210
[  768.537913][T13563]  do_syscall_64+0xcd/0xf80
[  768.537928][T13563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  768.537939][T13563] RIP: 0033:0x7fc9f938f7c9
[  768.537948][T13563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  768.537958][T13563] RSP: 002b:00007fc9fa24a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  768.537969][T13563] RAX: ffffffffffffffda RBX: 00007fc9f95e5fa0 RCX: 00007fc9f938f7c9
[  768.537975][T13563] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  768.537981][T13563] RBP: 00007fc9fa24a090 R08: 0000000000000000 R09: 0000000000000000
[  768.537987][T13563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  768.537993][T13563] R13: 00007fc9f95e6038 R14: 00007fc9f95e5fa0 R15: 00007ffde14637b8
[  768.538007][T13563]  </TASK>
[  768.601827][ T5947] Bluetooth: hci2: command tx timeout
[  768.603421][    C1] hpet: Lost 3 RTC interrupts
[  768.614795][T13563] ERROR: Out of memory at tomoyo_realpath_from_path.
[  768.681991][T13583] netlink: 156 bytes leftover after parsing attributes in process `syz.7.15614'.
[  768.772957][T13592] ip6t_srh: unknown srh invflags 51E8
[  768.834484][T13602] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  768.841332][T13606] netlink: 'syz.7.15623': attribute type 10 has an invalid length.
[  768.847620][T13602] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  768.858949][ T5947] Bluetooth: hci4: command tx timeout
[  768.863716][T13606] team0: Device veth1_macvtap failed to register rx_handler
[  769.032783][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  769.097806][T13627] netlink: 'syz.7.15633': attribute type 30 has an invalid length.
[  769.425559][   T40] audit: type=1400 audit(1766307055.397:1180): avc:  denied  { setopt } for  pid=13642 comm="syz.7.15639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  769.659071][   T40] audit: type=1400 audit(1766307055.603:1181): avc:  denied  { write } for  pid=13668 comm="syz.0.15649" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  769.674900][T13669] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  769.692100][T13671] bridge0: port 2(bridge_slave_1) entered blocking state
[  769.695234][T13671] bridge0: port 2(bridge_slave_1) entered listening state
[  769.698416][T13671] bridge0: port 1(bridge_slave_0) entered blocking state
[  769.702072][T13671] bridge0: port 1(bridge_slave_0) entered listening state
[  770.142087][T20536] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  770.142172][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  770.146972][ T3914] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  771.034330][T13736] bridge0: port 2(bridge_slave_1) entered blocking state
[  771.037210][T13736] bridge0: port 2(bridge_slave_1) entered listening state
[  771.039789][T13736] bridge0: port 1(bridge_slave_0) entered blocking state
[  771.042107][T13736] bridge0: port 1(bridge_slave_0) entered listening state
[  771.094072][ T5947] Bluetooth: hci4: command tx timeout
[  771.192955][T13751] Cannot find del_set index 0 as target
[  771.276926][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  771.542081][T13774] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  771.551874][T13774] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  771.613903][T13779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  771.616787][T13779] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  771.874536][   T61] usb 9-1: new high-speed USB device number 41 using dummy_hcd
[  772.039482][   T61] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  772.043473][   T61] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  772.046965][   T61] usb 9-1: Product: syz
[  772.048733][   T61] usb 9-1: Manufacturer: syz
[  772.050716][   T61] usb 9-1: SerialNumber: syz
[  772.057995][   T61] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  772.080599][   T61] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  772.266222][   T40] audit: type=1804 audit(1766307058.043:1182): pid=13788 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.15692" name="file0" dev="ramfs" ino=210955 res=1 errno=0
[  772.309055][T20531] usb 9-1: USB disconnect, device number 41
[  772.368255][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  772.458644][T13798] __nla_validate_parse: 16 callbacks suppressed
[  772.458659][T13798] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15696'.
[  772.505259][T13800] netlink: 52 bytes leftover after parsing attributes in process `syz.7.15697'.
[  772.508709][T13800] bridge0: port 2(bridge_slave_1) entered disabled state
[  772.511047][T13800] bridge0: port 1(bridge_slave_0) entered disabled state
[  772.894355][T13826] netlink: 52 bytes leftover after parsing attributes in process `syz.7.15707'.
[  772.904322][T13828] ip6t_srh: unknown srh invflags 51E8
[  773.094649][T13830] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  773.096713][T13830] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  773.100477][T13830] vhci_hcd vhci_hcd.0: Device attached
[  773.111989][T13843] usbip_core: unknown command
[  773.113502][T13843] vhci_hcd: unknown pdu 1792
[  773.115022][T13843] usbip_core: unknown command
[  773.119215][ T1143] vhci_hcd vhci_hcd.4: stop threads
[  773.121445][ T1143] vhci_hcd vhci_hcd.4: release socket
[  773.125946][ T1143] vhci_hcd vhci_hcd.4: disconnect device
[  773.222616][   T61] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive
[  773.224942][   T61] ath9k_htc: Failed to initialize the device
[  773.227355][T20531] usb 9-1: ath9k_htc: USB layer deinitialized
[  773.267597][T13846] FAULT_INJECTION: forcing a failure.
[  773.267597][T13846] name failslab, interval 1, probability 0, space 0, times 0
[  773.272192][T13846] CPU: 1 UID: 0 PID: 13846 Comm: syz.7.15715 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  773.272209][T13846] Tainted: [L]=SOFTLOCKUP
[  773.272213][T13846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  773.272220][T13846] Call Trace:
[  773.272224][T13846]  <TASK>
[  773.272228][T13846]  dump_stack_lvl+0x16c/0x1f0
[  773.272261][T13846]  should_fail_ex+0x512/0x640
[  773.272280][T13846]  ? __kmalloc_cache_noprof+0x5f/0x800
[  773.272299][T13846]  should_failslab+0xc2/0x120
[  773.272313][T13846]  __kmalloc_cache_noprof+0x80/0x800
[  773.272329][T13846]  ? rcu_is_watching+0x12/0xc0
[  773.272339][T13846]  ? vhost_task_create+0xe5/0x370
[  773.272368][T13846]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  773.272386][T13846]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  773.272402][T13846]  ? vhost_task_create+0xe5/0x370
[  773.272415][T13846]  vhost_task_create+0xe5/0x370
[  773.272428][T13846]  ? __pfx_vhost_task_create+0x10/0x10
[  773.272446][T13846]  ? __pfx_vhost_task_fn+0x10/0x10
[  773.272462][T13846]  ? __pfx___mutex_lock+0x10/0x10
[  773.272480][T13846]  kvm_mmu_post_init_vm+0x1b7/0x380
[  773.272495][T13846]  kvm_arch_vcpu_ioctl_run+0x66/0x1860
[  773.272508][T13846]  ? kvm_vcpu_ioctl+0x14f8/0x16d0
[  773.272527][T13846]  kvm_vcpu_ioctl+0x76d/0x16d0
[  773.272545][T13846]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  773.272561][T13846]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  773.272575][T13846]  ? do_vfs_ioctl+0x128/0x14f0
[  773.272587][T13846]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  773.272599][T13846]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  773.272619][T13846]  ? hook_file_ioctl_common+0x144/0x410
[  773.272639][T13846]  ? selinux_file_ioctl+0x180/0x270
[  773.272652][T13846]  ? selinux_file_ioctl+0xb4/0x270
[  773.272666][T13846]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  773.272683][T13846]  __x64_sys_ioctl+0x18e/0x210
[  773.272696][T13846]  do_syscall_64+0xcd/0xf80
[  773.272710][T13846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  773.272721][T13846] RIP: 0033:0x7f6eeab8f7c9
[  773.272731][T13846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  773.272741][T13846] RSP: 002b:00007f6eebb07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  773.272751][T13846] RAX: ffffffffffffffda RBX: 00007f6eeade5fa0 RCX: 00007f6eeab8f7c9
[  773.272757][T13846] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  773.272763][T13846] RBP: 00007f6eebb07090 R08: 0000000000000000 R09: 0000000000000000
[  773.272769][T13846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  773.272775][T13846] R13: 00007f6eeade6038 R14: 00007f6eeade5fa0 R15: 00007ffd30d79f88
[  773.272789][T13846]  </TASK>
[  773.360290][    C1] hpet: Lost 5 RTC interrupts
[  773.479874][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  773.797661][T13857] netlink: 24 bytes leftover after parsing attributes in process `syz.4.15719'.
[  773.970136][T13872] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15724'.
[  774.056413][ T8211] usb 12-1: new high-speed USB device number 9 using dummy_hcd
[  774.238242][ T8211] usb 12-1: Using ep0 maxpacket: 32
[  774.241742][ T8211] usb 12-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  774.244942][ T8211] usb 12-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  774.251271][ T8211] usb 12-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  774.254754][ T8211] usb 12-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  774.263005][ T8211] usb 12-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  774.266306][ T8211] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  774.268793][ T8211] usb 12-1: Product: syz
[  774.270215][ T8211] usb 12-1: Manufacturer: syz
[  774.271716][ T8211] usb 12-1: SerialNumber: syz
[  774.277093][    C1] imon 12-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  774.282750][ T8211] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:155.0/input/input79
[  774.505654][ T8211] imon 12-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  774.508421][ T8211]  (id 0x00)
[  774.548271][ T8211] rc_core: IR keymap rc-imon-pad not found
[  774.550199][ T8211] Registered IR keymap rc-empty
[  774.551850][ T8211] imon 12-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  774.555500][ T8211] imon 12-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  774.592158][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  774.689943][T13896] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15733'.
[  774.723604][ T8211] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:155.0/rc/rc0
[  774.734956][ T8211] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:155.0/rc/rc0/input80
[  774.741298][ T8211] imon 12-1:155.0: iMON device (15c2:ffdc, intf0) on usb<12:9> initialized
[  774.974830][T13858] imon:send_packet: packet tx failed (-71)
[  774.974984][T20536] usb 12-1: USB disconnect, device number 9
[  774.997688][T13858] imon:vfd_write: send packet #0 failed
[  775.035999][T29496] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  775.042493][T29496] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  775.047434][T29496] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  775.050933][T29496] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  775.053701][T29496] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  775.192411][T13906] chnl_net:caif_netlink_parms(): no params data found
[  775.195095][   T40] audit: type=1400 audit(1766307060.783:1183): avc:  denied  { getopt } for  pid=13917 comm="syz.4.15740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  775.255689][T13905] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15718'.
[  775.290191][T13906] bridge0: port 1(bridge_slave_0) entered blocking state
[  775.293179][T13906] bridge0: port 1(bridge_slave_0) entered disabled state
[  775.296086][T13906] bridge_slave_0: entered allmulticast mode
[  775.300504][T13906] bridge_slave_0: entered promiscuous mode
[  775.305349][T13906] bridge0: port 2(bridge_slave_1) entered blocking state
[  775.307978][T13906] bridge0: port 2(bridge_slave_1) entered disabled state
[  775.311018][T13906] bridge_slave_1: entered allmulticast mode
[  775.313831][T13906] bridge_slave_1: entered promiscuous mode
[  775.334050][T13906] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  775.341304][T13906] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  775.360416][T13906] team0: Port device team_slave_0 added
[  775.366604][T13906] team0: Port device team_slave_1 added
[  775.384679][T13906] batman_adv: batadv0: Adding interface: batadv_slave_0
[  775.386708][T13933] netlink: 60 bytes leftover after parsing attributes in process `syz.0.15744'.
[  775.386960][T13906] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  775.397924][T13906] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  775.402234][T13933] netlink: 60 bytes leftover after parsing attributes in process `syz.0.15744'.
[  775.410477][T13906] batman_adv: batadv0: Adding interface: batadv_slave_1
[  775.413166][T13906] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  775.423845][T13906] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  775.447529][T13906] hsr_slave_0: entered promiscuous mode
[  775.449962][T13906] hsr_slave_1: entered promiscuous mode
[  775.452186][T13906] debugfs: 'hsr0' already exists in 'hsr'
[  775.454029][T13906] Cannot create hsr debugfs directory
[  775.527113][T13939] 8021q: adding VLAN 0 to HW filter on device bond1
[  775.536308][T13906] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  775.539600][T13906] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.586331][T13944] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  775.630607][T13948] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15750'.
[  775.687419][T13906] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  775.690454][T13906] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.691411][T13951] binder_alloc: 13945: pid 13945 spamming oneway? 1 buffers allocated for a total size of 4096
[  775.714577][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  775.752533][T13906] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  775.755572][T13906] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.833172][T13906] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  775.837140][T13906] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.973222][T13955] netlink: 'syz.4.15752': attribute type 10 has an invalid length.
[  775.976657][T13955] team0: Device veth1_macvtap failed to register rx_handler
[  776.000273][T13906] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  776.007015][T13906] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  776.012012][T13906] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  776.017265][T13906] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  776.068115][T13906] 8021q: adding VLAN 0 to HW filter on device bond0
[  776.085183][T13906] 8021q: adding VLAN 0 to HW filter on device team0
[  776.091088][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state
[  776.094087][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  776.102552][ T1254] bridge0: port 2(bridge_slave_1) entered blocking state
[  776.105468][ T1254] bridge0: port 2(bridge_slave_1) entered forwarding state
[  776.247754][T13906] 8021q: adding VLAN 0 to HW filter on device batadv0
[  776.279388][T13906] veth0_vlan: entered promiscuous mode
[  776.284641][T13906] veth1_vlan: entered promiscuous mode
[  776.288151][T13975] IPv6: addrconf: prefix option has invalid lifetime
[  776.297166][T13975] IPv6: addrconf: prefix option has invalid lifetime
[  776.304345][ T5033] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  776.306568][T13906] veth0_macvtap: entered promiscuous mode
[  776.315636][T13906] veth1_macvtap: entered promiscuous mode
[  776.329185][T13906] batman_adv: batadv0: Interface activated: batadv_slave_0
[  776.337360][T13906] batman_adv: batadv0: Interface activated: batadv_slave_1
[  776.344828][ T5041] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  776.348590][ T5041] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  776.352312][ T5041] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  776.355619][ T5041] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  776.425174][ T5041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  776.429147][ T5041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  776.448685][ T5033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  776.451886][ T5033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  776.543156][T13985] bridge0: port 2(bridge_slave_1) entered disabled state
[  776.545741][T13985] bridge0: port 1(bridge_slave_0) entered disabled state
[  776.674898][T13983] FAULT_INJECTION: forcing a failure.
[  776.674898][T13983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  776.681661][T13983] CPU: 3 UID: 0 PID: 13983 Comm: syz.4.15758 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  776.681689][T13983] Tainted: [L]=SOFTLOCKUP
[  776.681695][T13983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  776.681706][T13983] Call Trace:
[  776.681712][T13983]  <TASK>
[  776.681746][T13983]  dump_stack_lvl+0x16c/0x1f0
[  776.681790][T13983]  should_fail_ex+0x512/0x640
[  776.681823][T13983]  _copy_to_user+0x32/0xd0
[  776.681855][T13983]  simple_read_from_buffer+0xcb/0x170
[  776.681880][T13983]  proc_fail_nth_read+0x197/0x240
[  776.681899][T13983]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  776.681918][T13983]  ? rw_verify_area+0xcf/0x6c0
[  776.681937][T13983]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  776.681954][T13983]  vfs_read+0x1e4/0xcf0
[  776.681976][T13983]  ? __pfx___mutex_lock+0x10/0x10
[  776.682001][T13983]  ? __pfx_vfs_read+0x10/0x10
[  776.682026][T13983]  ? __fget_files+0x20e/0x3c0
[  776.682056][T13983]  ksys_read+0x12a/0x250
[  776.682076][T13983]  ? __pfx_ksys_read+0x10/0x10
[  776.682096][T13983]  ? fput+0x70/0xf0
[  776.682114][T13983]  do_syscall_64+0xcd/0xf80
[  776.682135][T13983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.682152][T13983] RIP: 0033:0x7f4ca138e1dc
[  776.682168][T13983] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  776.682183][T13983] RSP: 002b:00007f4ca22bc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  776.682198][T13983] RAX: ffffffffffffffda RBX: 00007f4ca15e5fa0 RCX: 00007f4ca138e1dc
[  776.682208][T13983] RDX: 000000000000000f RSI: 00007f4ca22bc0a0 RDI: 0000000000000007
[  776.682216][T13983] RBP: 00007f4ca22bc090 R08: 0000000000000000 R09: 0000000000000000
[  776.682226][T13983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  776.682234][T13983] R13: 00007f4ca15e6038 R14: 00007f4ca15e5fa0 R15: 00007ffc64acbd88
[  776.682258][T13983]  </TASK>
[  776.815992][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  776.916102][T14006] FAULT_INJECTION: forcing a failure.
[  776.916102][T14006] name failslab, interval 1, probability 0, space 0, times 0
[  776.920242][T14006] CPU: 0 UID: 0 PID: 14006 Comm: syz.4.15765 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  776.920259][T14006] Tainted: [L]=SOFTLOCKUP
[  776.920263][T14006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  776.920269][T14006] Call Trace:
[  776.920273][T14006]  <TASK>
[  776.920277][T14006]  dump_stack_lvl+0x16c/0x1f0
[  776.920294][T14006]  should_fail_ex+0x512/0x640
[  776.920311][T14006]  ? fs_reclaim_acquire+0xae/0x150
[  776.920327][T14006]  should_failslab+0xc2/0x120
[  776.920341][T14006]  __kmalloc_noprof+0xeb/0x910
[  776.920358][T14006]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  776.920376][T14006]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  776.920390][T14006]  tomoyo_realpath_from_path+0xc2/0x6e0
[  776.920406][T14006]  ? tomoyo_profile+0x47/0x60
[  776.920423][T14006]  tomoyo_path_number_perm+0x245/0x580
[  776.920434][T14006]  ? tomoyo_path_number_perm+0x237/0x580
[  776.920448][T14006]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  776.920461][T14006]  ? find_held_lock+0x2b/0x80
[  776.920488][T14006]  ? find_held_lock+0x2b/0x80
[  776.920504][T14006]  ? hook_file_ioctl_common+0x144/0x410
[  776.920528][T14006]  ? __fget_files+0x20e/0x3c0
[  776.920546][T14006]  security_file_ioctl+0x9b/0x240
[  776.920561][T14006]  __x64_sys_ioctl+0xb7/0x210
[  776.920574][T14006]  do_syscall_64+0xcd/0xf80
[  776.920589][T14006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.920600][T14006] RIP: 0033:0x7f4ca138f7c9
[  776.920608][T14006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  776.920618][T14006] RSP: 002b:00007f4ca22bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  776.920628][T14006] RAX: ffffffffffffffda RBX: 00007f4ca15e5fa0 RCX: 00007f4ca138f7c9
[  776.920635][T14006] RDX: 0000200000000680 RSI: 0000000000004b72 RDI: 0000000000000003
[  776.920641][T14006] RBP: 00007f4ca22bc090 R08: 0000000000000000 R09: 0000000000000000
[  776.920647][T14006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  776.920653][T14006] R13: 00007f4ca15e6038 R14: 00007f4ca15e5fa0 R15: 00007ffc64acbd88
[  776.920667][T14006]  </TASK>
[  776.920671][T14006] ERROR: Out of memory at tomoyo_realpath_from_path.
[  777.243944][ T5947] Bluetooth: hci0: command tx timeout
[  777.398951][T14032] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  777.481294][   T40] audit: type=1400 audit(1766307062.924:1184): avc:  denied  { ioctl } for  pid=14037 comm="syz.7.15778" path="socket:[211809]" dev="sockfs" ino=211809 ioctlcmd=0x8916 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  777.527073][T14046] netlink: 'syz.7.15782': attribute type 3 has an invalid length.
[  777.530407][T14046] netlink: 'syz.7.15782': attribute type 3 has an invalid length.
[  777.572784][T14052] ip6t_srh: unknown srh invflags 51E8
[  777.590786][T14054] FAULT_INJECTION: forcing a failure.
[  777.590786][T14054] name failslab, interval 1, probability 0, space 0, times 0
[  777.595206][T14054] CPU: 0 UID: 0 PID: 14054 Comm: syz.4.15786 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  777.595223][T14054] Tainted: [L]=SOFTLOCKUP
[  777.595227][T14054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  777.595233][T14054] Call Trace:
[  777.595239][T14054]  <TASK>
[  777.595245][T14054]  dump_stack_lvl+0x16c/0x1f0
[  777.595267][T14054]  should_fail_ex+0x512/0x640
[  777.595293][T14054]  should_failslab+0xc2/0x120
[  777.595316][T14054]  kmem_cache_alloc_noprof+0x83/0x770
[  777.595336][T14054]  ? dst_alloc+0x99/0x1a0
[  777.595364][T14054]  ? dst_alloc+0x99/0x1a0
[  777.595382][T14054]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  777.595397][T14054]  dst_alloc+0x99/0x1a0
[  777.595414][T14054]  ? is_bpf_text_address+0x94/0x1a0
[  777.595433][T14054]  rt_dst_alloc+0x35/0x3a0
[  777.595457][T14054]  ip_route_output_key_hash_rcu+0x87a/0x28e0
[  777.595480][T14054]  ip_route_output_key_hash+0x10f/0x2b0
[  777.595496][T14054]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  777.595515][T14054]  ? lock_acquire+0x179/0x330
[  777.595533][T14054]  ? selinux_xfrm_skb_sid_ingress+0x234/0x320
[  777.595558][T14054]  ip_route_output_flow+0x27/0x150
[  777.595578][T14054]  ip_send_unicast_reply+0x5a7/0x1600
[  777.595603][T14054]  ? __pfx_ip_send_unicast_reply+0x10/0x10
[  777.595624][T14054]  ? __lock_acquire+0x436/0x2890
[  777.595643][T14054]  ? mark_held_locks+0x49/0x80
[  777.595655][T14054]  ? ktime_get+0x200/0x310
[  777.595667][T14054]  ? lockdep_hardirqs_on+0x7c/0x110
[  777.595682][T14054]  tcp_v4_send_reset+0x1299/0x2f80
[  777.595698][T14054]  ? __pfx_tcp_v4_send_reset+0x10/0x10
[  777.595720][T14054]  ? __pfx_sk_filter_trim_cap+0x10/0x10
[  777.595736][T14054]  ? tcp_v4_do_rcv+0x715/0x10a0
[  777.595745][T14054]  tcp_v4_do_rcv+0x715/0x10a0
[  777.595755][T14054]  tcp_v4_rcv+0x4204/0x4db0
[  777.595773][T14054]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  777.595786][T14054]  ? find_held_lock+0x2b/0x80
[  777.595825][T14054]  ? __pfx_raw_local_deliver+0x10/0x10
[  777.595847][T14054]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  777.595858][T14054]  ip_protocol_deliver_rcu+0xba/0x4c0
[  777.595872][T14054]  ip_local_deliver_finish+0x3f2/0x720
[  777.595886][T14054]  ip_local_deliver+0x18e/0x1f0
[  777.595899][T14054]  ip_rcv+0x2e0/0x600
[  777.595910][T14054]  ? __pfx_ip_rcv+0x10/0x10
[  777.595920][T14054]  __netif_receive_skb_one_core+0x197/0x1e0
[  777.595937][T14054]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  777.595954][T14054]  ? lock_acquire+0x179/0x330
[  777.595967][T14054]  ? __phys_addr+0xe8/0x180
[  777.595978][T14054]  __netif_receive_skb+0x1d/0x160
[  777.595994][T14054]  netif_receive_skb+0x137/0x760
[  777.596010][T14054]  ? __pfx_netif_receive_skb+0x10/0x10
[  777.596031][T14054]  tun_rx_batched.isra.0+0x3ee/0x740
[  777.596049][T14054]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  777.596067][T14054]  ? tun_get_user+0x1ded/0x3cc0
[  777.596081][T14054]  ? rcu_is_watching+0x12/0xc0
[  777.596093][T14054]  tun_get_user+0x28b2/0x3cc0
[  777.596115][T14054]  ? __pfx_tun_get_user+0x10/0x10
[  777.596131][T14054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  777.596146][T14054]  ? find_held_lock+0x2b/0x80
[  777.596161][T14054]  ? tun_get+0x191/0x370
[  777.596178][T14054]  tun_chr_write_iter+0xdc/0x210
[  777.596195][T14054]  vfs_write+0x7d3/0x11d0
[  777.596210][T14054]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  777.596227][T14054]  ? __pfx_vfs_write+0x10/0x10
[  777.596239][T14054]  ? find_held_lock+0x2b/0x80
[  777.596263][T14054]  ksys_write+0x12a/0x250
[  777.596276][T14054]  ? __pfx_ksys_write+0x10/0x10
[  777.596293][T14054]  do_syscall_64+0xcd/0xf80
[  777.596307][T14054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.596318][T14054] RIP: 0033:0x7f4ca138e27f
[  777.596328][T14054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  777.596338][T14054] RSP: 002b:00007f4ca22bc000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  777.596348][T14054] RAX: ffffffffffffffda RBX: 00007f4ca15e5fa0 RCX: 00007f4ca138e27f
[  777.596354][T14054] RDX: 0000000000000036 RSI: 0000200000000100 RDI: 00000000000000c8
[  777.596361][T14054] RBP: 00007f4ca22bc090 R08: 0000000000000000 R09: 0000000000000000
[  777.596366][T14054] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  777.596372][T14054] R13: 00007f4ca15e6038 R14: 00007f4ca15e5fa0 R15: 00007ffc64acbd88
[  777.596387][T14054]  </TASK>
[  777.743335][ T5973] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  777.825230][T14064] FAULT_INJECTION: forcing a failure.
[  777.825230][T14064] name failslab, interval 1, probability 0, space 0, times 0
[  777.829599][T14064] CPU: 3 UID: 0 PID: 14064 Comm: syz.4.15791 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  777.829617][T14064] Tainted: [L]=SOFTLOCKUP
[  777.829621][T14064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  777.829627][T14064] Call Trace:
[  777.829632][T14064]  <TASK>
[  777.829637][T14064]  dump_stack_lvl+0x16c/0x1f0
[  777.829654][T14064]  should_fail_ex+0x512/0x640
[  777.829670][T14064]  ? fs_reclaim_acquire+0xae/0x150
[  777.829686][T14064]  should_failslab+0xc2/0x120
[  777.829701][T14064]  __kmalloc_noprof+0xeb/0x910
[  777.829717][T14064]  ? tomoyo_encode2+0x100/0x3e0
[  777.829734][T14064]  ? tomoyo_encode2+0x100/0x3e0
[  777.829747][T14064]  tomoyo_encode2+0x100/0x3e0
[  777.829766][T14064]  tomoyo_encode+0x29/0x50
[  777.829797][T14064]  tomoyo_realpath_from_path+0x18f/0x6e0
[  777.829818][T14064]  tomoyo_path_number_perm+0x245/0x580
[  777.829830][T14064]  ? tomoyo_path_number_perm+0x237/0x580
[  777.829843][T14064]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  777.829856][T14064]  ? find_held_lock+0x2b/0x80
[  777.829885][T14064]  ? find_held_lock+0x2b/0x80
[  777.829900][T14064]  ? hook_file_ioctl_common+0x144/0x410
[  777.829920][T14064]  ? __fget_files+0x20e/0x3c0
[  777.829936][T14064]  security_file_ioctl+0x9b/0x240
[  777.829952][T14064]  __x64_sys_ioctl+0xb7/0x210
[  777.829965][T14064]  do_syscall_64+0xcd/0xf80
[  777.829980][T14064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.829994][T14064] RIP: 0033:0x7f4ca138f7c9
[  777.830003][T14064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  777.830013][T14064] RSP: 002b:00007f4ca22bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  777.830024][T14064] RAX: ffffffffffffffda RBX: 00007f4ca15e5fa0 RCX: 00007f4ca138f7c9
[  777.830030][T14064] RDX: 0000000000000000 RSI: 00000000401845c0 RDI: 0000000000000003
[  777.830036][T14064] RBP: 00007f4ca22bc090 R08: 0000000000000000 R09: 0000000000000000
[  777.830042][T14064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  777.830048][T14064] R13: 00007f4ca15e6038 R14: 00007f4ca15e5fa0 R15: 00007ffc64acbd88
[  777.830062][T14064]  </TASK>
[  777.830136][T14064] ERROR: Out of memory at tomoyo_realpath_from_path.
[  777.854308][ T6022] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  777.938920][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  777.945189][T14066] __nla_validate_parse: 11 callbacks suppressed
[  777.945200][T14066] netlink: 24 bytes leftover after parsing attributes in process `syz.4.15792'.
[  777.987983][T14068] netlink: 12 bytes leftover after parsing attributes in process `syz.7.15793'.
[  778.088790][ T6022] usb 5-1: Using ep0 maxpacket: 16
[  778.092293][ T6022] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  778.095973][ T6022] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  778.099231][ T6022] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  778.104422][ T6022] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  778.107493][ T6022] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.112382][ T6022] usb 5-1: config 0 descriptor??
[  778.148801][T14066] netlink: 'syz.4.15792': attribute type 1 has an invalid length.
[  778.308309][T14080] NILFS (nullb0): couldn't find nilfs on the device
[  778.333630][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.336661][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.339119][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.341689][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.344576][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.348607][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.351018][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.353408][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.356287][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.358921][ T8211] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  778.358933][ T6022] microsoft 0003:045E:07DA.0025: unknown main item tag 0x0
[  778.366652][ T6022] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:045E:07DA.0025/input/input81
[  778.372241][T14089] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15799'.
[  778.402531][T14090] FAULT_INJECTION: forcing a failure.
[  778.402531][T14090] name failslab, interval 1, probability 0, space 0, times 0
[  778.407017][T14090] CPU: 2 UID: 0 PID: 14090 Comm: syz.7.15798 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  778.407034][T14090] Tainted: [L]=SOFTLOCKUP
[  778.407038][T14090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  778.407044][T14090] Call Trace:
[  778.407049][T14090]  <TASK>
[  778.407053][T14090]  dump_stack_lvl+0x16c/0x1f0
[  778.407070][T14090]  should_fail_ex+0x512/0x640
[  778.407086][T14090]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  778.407099][T14090]  should_failslab+0xc2/0x120
[  778.407113][T14090]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  778.407124][T14090]  ? selinux_socket_create+0xf0/0x540
[  778.407139][T14090]  ? sock_alloc_inode+0x25/0x1c0
[  778.407154][T14090]  ? __pfx_sock_alloc_inode+0x10/0x10
[  778.407165][T14090]  ? sock_alloc_inode+0x25/0x1c0
[  778.407177][T14090]  sock_alloc_inode+0x25/0x1c0
[  778.407189][T14090]  alloc_inode+0x64/0x240
[  778.407201][T14090]  sock_alloc+0x40/0x280
[  778.407213][T14090]  __sock_create+0xc2/0x8a0
[  778.407230][T14090]  __sys_socket+0x14d/0x260
[  778.407243][T14090]  ? fput+0x70/0xf0
[  778.407251][T14090]  ? __pfx___sys_socket+0x10/0x10
[  778.407265][T14090]  ? ksys_write+0x1ac/0x250
[  778.407278][T14090]  ? __pfx_ksys_write+0x10/0x10
[  778.407294][T14090]  __x64_sys_socket+0x72/0xb0
[  778.407307][T14090]  ? lockdep_hardirqs_on+0x7c/0x110
[  778.407321][T14090]  do_syscall_64+0xcd/0xf80
[  778.407335][T14090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.407347][T14090] RIP: 0033:0x7f6eeab8f7c9
[  778.407356][T14090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  778.407365][T14090] RSP: 002b:00007f6eebae6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  778.407376][T14090] RAX: ffffffffffffffda RBX: 00007f6eeade6090 RCX: 00007f6eeab8f7c9
[  778.407382][T14090] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000002
[  778.407388][T14090] RBP: 00007f6eebae6090 R08: 0000000000000000 R09: 0000000000000000
[  778.407394][T14090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  778.407400][T14090] R13: 00007f6eeade6128 R14: 00007f6eeade6090 R15: 00007ffd30d79f88
[  778.407414][T14090]  </TASK>
[  778.407419][T14090] socket: no more sockets
[  778.420719][T14093] netlink: 'syz.4.15801': attribute type 8 has an invalid length.
[  778.447649][ T6022] microsoft 0003:045E:07DA.0025: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  778.457295][T14097] syz.7.15802 (14097): attempted to duplicate a private mapping with mremap.  This is not supported.
[  778.467284][ T6022] usb 5-1: USB disconnect, device number 31
[  778.530016][T14097] netlink: 14 bytes leftover after parsing attributes in process `syz.7.15802'.
[  778.530821][T14098] fido_id[14098]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb5/5-1/report_descriptor': No such file or directory
[  778.552860][T14097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  778.568271][T14097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  778.573271][T14097] bond0 (unregistering): Released all slaves
[  778.582585][T14102] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15804'.
[  778.735305][T14109] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15806'.
[  778.767777][T14113] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15808'.
[  778.795076][   T40] audit: type=1400 audit(1766307064.149:1185): avc:  denied  { execute_no_trans } for  pid=14110 comm="syz.0.15807" path="/86/file1" dev="tmpfs" ino=458 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  778.805130][T14117] FAULT_INJECTION: forcing a failure.
[  778.805130][T14117] name failslab, interval 1, probability 0, space 0, times 0
[  778.809190][T14117] CPU: 1 UID: 0 PID: 14117 Comm: syz.4.15810 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  778.809206][T14117] Tainted: [L]=SOFTLOCKUP
[  778.809210][T14117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  778.809216][T14117] Call Trace:
[  778.809221][T14117]  <TASK>
[  778.809225][T14117]  dump_stack_lvl+0x16c/0x1f0
[  778.809243][T14117]  should_fail_ex+0x512/0x640
[  778.809260][T14117]  ? fs_reclaim_acquire+0xae/0x150
[  778.809276][T14117]  should_failslab+0xc2/0x120
[  778.809290][T14117]  __kmalloc_noprof+0xeb/0x910
[  778.809307][T14117]  ? tomoyo_encode2+0x100/0x3e0
[  778.809324][T14117]  ? tomoyo_encode2+0x100/0x3e0
[  778.809337][T14117]  tomoyo_encode2+0x100/0x3e0
[  778.809353][T14117]  tomoyo_encode+0x29/0x50
[  778.809366][T14117]  tomoyo_realpath_from_path+0x18f/0x6e0
[  778.809385][T14117]  tomoyo_path_number_perm+0x245/0x580
[  778.809397][T14117]  ? tomoyo_path_number_perm+0x237/0x580
[  778.809410][T14117]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  778.809423][T14117]  ? find_held_lock+0x2b/0x80
[  778.809451][T14117]  ? find_held_lock+0x2b/0x80
[  778.809466][T14117]  ? hook_file_ioctl_common+0x144/0x410
[  778.809510][T14117]  ? __fget_files+0x20e/0x3c0
[  778.809536][T14117]  security_file_ioctl+0x9b/0x240
[  778.809557][T14117]  __x64_sys_ioctl+0xb7/0x210
[  778.809571][T14117]  do_syscall_64+0xcd/0xf80
[  778.809586][T14117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.809597][T14117] RIP: 0033:0x7f4ca138f7c9
[  778.809606][T14117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  778.809616][T14117] RSP: 002b:00007f4ca22bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  778.809626][T14117] RAX: ffffffffffffffda RBX: 00007f4ca15e5fa0 RCX: 00007f4ca138f7c9
[  778.809633][T14117] RDX: 0000200000000680 RSI: 0000000000004b72 RDI: 0000000000000003
[  778.809639][T14117] RBP: 00007f4ca22bc090 R08: 0000000000000000 R09: 0000000000000000
[  778.809645][T14117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  778.809651][T14117] R13: 00007f4ca15e6038 R14: 00007f4ca15e5fa0 R15: 00007ffc64acbd88
[  778.809665][T14117]  </TASK>
[  778.809676][T14117] ERROR: Out of memory at tomoyo_realpath_from_path.
[  778.831912][T14121] netlink: 44 bytes leftover after parsing attributes in process `syz.0.15812'.
[  778.914842][   T40] audit: type=1326 audit(1766307064.261:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14118 comm="syz.2.15811" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc68978f7c9 code=0x0
[  778.956691][T14127] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15814'.
[  779.026604][T14123] netlink: 'syz.2.15811': attribute type 6 has an invalid length.
[  779.029146][T14123] netlink: 'syz.2.15811': attribute type 6 has an invalid length.
[  779.051255][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  779.247016][T14141] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15819'.
[  779.250017][T14141] netlink: 'syz.7.15819': attribute type 30 has an invalid length.
[  779.425879][ T9565] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  779.469607][ T5947] Bluetooth: hci0: command tx timeout
[  779.543861][T14171] ip6t_srh: unknown srh invflags 51E8
[  779.588010][ T9565] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  780.030874][T20531] libceph: connect (1)[c::]:6789 error -101
[  780.032893][T20531] libceph: mon0 (1)[c::]:6789 connect error
[  780.152841][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  780.205806][T14206] ceph: No mds server is up or the cluster is laggy
[  780.289930][T14216] bond0: (slave caif0): Error: Device type is different from other slaves
[  780.293532][T14216] dlm: no locking on control device
[  780.345150][T20531] usb 12-1: new high-speed USB device number 10 using dummy_hcd
[  780.390251][T14219] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=14219 comm=syz.2.15845
[  780.506097][T20531] usb 12-1: device descriptor read/64, error -71
[  780.783640][T20531] usb 12-1: new high-speed USB device number 11 using dummy_hcd
[  780.849434][T14225] Cannot find del_set index 0 as target
[  780.858571][  T837] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  780.888705][T14227] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  780.921744][T14229] netlink: 'syz.4.15850': attribute type 30 has an invalid length.
[  780.924688][T20531] usb 12-1: device descriptor read/64, error -71
[  781.020153][  T837] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  781.023947][  T837] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  781.026725][  T837] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  781.030565][  T837] usb 5-1: config 0 interface 0 has no altsetting 0
[  781.033511][  T837] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  781.036270][  T837] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  781.039603][  T837] usb 5-1: config 0 interface 0 has no altsetting 0
[  781.044887][  T837] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  781.048027][  T837] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  781.051972][  T837] usb 5-1: config 0 interface 0 has no altsetting 0
[  781.052135][T20531] usb usb12-port1: attempt power cycle
[  781.055131][  T837] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  781.059273][  T837] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  781.062631][  T837] usb 5-1: config 0 interface 0 has no altsetting 0
[  781.065546][  T837] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  781.068353][  T837] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  781.071623][  T837] usb 5-1: config 0 interface 0 has no altsetting 0
[  781.074848][  T837] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  781.077661][  T837] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  781.081640][  T837] usb 5-1: config 0 interface 0 has no altsetting 0
[  781.085693][  T837] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  781.089207][  T837] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  781.092747][  T837] usb 5-1: config 0 interface 0 has no altsetting 0
[  781.096132][  T837] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  781.099038][  T837] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  781.102380][  T837] usb 5-1: config 0 interface 0 has no altsetting 0
[  781.106433][  T837] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  781.109948][  T837] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  781.112505][  T837] usb 5-1: Product: syz
[  781.113888][  T837] usb 5-1: Manufacturer: syz
[  781.115606][  T837] usb 5-1: SerialNumber: syz
[  781.121234][  T837] usb 5-1: config 0 descriptor??
[  781.127668][  T837] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  781.265352][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  781.297547][T14242] FAULT_INJECTION: forcing a failure.
[  781.297547][T14242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  781.303044][T14242] CPU: 1 UID: 0 PID: 14242 Comm: syz.2.15855 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  781.303069][T14242] Tainted: [L]=SOFTLOCKUP
[  781.303075][T14242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  781.303086][T14242] Call Trace:
[  781.303093][T14242]  <TASK>
[  781.303100][T14242]  dump_stack_lvl+0x16c/0x1f0
[  781.303144][T14242]  should_fail_ex+0x512/0x640
[  781.303177][T14242]  _copy_from_user+0x2e/0xd0
[  781.303200][T14242]  vt_ioctl+0x42e/0x30a0
[  781.303226][T14242]  ? __pfx_vt_ioctl+0x10/0x10
[  781.303253][T14242]  ? tomoyo_path_number_perm+0x18d/0x580
[  781.303278][T14242]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  781.303298][T14242]  ? tty_jobctrl_ioctl+0x152/0xe00
[  781.303323][T14242]  ? __pfx_vt_ioctl+0x10/0x10
[  781.303342][T14242]  tty_ioctl+0x661/0x1650
[  781.303361][T14242]  ? __pfx_tty_ioctl+0x10/0x10
[  781.303378][T14242]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  781.303406][T14242]  ? hook_file_ioctl_common+0x144/0x410
[  781.303436][T14242]  ? selinux_file_ioctl+0x180/0x270
[  781.303454][T14242]  ? selinux_file_ioctl+0xb4/0x270
[  781.303475][T14242]  ? __pfx_tty_ioctl+0x10/0x10
[  781.303493][T14242]  __x64_sys_ioctl+0x18e/0x210
[  781.303513][T14242]  do_syscall_64+0xcd/0xf80
[  781.303534][T14242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  781.303550][T14242] RIP: 0033:0x7fc68978f7c9
[  781.303563][T14242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  781.303577][T14242] RSP: 002b:00007fc6879f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  781.303592][T14242] RAX: ffffffffffffffda RBX: 00007fc6899e5fa0 RCX: 00007fc68978f7c9
[  781.303602][T14242] RDX: 0000200000000680 RSI: 0000000000004b72 RDI: 0000000000000003
[  781.303611][T14242] RBP: 00007fc6879f6090 R08: 0000000000000000 R09: 0000000000000000
[  781.303619][T14242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  781.303628][T14242] R13: 00007fc6899e6038 R14: 00007fc6899e5fa0 R15: 00007ffea11153f8
[  781.303650][T14242]  </TASK>
[  781.446888][T20531] usb 12-1: new high-speed USB device number 12 using dummy_hcd
[  781.479268][T20531] usb 12-1: device descriptor read/8, error -71
[  781.693111][ T5947] Bluetooth: hci0: command tx timeout
[  781.696446][T14223] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  781.702781][T14223] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  781.706827][ T5947] Bluetooth: hci4: unexpected event 0x36 length: 12 > 7
[  781.746228][T20531] usb 12-1: new high-speed USB device number 13 using dummy_hcd
[  781.768568][T20531] usb 12-1: device descriptor read/8, error -71
[  781.792128][   T61] usb 5-1: USB disconnect, device number 32
[  781.798265][   T61] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  781.896114][T20531] usb usb12-port1: unable to enumerate USB device
[  781.981501][  T837] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  782.143514][  T837] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 41136, setting to 1024
[  782.147166][  T837] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  782.150451][  T837] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  782.157023][  T837] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  782.160280][  T837] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.163812][  T837] usb 7-1: Product: syz
[  782.165517][  T837] usb 7-1: Manufacturer: syz
[  782.166984][  T837] usb 7-1: SerialNumber: syz
[  782.171041][T14254] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[  782.174989][  T837] hub 7-1:1.0: bad descriptor, ignoring hub
[  782.177150][  T837] hub 7-1:1.0: probe with driver hub failed with error -5
[  782.377490][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  782.394939][  T837] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 25 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  782.426208][T14262] netlink: 'syz.0.15862': attribute type 21 has an invalid length.
[  782.474379][T17947] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  782.535360][T14276] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=14276 comm=syz.4.15865
[  783.489993][ T3203] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  783.523024][  T837] usb 7-1: USB disconnect, device number 25
[  783.529387][  T837] usblp0: removed
[  783.632461][T14301] __nla_validate_parse: 5 callbacks suppressed
[  783.632473][T14301] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15875'.
[  783.862456][T14312] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15881'.
[  783.871781][T14312] : entered promiscuous mode
[  783.912237][T14317] netlink: 156 bytes leftover after parsing attributes in process `syz.4.15882'.
[  783.928142][ T5947] Bluetooth: hci0: command tx timeout
[  784.014523][T14323] netlink: 12 bytes leftover after parsing attributes in process `syz.4.15885'.
[  784.129222][T14329] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15886'.
[  784.203634][T14337] ip6t_srh: unknown srh invflags 51E8
[  784.322373][T14343] FAULT_INJECTION: forcing a failure.
[  784.322373][T14343] name failslab, interval 1, probability 0, space 0, times 0
[  784.327325][T14343] CPU: 0 UID: 0 PID: 14343 Comm: syz.4.15892 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  784.327343][T14343] Tainted: [L]=SOFTLOCKUP
[  784.327346][T14343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  784.327353][T14343] Call Trace:
[  784.327357][T14343]  <TASK>
[  784.327362][T14343]  dump_stack_lvl+0x16c/0x1f0
[  784.327380][T14343]  should_fail_ex+0x512/0x640
[  784.327399][T14343]  should_failslab+0xc2/0x120
[  784.327418][T14343]  kmem_cache_alloc_node_noprof+0x86/0x800
[  784.327430][T14343]  ? __alloc_skb+0x156/0x410
[  784.327449][T14343]  ? __alloc_skb+0x156/0x410
[  784.327463][T14343]  __alloc_skb+0x156/0x410
[  784.327478][T14343]  ? __alloc_skb+0x35d/0x410
[  784.327493][T14343]  ? __pfx___alloc_skb+0x10/0x10
[  784.327507][T14343]  ? __local_bh_enable_ip+0xa4/0x120
[  784.327525][T14343]  ? __lock_acquire+0x436/0x2890
[  784.327539][T14343]  __ip_append_data+0x30b3/0x41a0
[  784.327558][T14343]  ? __pfx_ip_reply_glue_bits+0x10/0x10
[  784.327571][T14343]  ? find_held_lock+0x2b/0x80
[  784.327587][T14343]  ? ip_dst_mtu_maybe_forward.constprop.0+0x328/0x750
[  784.327609][T14343]  ? ip_dst_mtu_maybe_forward.constprop.0+0x332/0x750
[  784.327626][T14343]  ? __pfx___ip_append_data+0x10/0x10
[  784.327644][T14343]  ip_send_unicast_reply+0x897/0x1600
[  784.327664][T14343]  ? __pfx_ip_send_unicast_reply+0x10/0x10
[  784.327684][T14343]  ? __lock_acquire+0x436/0x2890
[  784.327703][T14343]  ? mark_held_locks+0x49/0x80
[  784.327714][T14343]  ? ktime_get+0x200/0x310
[  784.327726][T14343]  ? lockdep_hardirqs_on+0x7c/0x110
[  784.327741][T14343]  tcp_v4_send_reset+0x1299/0x2f80
[  784.327757][T14343]  ? __pfx_tcp_v4_send_reset+0x10/0x10
[  784.327778][T14343]  ? __pfx_sk_filter_trim_cap+0x10/0x10
[  784.327794][T14343]  ? tcp_v4_do_rcv+0x715/0x10a0
[  784.327803][T14343]  tcp_v4_do_rcv+0x715/0x10a0
[  784.327814][T14343]  tcp_v4_rcv+0x4204/0x4db0
[  784.327832][T14343]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  784.327841][T14343]  ? find_held_lock+0x2b/0x80
[  784.327858][T14343]  ? __pfx_raw_local_deliver+0x10/0x10
[  784.327871][T14343]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  784.327882][T14343]  ip_protocol_deliver_rcu+0xba/0x4c0
[  784.327896][T14343]  ip_local_deliver_finish+0x3f2/0x720
[  784.327909][T14343]  ip_local_deliver+0x18e/0x1f0
[  784.327922][T14343]  ip_rcv+0x2e0/0x600
[  784.327933][T14343]  ? __pfx_ip_rcv+0x10/0x10
[  784.327943][T14343]  __netif_receive_skb_one_core+0x197/0x1e0
[  784.327960][T14343]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  784.327976][T14343]  ? lock_acquire+0x179/0x330
[  784.327990][T14343]  ? __phys_addr+0xe8/0x180
[  784.328001][T14343]  __netif_receive_skb+0x1d/0x160
[  784.328022][T14343]  netif_receive_skb+0x137/0x760
[  784.328038][T14343]  ? __pfx_netif_receive_skb+0x10/0x10
[  784.328058][T14343]  tun_rx_batched.isra.0+0x3ee/0x740
[  784.328075][T14343]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  784.328093][T14343]  ? tun_get_user+0x1ded/0x3cc0
[  784.328107][T14343]  ? rcu_is_watching+0x12/0xc0
[  784.328119][T14343]  tun_get_user+0x28b2/0x3cc0
[  784.328141][T14343]  ? __pfx_tun_get_user+0x10/0x10
[  784.328157][T14343]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  784.328171][T14343]  ? find_held_lock+0x2b/0x80
[  784.328187][T14343]  ? tun_get+0x191/0x370
[  784.328203][T14343]  tun_chr_write_iter+0xdc/0x210
[  784.328220][T14343]  vfs_write+0x7d3/0x11d0
[  784.328235][T14343]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  784.328251][T14343]  ? __pfx_vfs_write+0x10/0x10
[  784.328263][T14343]  ? find_held_lock+0x2b/0x80
[  784.328287][T14343]  ksys_write+0x12a/0x250
[  784.328300][T14343]  ? __pfx_ksys_write+0x10/0x10
[  784.328313][T14343]  ? fput+0x70/0xf0
[  784.328324][T14343]  do_syscall_64+0xcd/0xf80
[  784.328338][T14343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.328349][T14343] RIP: 0033:0x7f4ca138e27f
[  784.328358][T14343] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  784.328368][T14343] RSP: 002b:00007f4ca22bc000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  784.328378][T14343] RAX: ffffffffffffffda RBX: 00007f4ca15e5fa0 RCX: 00007f4ca138e27f
[  784.328385][T14343] RDX: 0000000000000036 RSI: 0000200000000100 RDI: 00000000000000c8
[  784.328391][T14343] RBP: 00007f4ca22bc090 R08: 0000000000000000 R09: 0000000000000000
[  784.328397][T14343] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  784.328403][T14343] R13: 00007f4ca15e6038 R14: 00007f4ca15e5fa0 R15: 00007ffc64acbd88
[  784.328421][T14343]  </TASK>
[  784.548320][T20534] usb 12-1: new full-speed USB device number 14 using dummy_hcd
[  784.567270][T14348] FAULT_INJECTION: forcing a failure.
[  784.567270][T14348] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  784.572776][T14348] CPU: 1 UID: 0 PID: 14348 Comm: syz.4.15894 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  784.572803][T14348] Tainted: [L]=SOFTLOCKUP
[  784.572809][T14348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  784.572819][T14348] Call Trace:
[  784.572825][T14348]  <TASK>
[  784.572832][T14348]  dump_stack_lvl+0x16c/0x1f0
[  784.572858][T14348]  should_fail_ex+0x512/0x640
[  784.572884][T14348]  _copy_from_user+0x2e/0xd0
[  784.572908][T14348]  kstrtouint_from_user+0xd6/0x1d0
[  784.572927][T14348]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  784.572944][T14348]  ? __lock_acquire+0x436/0x2890
[  784.572967][T14348]  ? lock_acquire+0x179/0x330
[  784.572991][T14348]  proc_fail_nth_write+0x83/0x220
[  784.573009][T14348]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  784.573031][T14348]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  784.573046][T14348]  vfs_write+0x2a0/0x11d0
[  784.573067][T14348]  ? __pfx___mutex_lock+0x10/0x10
[  784.573091][T14348]  ? __pfx_vfs_write+0x10/0x10
[  784.573118][T14348]  ? __fget_files+0x20e/0x3c0
[  784.573148][T14348]  ksys_write+0x12a/0x250
[  784.573168][T14348]  ? __pfx_ksys_write+0x10/0x10
[  784.573187][T14348]  ? evdev_ioctl+0x139/0x1a0
[  784.573206][T14348]  ? fput+0x70/0xf0
[  784.573225][T14348]  do_syscall_64+0xcd/0xf80
[  784.573248][T14348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.573265][T14348] RIP: 0033:0x7f4ca138e27f
[  784.573279][T14348] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  784.573296][T14348] RSP: 002b:00007f4ca22bc030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  784.573311][T14348] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4ca138e27f
[  784.573322][T14348] RDX: 0000000000000001 RSI: 00007f4ca22bc0a0 RDI: 0000000000000004
[  784.573332][T14348] RBP: 00007f4ca22bc090 R08: 0000000000000000 R09: 0000000000000000
[  784.573342][T14348] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  784.573351][T14348] R13: 00007f4ca15e6038 R14: 00007f4ca15e5fa0 R15: 00007ffc64acbd88
[  784.573377][T14348]  </TASK>
[  784.650595][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  784.650637][    C1] hpet: Lost 3 RTC interrupts
[  784.678121][T14350] netlink: 'syz.4.15896': attribute type 10 has an invalid length.
[  784.681593][T14350] team0: Device veth1_macvtap failed to register rx_handler
[  784.715287][T14356] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15897'.
[  784.753074][   T40] audit: type=1326 audit(1766307069.722:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14357 comm="syz.0.15899" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9f938f7c9 code=0x0
[  784.754282][T20534] usb 12-1: config 0 interface 0 has no altsetting 0
[  784.765097][T20534] usb 12-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  784.768054][T20534] usb 12-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  784.771559][T20534] usb 12-1: Product: syz
[  784.773145][T20534] usb 12-1: Manufacturer: syz
[  784.775097][T20534] usb 12-1: SerialNumber: syz
[  784.778147][T20534] usb 12-1: config 0 descriptor??
[  784.782706][T20534] usb 12-1: selecting invalid altsetting 0
[  784.805786][T14362] binder: 14361:14362 ioctl c0306201 200000000640 returned -22
[  785.009565][ T6022] usb 12-1: USB disconnect, device number 14
[  785.129568][T14389] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15909'.
[  785.154712][T14390] FAULT_INJECTION: forcing a failure.
[  785.154712][T14390] name failslab, interval 1, probability 0, space 0, times 0
[  785.159499][T14390] CPU: 0 UID: 0 PID: 14390 Comm: syz.7.15908 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  785.159517][T14390] Tainted: [L]=SOFTLOCKUP
[  785.159521][T14390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  785.159527][T14390] Call Trace:
[  785.159532][T14390]  <TASK>
[  785.159536][T14390]  dump_stack_lvl+0x16c/0x1f0
[  785.159553][T14390]  should_fail_ex+0x512/0x640
[  785.159569][T14390]  ? kmem_cache_alloc_noprof+0x62/0x770
[  785.159581][T14390]  should_failslab+0xc2/0x120
[  785.159595][T14390]  kmem_cache_alloc_noprof+0x83/0x770
[  785.159605][T14390]  ? sk_prot_alloc+0x60/0x2a0
[  785.159622][T14390]  ? sk_prot_alloc+0x60/0x2a0
[  785.159633][T14390]  ? find_held_lock+0x2b/0x80
[  785.159648][T14390]  sk_prot_alloc+0x60/0x2a0
[  785.159662][T14390]  sk_alloc+0x36/0xe30
[  785.159679][T14390]  inet_create+0x3a1/0x1040
[  785.159689][T14390]  ? inet_create+0x93/0x1040
[  785.159701][T14390]  __sock_create+0x339/0x8a0
[  785.159717][T14390]  __sys_socket+0x14d/0x260
[  785.159730][T14390]  ? fput+0x70/0xf0
[  785.159739][T14390]  ? __pfx___sys_socket+0x10/0x10
[  785.159752][T14390]  ? ksys_write+0x1ac/0x250
[  785.159765][T14390]  ? __pfx_ksys_write+0x10/0x10
[  785.159780][T14390]  __x64_sys_socket+0x72/0xb0
[  785.159794][T14390]  ? lockdep_hardirqs_on+0x7c/0x110
[  785.159807][T14390]  do_syscall_64+0xcd/0xf80
[  785.159821][T14390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.159832][T14390] RIP: 0033:0x7f6eeab8f7c9
[  785.159841][T14390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  785.159851][T14390] RSP: 002b:00007f6eebae6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  785.159861][T14390] RAX: ffffffffffffffda RBX: 00007f6eeade6090 RCX: 00007f6eeab8f7c9
[  785.159868][T14390] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000002
[  785.159874][T14390] RBP: 00007f6eebae6090 R08: 0000000000000000 R09: 0000000000000000
[  785.159880][T14390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  785.159885][T14390] R13: 00007f6eeade6128 R14: 00007f6eeade6090 R15: 00007ffd30d79f88
[  785.159899][T14390]  </TASK>
[  785.345731][T14404] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  785.356605][T14404] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  785.416538][T14412] netlink: 40 bytes leftover after parsing attributes in process `syz.0.15918'.
[  785.493802][T14418] netlink: 80 bytes leftover after parsing attributes in process `syz.7.15921'.
[  785.562083][T14424] netlink: 'syz.7.15924': attribute type 30 has an invalid length.
[  785.682993][T14425] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  785.712770][T14434] FAULT_INJECTION: forcing a failure.
[  785.712770][T14434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  785.716820][T14434] CPU: 1 UID: 0 PID: 14434 Comm: syz.0.15926 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  785.716838][T14434] Tainted: [L]=SOFTLOCKUP
[  785.716842][T14434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  785.716848][T14434] Call Trace:
[  785.716852][T14434]  <TASK>
[  785.716856][T14434]  dump_stack_lvl+0x16c/0x1f0
[  785.716873][T14434]  should_fail_ex+0x512/0x640
[  785.716891][T14434]  _copy_to_user+0x32/0xd0
[  785.716922][T14434]  vt_ioctl+0x4bb/0x30a0
[  785.716939][T14434]  ? __pfx_vt_ioctl+0x10/0x10
[  785.716958][T14434]  ? tomoyo_path_number_perm+0x18d/0x580
[  785.716975][T14434]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  785.716988][T14434]  ? tty_jobctrl_ioctl+0x152/0xe00
[  785.717005][T14434]  ? __pfx_vt_ioctl+0x10/0x10
[  785.717018][T14434]  tty_ioctl+0x661/0x1650
[  785.717031][T14434]  ? __pfx_tty_ioctl+0x10/0x10
[  785.717042][T14434]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  785.717062][T14434]  ? hook_file_ioctl_common+0x144/0x410
[  785.717082][T14434]  ? selinux_file_ioctl+0x180/0x270
[  785.717094][T14434]  ? selinux_file_ioctl+0xb4/0x270
[  785.717108][T14434]  ? __pfx_tty_ioctl+0x10/0x10
[  785.717120][T14434]  __x64_sys_ioctl+0x18e/0x210
[  785.717134][T14434]  do_syscall_64+0xcd/0xf80
[  785.717148][T14434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.717158][T14434] RIP: 0033:0x7fc9f938f7c9
[  785.717167][T14434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  785.717177][T14434] RSP: 002b:00007fc9fa24a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  785.717187][T14434] RAX: ffffffffffffffda RBX: 00007fc9f95e5fa0 RCX: 00007fc9f938f7c9
[  785.717193][T14434] RDX: 0000200000000680 RSI: 0000000000004b72 RDI: 0000000000000003
[  785.717200][T14434] RBP: 00007fc9fa24a090 R08: 0000000000000000 R09: 0000000000000000
[  785.717205][T14434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  785.717211][T14434] R13: 00007fc9f95e6038 R14: 00007fc9f95e5fa0 R15: 00007ffde14637b8
[  785.717225][T14434]  </TASK>
[  785.729632][T14429] netlink: 60 bytes leftover after parsing attributes in process `syz.7.15925'.
[  785.812843][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  785.885453][    C0] bridge0: port 1(bridge_slave_0) entered learning state
[  785.889202][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[  785.892666][T20534] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  785.997963][T14455] loop6: detected capacity change from 0 to 2640
[  786.006542][ T9565] buffer_io_error: 9 callbacks suppressed
[  786.006552][ T9565] Buffer I/O error on dev loop6, logical block 0, async page read
[  786.015178][ T9565] Buffer I/O error on dev loop6, logical block 0, async page read
[  786.018949][ T9565] Buffer I/O error on dev loop6, logical block 0, async page read
[  786.021669][ T9565] Buffer I/O error on dev loop6, logical block 0, async page read
[  786.024473][ T9565] Buffer I/O error on dev loop6, logical block 0, async page read
[  786.772135][ T5041] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  786.776193][ T5041] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  786.779047][ T5041] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  786.782089][ T5041] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  786.912521][ T3203] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  787.082498][T14517] ip6t_srh: unknown srh invflags 51E8
[  787.101660][T14516] fuse: Bad value for 'fd'
[  787.474977][T14534] netlink: 'syz.7.15965': attribute type 10 has an invalid length.
[  787.478551][T14534] team0: Device veth1_macvtap failed to register rx_handler
[  787.754585][T14543] Cannot find del_set index 0 as target
[  787.854231][T17937] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  787.928204][  T837] usb 12-1: new high-speed USB device number 15 using dummy_hcd
[  788.000274][T14549] program syz.4.15971 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  788.003773][T14549] ata1.00: invalid command format 0
[  788.033758][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  788.088628][  T837] usb 12-1: Using ep0 maxpacket: 32
[  788.091731][  T837] usb 12-1: config 0 has an invalid interface number: 1 but max is 0
[  788.094344][  T837] usb 12-1: config 0 has no interface number 0
[  788.098296][  T837] usb 12-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  788.101931][  T837] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  788.106063][  T837] usb 12-1: Product: syz
[  788.107485][  T837] usb 12-1: Manufacturer: syz
[  788.108986][  T837] usb 12-1: SerialNumber: syz
[  788.112614][  T837] usb 12-1: config 0 descriptor??
[  788.116147][  T837] usb 12-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  788.118998][  T837] usb 12-1: selecting invalid altsetting 1
[  788.121173][  T837] usb 12-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  788.125359][  T837] usb 12-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  788.129906][  T837] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  788.132631][  T837] usb 12-1: media controller created
[  788.140214][  T837] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  788.243867][T14571] FAULT_INJECTION: forcing a failure.
[  788.243867][T14571] name failslab, interval 1, probability 0, space 0, times 0
[  788.247821][T14571] CPU: 0 UID: 0 PID: 14571 Comm: syz.0.15979 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  788.247838][T14571] Tainted: [L]=SOFTLOCKUP
[  788.247842][T14571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  788.247848][T14571] Call Trace:
[  788.247852][T14571]  <TASK>
[  788.247857][T14571]  dump_stack_lvl+0x16c/0x1f0
[  788.247874][T14571]  should_fail_ex+0x512/0x640
[  788.247890][T14571]  ? __kmalloc_noprof+0xca/0x910
[  788.247908][T14571]  should_failslab+0xc2/0x120
[  788.247923][T14571]  __kmalloc_noprof+0xeb/0x910
[  788.247939][T14571]  ? lsm_blob_alloc+0x68/0x90
[  788.247951][T14571]  ? lsm_blob_alloc+0x68/0x90
[  788.247960][T14571]  lsm_blob_alloc+0x68/0x90
[  788.247970][T14571]  security_sk_alloc+0x2f/0x270
[  788.247982][T14571]  sk_prot_alloc+0xfb/0x2a0
[  788.247997][T14571]  sk_alloc+0x36/0xe30
[  788.248013][T14571]  inet_create+0x3a1/0x1040
[  788.248024][T14571]  ? inet_create+0x93/0x1040
[  788.248036][T14571]  __sock_create+0x339/0x8a0
[  788.248052][T14571]  __sys_socket+0x14d/0x260
[  788.248077][T14571]  ? fput+0x70/0xf0
[  788.248087][T14571]  ? __pfx___sys_socket+0x10/0x10
[  788.248101][T14571]  ? ksys_write+0x1ac/0x250
[  788.248114][T14571]  ? __pfx_ksys_write+0x10/0x10
[  788.248129][T14571]  __x64_sys_socket+0x72/0xb0
[  788.248143][T14571]  ? lockdep_hardirqs_on+0x7c/0x110
[  788.248156][T14571]  do_syscall_64+0xcd/0xf80
[  788.248170][T14571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.248181][T14571] RIP: 0033:0x7fc9f938f7c9
[  788.248190][T14571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  788.248200][T14571] RSP: 002b:00007fc9fa24a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  788.248210][T14571] RAX: ffffffffffffffda RBX: 00007fc9f95e5fa0 RCX: 00007fc9f938f7c9
[  788.248216][T14571] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000002
[  788.248222][T14571] RBP: 00007fc9fa24a090 R08: 0000000000000000 R09: 0000000000000000
[  788.248228][T14571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  788.248234][T14571] R13: 00007fc9f95e6038 R14: 00007fc9f95e5fa0 R15: 00007ffde14637b8
[  788.248248][T14571]  </TASK>
[  788.330280][T14539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  788.340567][T14539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  788.343751][T14539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  788.351082][T14539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  788.354554][T14539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  788.367550][T14539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  788.373758][T14539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  788.376661][T14539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  788.385994][T14539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  788.389878][T14539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  788.428213][T14582] netlink: 'syz.0.15983': attribute type 1 has an invalid length.
[  788.466200][T14582] 8021q: adding VLAN 0 to HW filter on device bond2
[  788.483695][T14582] bond2: (slave erspan1): making interface the new active one
[  788.489033][T14582] bond2: (slave erspan1): Enslaving as an active interface with an up link
[  788.516947][T14588] overlayfs: missing 'lowerdir'
[  788.525574][T14590] overlayfs: missing 'lowerdir'
[  788.625310][ T8212] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  788.968133][T14612] netlink: 'syz.2.15995': attribute type 30 has an invalid length.
[  789.070917][T14614] FAULT_INJECTION: forcing a failure.
[  789.070917][T14614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  789.075140][T14614] CPU: 0 UID: 0 PID: 14614 Comm: syz.2.15996 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  789.075157][T14614] Tainted: [L]=SOFTLOCKUP
[  789.075161][T14614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  789.075168][T14614] Call Trace:
[  789.075172][T14614]  <TASK>
[  789.075176][T14614]  dump_stack_lvl+0x16c/0x1f0
[  789.075208][T14614]  should_fail_ex+0x512/0x640
[  789.075231][T14614]  _copy_to_user+0x32/0xd0
[  789.075248][T14614]  simple_read_from_buffer+0xcb/0x170
[  789.075264][T14614]  proc_fail_nth_read+0x197/0x240
[  789.075276][T14614]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  789.075287][T14614]  ? rw_verify_area+0xcf/0x6c0
[  789.075299][T14614]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  789.075309][T14614]  vfs_read+0x1e4/0xcf0
[  789.075322][T14614]  ? __pfx___mutex_lock+0x10/0x10
[  789.075338][T14614]  ? __pfx_vfs_read+0x10/0x10
[  789.075354][T14614]  ? __fget_files+0x20e/0x3c0
[  789.075373][T14614]  ksys_read+0x12a/0x250
[  789.075385][T14614]  ? __pfx_ksys_read+0x10/0x10
[  789.075399][T14614]  ? fput+0x70/0xf0
[  789.075409][T14614]  do_syscall_64+0xcd/0xf80
[  789.075424][T14614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.075436][T14614] RIP: 0033:0x7fc68978e1dc
[  789.075448][T14614] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  789.075458][T14614] RSP: 002b:00007fc6879f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  789.075468][T14614] RAX: ffffffffffffffda RBX: 00007fc6899e5fa0 RCX: 00007fc68978e1dc
[  789.075475][T14614] RDX: 000000000000000f RSI: 00007fc6879f60a0 RDI: 0000000000000004
[  789.075481][T14614] RBP: 00007fc6879f6090 R08: 0000000000000000 R09: 0000000000000000
[  789.075486][T14614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  789.075492][T14614] R13: 00007fc6899e6038 R14: 00007fc6899e5fa0 R15: 00007ffea11153f8
[  789.075506][T14614]  </TASK>
[  789.136968][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  789.310833][  T837] usb 12-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  789.313573][  T837] zl10353_read_register: readreg error (reg=127, ret==-110)
[  789.571234][T14627] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  789.581136][T14627] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  789.752804][T14629] __nla_validate_parse: 17 callbacks suppressed
[  789.752819][T14629] netlink: 80 bytes leftover after parsing attributes in process `syz.4.16003'.
[  789.948041][   T40] audit: type=1400 audit(1766307074.574:1188): avc:  denied  { create } for  pid=14636 comm="syz.4.16007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  790.249520][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  790.433956][T14655] netlink: 80 bytes leftover after parsing attributes in process `syz.2.16013'.
[  790.640405][T14666] sock: sock_set_timeout: `syz.4.16017' (pid 14666) tries to set negative timeout
[  790.644821][T14666] netlink: 'syz.4.16017': attribute type 1 has an invalid length.
[  790.807269][T14675] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14675 comm=syz.4.16020
[  790.860695][ T5973] usb 12-1: USB disconnect, device number 15
[  790.870988][T14681] netlink: 80 bytes leftover after parsing attributes in process `syz.4.16023'.
[  790.904178][T14687] netlink: 156 bytes leftover after parsing attributes in process `syz.2.16025'.
[  790.937741][T14689] team0: No ports can be present during mode change
[  790.946676][T14691] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=14691 comm=syz.7.16027
[  790.952325][T14691] netlink: 4 bytes leftover after parsing attributes in process `syz.7.16027'.
[  790.964982][T14695] ip6t_srh: unknown srh invflags 51E8
[  790.989408][   T40] audit: type=1400 audit(1766307075.556:1189): avc:  denied  { ioctl } for  pid=14696 comm="syz.7.16029" path="/162/file0/file0" dev="9p" ino=71827651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  791.011939][T14699] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14699 comm=syz.2.16030
[  791.063983][T14703] netlink: 80 bytes leftover after parsing attributes in process `syz.2.16032'.
[  791.185504][T14710] FAULT_INJECTION: forcing a failure.
[  791.185504][T14710] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  791.189640][T14710] CPU: 3 UID: 0 PID: 14710 Comm: syz.4.16035 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  791.189658][T14710] Tainted: [L]=SOFTLOCKUP
[  791.189661][T14710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  791.189668][T14710] Call Trace:
[  791.189673][T14710]  <TASK>
[  791.189677][T14710]  dump_stack_lvl+0x16c/0x1f0
[  791.189708][T14710]  should_fail_ex+0x512/0x640
[  791.189732][T14710]  _copy_to_user+0x32/0xd0
[  791.189749][T14710]  simple_read_from_buffer+0xcb/0x170
[  791.189765][T14710]  proc_fail_nth_read+0x197/0x240
[  791.189777][T14710]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  791.189788][T14710]  ? rw_verify_area+0xcf/0x6c0
[  791.189800][T14710]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  791.189810][T14710]  vfs_read+0x1e4/0xcf0
[  791.189824][T14710]  ? __pfx___mutex_lock+0x10/0x10
[  791.189839][T14710]  ? __pfx_vfs_read+0x10/0x10
[  791.189856][T14710]  ? __fget_files+0x20e/0x3c0
[  791.189874][T14710]  ksys_read+0x12a/0x250
[  791.189887][T14710]  ? __pfx_ksys_read+0x10/0x10
[  791.189900][T14710]  ? fput+0x70/0xf0
[  791.189921][T14710]  do_syscall_64+0xcd/0xf80
[  791.189939][T14710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.189950][T14710] RIP: 0033:0x7f4ca138e1dc
[  791.189959][T14710] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  791.189968][T14710] RSP: 002b:00007f4ca22bc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  791.189978][T14710] RAX: ffffffffffffffda RBX: 00007f4ca15e5fa0 RCX: 00007f4ca138e1dc
[  791.189985][T14710] RDX: 000000000000000f RSI: 00007f4ca22bc0a0 RDI: 0000000000000004
[  791.189991][T14710] RBP: 00007f4ca22bc090 R08: 0000000000000000 R09: 0000000000000000
[  791.189997][T14710] R10: 0000000000000036 R11: 0000000000000246 R12: 0000000000000002
[  791.190003][T14710] R13: 00007f4ca15e6038 R14: 00007f4ca15e5fa0 R15: 00007ffc64acbd88
[  791.190017][T14710]  </TASK>
[  791.277783][T14712] netlink: 'syz.4.16036': attribute type 10 has an invalid length.
[  791.281687][T14712] team0: Device veth1_macvtap failed to register rx_handler
[  791.363341][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  791.369841][T14721] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14721 comm=syz.4.16041
[  791.426436][T14725] netlink: 24 bytes leftover after parsing attributes in process `syz.7.16037'.
[  791.429845][T14725] netlink: 24 bytes leftover after parsing attributes in process `syz.7.16037'.
[  791.467773][T14732] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  791.501476][T14737] FAULT_INJECTION: forcing a failure.
[  791.501476][T14737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  791.506070][T14737] CPU: 0 UID: 0 PID: 14737 Comm: syz.7.16045 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  791.506097][T14737] Tainted: [L]=SOFTLOCKUP
[  791.506101][T14737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  791.506108][T14737] Call Trace:
[  791.506112][T14737]  <TASK>
[  791.506117][T14737]  dump_stack_lvl+0x16c/0x1f0
[  791.506134][T14737]  should_fail_ex+0x512/0x640
[  791.506152][T14737]  _copy_from_user+0x2e/0xd0
[  791.506168][T14737]  copy_msghdr_from_user+0x98/0x160
[  791.506180][T14737]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  791.506193][T14737]  ? trace_event_buffer_commit+0x204/0xac0
[  791.506212][T14737]  ___sys_sendmsg+0xfe/0x1d0
[  791.506223][T14737]  ? __pfx____sys_sendmsg+0x10/0x10
[  791.506250][T14737]  __sys_sendmsg+0x16d/0x220
[  791.506261][T14737]  ? __pfx___sys_sendmsg+0x10/0x10
[  791.506271][T14737]  ? __might_fault+0xe3/0x190
[  791.506285][T14737]  ? syscall_trace_enter+0x1cb/0x220
[  791.506300][T14737]  ? __bpf_trace_sys_enter+0x37/0x60
[  791.506316][T14737]  ? rcu_is_watching+0x12/0xc0
[  791.506327][T14737]  do_syscall_64+0xcd/0xf80
[  791.506342][T14737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.506352][T14737] RIP: 0033:0x7f6eeab8f7c9
[  791.506361][T14737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  791.506371][T14737] RSP: 002b:00007f6eebb07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  791.506382][T14737] RAX: ffffffffffffffda RBX: 00007f6eeade5fa0 RCX: 00007f6eeab8f7c9
[  791.506389][T14737] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  791.506395][T14737] RBP: 00007f6eebb07090 R08: 0000000000000000 R09: 0000000000000000
[  791.506401][T14737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  791.506407][T14737] R13: 00007f6eeade6038 R14: 00007f6eeade5fa0 R15: 00007ffd30d79f88
[  791.506421][T14737]  </TASK>
[  791.693993][T14742] netlink: 'syz.2.16047': attribute type 1 has an invalid length.
[  791.740059][T14749] netlink: 'syz.4.16050': attribute type 30 has an invalid length.
[  791.753745][T14752] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14752 comm=syz.7.16051
[  791.799526][T14758] geneve2: entered promiscuous mode
[  791.819070][T14758] overlay: filesystem on ./bus not supported as upperdir
[  791.909874][T14767] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  791.921725][T14767] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  791.961829][T14755] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  792.095615][T14780] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14780 comm=syz.0.16063
[  792.181397][T14790] cgroup: Name too long
[  792.182910][T14790] cgroup: Name too long
[  792.313060][   T40] audit: type=1400 audit(1766307076.781:1190): avc:  denied  { map } for  pid=14796 comm="syz.0.16070" path="/dev/vhost-vsock" dev="devtmpfs" ino=1301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  792.326844][T14799] netlink: 156 bytes leftover after parsing attributes in process `syz.7.16071'.
[  792.353811][T14801] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14801 comm=syz.0.16072
[  792.365940][T14803] team0: No ports can be present during mode change
[  792.388581][T14805] netlink: 'syz.0.16074': attribute type 7 has an invalid length.
[  792.417458][T14809] ip6t_srh: unknown srh invflags 51E8
[  792.447083][T14811] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16077'.
[  792.474041][T20531] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[  792.474227][ T3203] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  792.503067][T14817] FAULT_INJECTION: forcing a failure.
[  792.503067][T14817] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  792.509279][T14817] CPU: 3 UID: 0 PID: 14817 Comm: syz.2.16079 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  792.509296][T14817] Tainted: [L]=SOFTLOCKUP
[  792.509300][T14817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  792.509306][T14817] Call Trace:
[  792.509310][T14817]  <TASK>
[  792.509314][T14817]  dump_stack_lvl+0x16c/0x1f0
[  792.509346][T14817]  should_fail_ex+0x512/0x640
[  792.509388][T14817]  _copy_from_user+0x2e/0xd0
[  792.509404][T14817]  copy_msghdr_from_user+0x98/0x160
[  792.509416][T14817]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  792.509437][T14817]  ___sys_sendmsg+0xfe/0x1d0
[  792.509449][T14817]  ? __pfx____sys_sendmsg+0x10/0x10
[  792.509475][T14817]  __sys_sendmsg+0x16d/0x220
[  792.509485][T14817]  ? __pfx___sys_sendmsg+0x10/0x10
[  792.509504][T14817]  do_syscall_64+0xcd/0xf80
[  792.509519][T14817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.509530][T14817] RIP: 0033:0x7fc68978f7c9
[  792.509538][T14817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  792.509548][T14817] RSP: 002b:00007fc6879f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  792.509558][T14817] RAX: ffffffffffffffda RBX: 00007fc6899e5fa0 RCX: 00007fc68978f7c9
[  792.509564][T14817] RDX: 0000000000000040 RSI: 0000200000000280 RDI: 0000000000000009
[  792.509571][T14817] RBP: 00007fc6879f6090 R08: 0000000000000000 R09: 0000000000000000
[  792.509576][T14817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  792.509582][T14817] R13: 00007fc6899e6038 R14: 00007fc6899e5fa0 R15: 00007ffea11153f8
[  792.509596][T14817]  </TASK>
[  792.613272][T14822] netlink: 'syz.0.16082': attribute type 10 has an invalid length.
[  792.615852][T14822] team0: Device veth1_macvtap is up. Set it down before adding it as a team port
[  792.634774][T20531] usb 9-1: Using ep0 maxpacket: 8
[  792.639221][T20531] usb 9-1: config index 0 descriptor too short (expected 5924, got 36)
[  792.641795][T20531] usb 9-1: config 250 has an invalid interface number: 228 but max is -1
[  792.644454][T20531] usb 9-1: config 250 has 1 interface, different from the descriptor's value: 0
[  792.647502][T20531] usb 9-1: config 250 has no interface number 0
[  792.649902][T20531] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  792.653513][T20531] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  792.657847][T20531] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  792.661037][T20531] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  792.664236][T20531] usb 9-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  792.669165][T20531] usb 9-1: config 250 interface 228 has no altsetting 0
[  792.671149][T14823] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  792.672972][T20531] usb 9-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  792.679257][T20531] usb 9-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  792.682876][T20531] usb 9-1: Product: syz
[  792.684251][T20531] usb 9-1: SerialNumber: syz
[  792.694971][T20531] hub 9-1:250.228: bad descriptor, ignoring hub
[  792.700790][T20531] hub 9-1:250.228: probe with driver hub failed with error -5
[  792.885942][T14844] FAULT_INJECTION: forcing a failure.
[  792.885942][T14844] name failslab, interval 1, probability 0, space 0, times 0
[  792.889842][T14844] CPU: 0 UID: 0 PID: 14844 Comm: syz.2.16090 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  792.889859][T14844] Tainted: [L]=SOFTLOCKUP
[  792.889863][T14844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  792.889869][T14844] Call Trace:
[  792.889873][T14844]  <TASK>
[  792.889878][T14844]  dump_stack_lvl+0x16c/0x1f0
[  792.889895][T14844]  should_fail_ex+0x512/0x640
[  792.889910][T14844]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  792.889923][T14844]  should_failslab+0xc2/0x120
[  792.889938][T14844]  kmem_cache_alloc_node_noprof+0x86/0x800
[  792.889948][T14844]  ? __alloc_skb+0x156/0x410
[  792.889967][T14844]  ? __alloc_skb+0x156/0x410
[  792.889981][T14844]  __alloc_skb+0x156/0x410
[  792.889996][T14844]  ? __alloc_skb+0x35d/0x410
[  792.890010][T14844]  ? __pfx___alloc_skb+0x10/0x10
[  792.890027][T14844]  ? netlink_autobind.isra.0+0x158/0x370
[  792.890043][T14844]  netlink_alloc_large_skb+0x69/0x140
[  792.890057][T14844]  netlink_sendmsg+0x698/0xdd0
[  792.890072][T14844]  ? __pfx_netlink_sendmsg+0x10/0x10
[  792.890090][T14844]  ____sys_sendmsg+0xa5d/0xc30
[  792.890104][T14844]  ? copy_msghdr_from_user+0x10a/0x160
[  792.890114][T14844]  ? __pfx_____sys_sendmsg+0x10/0x10
[  792.890134][T14844]  ___sys_sendmsg+0x134/0x1d0
[  792.890145][T14844]  ? __pfx____sys_sendmsg+0x10/0x10
[  792.890172][T14844]  __sys_sendmsg+0x16d/0x220
[  792.890182][T14844]  ? __pfx___sys_sendmsg+0x10/0x10
[  792.890198][T14844]  ? fput+0x70/0xf0
[  792.890209][T14844]  do_syscall_64+0xcd/0xf80
[  792.890224][T14844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.890235][T14844] RIP: 0033:0x7fc68978f7c9
[  792.890243][T14844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  792.890253][T14844] RSP: 002b:00007fc6879f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  792.890263][T14844] RAX: ffffffffffffffda RBX: 00007fc6899e5fa0 RCX: 00007fc68978f7c9
[  792.890270][T14844] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  792.890276][T14844] RBP: 00007fc6879f6090 R08: 0000000000000000 R09: 0000000000000000
[  792.890282][T14844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  792.890288][T14844] R13: 00007fc6899e6038 R14: 00007fc6899e5fa0 R15: 00007ffea11153f8
[  792.890302][T14844]  </TASK>
[  792.964956][T20531] usblp 9-1:250.228: usblp0: USB Bidirectional printer dev 42 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  793.171447][T20531] usb 12-1: new high-speed USB device number 16 using dummy_hcd
[  793.178782][   T40] audit: type=1400 audit(1766307077.594:1191): avc:  denied  { append } for  pid=14792 comm="syz.4.16068" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  793.182040][T14793] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  793.190243][T14793] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  793.238457][T14855] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  793.299592][   T61] usb 9-1: USB disconnect, device number 42
[  793.309372][   T61] usblp0: removed
[  793.329274][T20531] usb 12-1: Using ep0 maxpacket: 8
[  793.333323][T20531] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  793.336961][T20531] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  793.341085][T20531] usb 12-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  793.344197][T20531] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.348586][T20531] usb 12-1: config 0 descriptor??
[  793.417887][T20534] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  793.424173][ T1146] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  793.445695][   T40] audit: type=1400 audit(1766307077.847:1192): avc:  denied  { map } for  pid=14869 comm="syz.2.16099" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  793.586478][ T3203] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  793.819570][T14887] netlink: 'syz.0.16105': attribute type 30 has an invalid length.
[  794.134537][   T40] audit: type=1400 audit(1766307078.492:1193): avc:  denied  { getopt } for  pid=14910 comm="syz.0.16115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  794.135264][T14911] netlink: 'syz.0.16115': attribute type 29 has an invalid length.
[  794.149335][T14911] netlink: 'syz.0.16115': attribute type 29 has an invalid length.
[  794.218501][T14919] ip6t_srh: unknown srh invflags 51E8
[  794.319526][T14929] netlink: 'syz.0.16121': attribute type 10 has an invalid length.
[  794.330451][T14929] team0: Device veth1_macvtap failed to register rx_handler
[  794.556623][T14945] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  794.575445][T14947] program syz.0.16128 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  794.615722][T14954] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  794.621889][T14955] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem
[  794.697316][T14963] Bluetooth: MGMT ver 1.23
[  794.700391][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  794.867006][T14976] netlink: 'syz.0.16141': attribute type 30 has an invalid length.
[  794.969692][T14974] Cannot find add_set index 0 as target
[  794.978125][T14974] Cannot find add_set index 65532 as target
[  795.021736][T14974] netlink: 'syz.2.16140': attribute type 2 has an invalid length.
[  795.159285][T14986] FAULT_INJECTION: forcing a failure.
[  795.159285][T14986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  795.163622][T14986] CPU: 3 UID: 0 PID: 14986 Comm: syz.0.16144 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  795.163638][T14986] Tainted: [L]=SOFTLOCKUP
[  795.163642][T14986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  795.163649][T14986] Call Trace:
[  795.163653][T14986]  <TASK>
[  795.163657][T14986]  dump_stack_lvl+0x16c/0x1f0
[  795.163675][T14986]  should_fail_ex+0x512/0x640
[  795.163706][T14986]  _copy_from_user+0x2e/0xd0
[  795.163724][T14986]  kstrtouint_from_user+0xd6/0x1d0
[  795.163736][T14986]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  795.163747][T14986]  ? __lock_acquire+0x436/0x2890
[  795.163762][T14986]  ? lock_acquire+0x179/0x330
[  795.163777][T14986]  proc_fail_nth_write+0x83/0x220
[  795.163789][T14986]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  795.163803][T14986]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  795.163813][T14986]  vfs_write+0x2a0/0x11d0
[  795.163828][T14986]  ? __pfx___mutex_lock+0x10/0x10
[  795.163844][T14986]  ? __pfx_vfs_write+0x10/0x10
[  795.163861][T14986]  ? __fget_files+0x20e/0x3c0
[  795.163880][T14986]  ksys_write+0x12a/0x250
[  795.163893][T14986]  ? __pfx_ksys_write+0x10/0x10
[  795.163911][T14986]  do_syscall_64+0xcd/0xf80
[  795.163925][T14986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.163936][T14986] RIP: 0033:0x7fc9f938e27f
[  795.163945][T14986] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  795.163956][T14986] RSP: 002b:00007fc9fa24a030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  795.163966][T14986] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc9f938e27f
[  795.163972][T14986] RDX: 0000000000000001 RSI: 00007fc9fa24a0a0 RDI: 0000000000000003
[  795.163978][T14986] RBP: 00007fc9fa24a090 R08: 0000000000000000 R09: 0000000000000000
[  795.163984][T14986] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  795.163989][T14986] R13: 00007fc9f95e6038 R14: 00007fc9f95e5fa0 R15: 00007ffde14637b8
[  795.164004][T14986]  </TASK>
[  795.803028][   T40] audit: type=1400 audit(1766307080.053:1194): avc:  denied  { bind } for  pid=14993 comm="syz.4.16147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  795.812375][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  796.047145][T14997] __nla_validate_parse: 13 callbacks suppressed
[  796.047157][T14997] netlink: 156 bytes leftover after parsing attributes in process `syz.4.16148'.
[  796.090322][T17947] Bluetooth: hci1: Frame reassembly failed (-84)
[  796.093604][ T3952] Bluetooth: hci1: Frame reassembly failed (-84)
[  796.145025][T20531] usbhid 12-1:0.0: can't add hid device: -71
[  796.148519][T20531] usbhid 12-1:0.0: probe with driver usbhid failed with error -71
[  796.157220][T20531] usb 12-1: USB disconnect, device number 16
[  796.181304][T15006] netlink: 'syz.2.16151': attribute type 10 has an invalid length.
[  796.190793][T15006] team0: Device veth1_macvtap failed to register rx_handler
[  796.214062][T15009] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16152'.
[  796.283698][T15017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16155'.
[  796.473631][  T837] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  796.485862][T15030] netlink: 'syz.7.16159': attribute type 30 has an invalid length.
[  796.644533][  T837] usb 7-1: Using ep0 maxpacket: 8
[  796.647350][  T837] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  796.650848][  T837] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  796.654461][  T837] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  796.676979][  T837] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  796.682341][  T837] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  796.686120][  T837] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  796.814024][T15037] F2FS-fs (nbd7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  796.817057][T15037] F2FS-fs (nbd7): Can't find valid F2FS filesystem in 1th superblock
[  796.819844][T15037] F2FS-fs (nbd7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  796.822258][T15037] F2FS-fs (nbd7): Can't find valid F2FS filesystem in 2th superblock
[  796.922771][ T5947] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  796.922815][ T5937] Bluetooth: hci0: command 0x1407 tx timeout
[  796.933864][ T6022] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  796.962505][  T837] usb 7-1: GET_CAPABILITIES returned 0
[  796.964345][  T837] usbtmc 7-1:16.0: can't read capabilities
[  797.014015][T15043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  797.024544][T15043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  797.186701][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.190013][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.193264][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.196031][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.198781][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.201552][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.204321][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.207073][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.209847][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.213601][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.216399][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.219183][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.221970][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.224742][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.227545][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  797.230296][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  797.233249][    C1] hpet: Lost 1 RTC interrupts
[  797.308843][T20533] usb 7-1: USB disconnect, device number 26
[  797.618894][T15060] FAULT_INJECTION: forcing a failure.
[  797.618894][T15060] name failslab, interval 1, probability 0, space 0, times 0
[  797.624908][T15060] CPU: 0 UID: 0 PID: 15060 Comm: syz.7.16170 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  797.624926][T15060] Tainted: [L]=SOFTLOCKUP
[  797.624929][T15060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  797.624936][T15060] Call Trace:
[  797.624939][T15060]  <TASK>
[  797.624944][T15060]  dump_stack_lvl+0x16c/0x1f0
[  797.624962][T15060]  should_fail_ex+0x512/0x640
[  797.624977][T15060]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  797.624988][T15060]  should_failslab+0xc2/0x120
[  797.625004][T15060]  kmem_cache_alloc_noprof+0x83/0x770
[  797.625015][T15060]  ? skb_clone+0x190/0x3f0
[  797.625028][T15060]  ? skb_clone+0x190/0x3f0
[  797.625046][T15060]  skb_clone+0x190/0x3f0
[  797.625056][T15060]  netlink_deliver_tap+0xabd/0xd30
[  797.625072][T15060]  netlink_unicast+0x64c/0x870
[  797.625087][T15060]  ? __pfx_netlink_unicast+0x10/0x10
[  797.625105][T15060]  netlink_sendmsg+0x8c8/0xdd0
[  797.625120][T15060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  797.625138][T15060]  ____sys_sendmsg+0xa5d/0xc30
[  797.625153][T15060]  ? copy_msghdr_from_user+0x10a/0x160
[  797.625175][T15060]  ? __pfx_____sys_sendmsg+0x10/0x10
[  797.625195][T15060]  ___sys_sendmsg+0x134/0x1d0
[  797.625206][T15060]  ? __pfx____sys_sendmsg+0x10/0x10
[  797.625234][T15060]  __sys_sendmsg+0x16d/0x220
[  797.625245][T15060]  ? __pfx___sys_sendmsg+0x10/0x10
[  797.625260][T15060]  ? fput+0x70/0xf0
[  797.625272][T15060]  do_syscall_64+0xcd/0xf80
[  797.625287][T15060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  797.625298][T15060] RIP: 0033:0x7f6eeab8f7c9
[  797.625307][T15060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  797.625345][T15060] RSP: 002b:00007f6eebb07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  797.625356][T15060] RAX: ffffffffffffffda RBX: 00007f6eeade5fa0 RCX: 00007f6eeab8f7c9
[  797.625362][T15060] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  797.625368][T15060] RBP: 00007f6eebb07090 R08: 0000000000000000 R09: 0000000000000000
[  797.625375][T15060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  797.625380][T15060] R13: 00007f6eeade6038 R14: 00007f6eeade5fa0 R15: 00007ffd30d79f88
[  797.625395][T15060]  </TASK>
[  797.625432][T15060] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  797.746785][   T40] audit: type=1400 audit(1766307081.877:1195): avc:  denied  { listen } for  pid=15067 comm="syz.7.16172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  797.753069][   T40] audit: type=1400 audit(1766307081.877:1196): avc:  denied  { accept } for  pid=15067 comm="syz.7.16172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  797.772188][T15071] FAULT_INJECTION: forcing a failure.
[  797.772188][T15071] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  797.776223][T15071] CPU: 2 UID: 0 PID: 15071 Comm: syz.0.16173 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  797.776243][T15071] Tainted: [L]=SOFTLOCKUP
[  797.776247][T15071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  797.776253][T15071] Call Trace:
[  797.776258][T15071]  <TASK>
[  797.776262][T15071]  dump_stack_lvl+0x16c/0x1f0
[  797.776280][T15071]  should_fail_ex+0x512/0x640
[  797.776298][T15071]  _copy_from_iter+0x2a4/0x16c0
[  797.776317][T15071]  ? __alloc_skb+0x220/0x410
[  797.776332][T15071]  ? __alloc_skb+0x35d/0x410
[  797.776348][T15071]  ? __pfx__copy_from_iter+0x10/0x10
[  797.776364][T15071]  ? netlink_autobind.isra.0+0x158/0x370
[  797.776382][T15071]  netlink_sendmsg+0x820/0xdd0
[  797.776397][T15071]  ? __pfx_netlink_sendmsg+0x10/0x10
[  797.776426][T15071]  ____sys_sendmsg+0xa5d/0xc30
[  797.776442][T15071]  ? copy_msghdr_from_user+0x10a/0x160
[  797.776452][T15071]  ? __pfx_____sys_sendmsg+0x10/0x10
[  797.776472][T15071]  ___sys_sendmsg+0x134/0x1d0
[  797.776483][T15071]  ? __pfx____sys_sendmsg+0x10/0x10
[  797.776511][T15071]  __sys_sendmsg+0x16d/0x220
[  797.776521][T15071]  ? __pfx___sys_sendmsg+0x10/0x10
[  797.776537][T15071]  ? fput+0x70/0xf0
[  797.776550][T15071]  do_syscall_64+0xcd/0xf80
[  797.776564][T15071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  797.776575][T15071] RIP: 0033:0x7fc9f938f7c9
[  797.776584][T15071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  797.776595][T15071] RSP: 002b:00007fc9fa24a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  797.776605][T15071] RAX: ffffffffffffffda RBX: 00007fc9f95e5fa0 RCX: 00007fc9f938f7c9
[  797.776612][T15071] RDX: 0000000000000040 RSI: 0000200000000280 RDI: 0000000000000009
[  797.776618][T15071] RBP: 00007fc9fa24a090 R08: 0000000000000000 R09: 0000000000000000
[  797.776627][T15071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  797.776633][T15071] R13: 00007fc9f95e6038 R14: 00007fc9f95e5fa0 R15: 00007ffde14637b8
[  797.776647][T15071]  </TASK>
[  797.943195][T15081] batadv_slave_1: entered promiscuous mode
[  797.948464][T15080] batadv_slave_1: left promiscuous mode
[  798.008809][T15087] team0: No ports can be present during mode change
[  798.014922][T15085] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16179'.
[  798.036174][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  798.041976][T15091] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  798.108096][T15097] overlayfs: missing 'lowerdir'
[  798.291777][T29496] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  798.291819][ T5937] Bluetooth: hci1: command 0x1003 tx timeout
[  798.332159][T15110] netlink: 16 bytes leftover after parsing attributes in process `syz.0.16188'.
[  798.340993][T15113] netlink: 'syz.7.16190': attribute type 10 has an invalid length.
[  798.367257][T15113] team0: Device veth1_macvtap failed to register rx_handler
[  798.395593][T15115] erspan1: entered promiscuous mode
[  798.451751][T15122] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15122 comm=syz.0.16195
[  798.590286][T15142] netlink: 'syz.4.16203': attribute type 3 has an invalid length.
[  798.659738][T15153] team0: No ports can be present during mode change
[  798.701276][T15159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16209'.
[  798.747020][T15163] bridge_slave_0: invalid flags given to default FDB implementation
[  798.780388][T15169] netlink: 156 bytes leftover after parsing attributes in process `syz.0.16214'.
[  798.902141][ T8211] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  798.917637][T15185] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.16220'.
[  798.927394][T15188] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0
[  799.147776][  T837] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  799.318406][  T837] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  799.510982][  T837] usb 7-1: Using ep0 maxpacket: 8
[  799.514056][  T837] usb 7-1: config 0 interface 0 has no altsetting 0
[  799.516190][  T837] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  799.519052][  T837] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  799.523617][  T837] usb 7-1: config 0 descriptor??
[  799.577973][T17947] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  799.577990][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  799.596536][ T1419] ==================================================================
[  799.599059][ T1419] BUG: KASAN: slab-use-after-free in handle_tx+0x5dc/0x630
[  799.601316][ T1419] Read of size 1 at addr ffff888045120490 by task aoe_tx0/1419
[  799.604816][ T1419] 
[  799.606368][ T1419] CPU: 1 UID: 0 PID: 1419 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  799.606384][ T1419] Tainted: [L]=SOFTLOCKUP
[  799.606389][ T1419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  799.606395][ T1419] Call Trace:
[  799.606400][ T1419]  <TASK>
[  799.606405][ T1419]  dump_stack_lvl+0x116/0x1f0
[  799.606428][ T1419]  print_report+0xcd/0x630
[  799.606442][ T1419]  ? __virt_addr_valid+0x81/0x610
[  799.606452][ T1419]  ? __phys_addr+0xe8/0x180
[  799.606462][ T1419]  ? handle_tx+0x5dc/0x630
[  799.606476][ T1419]  kasan_report+0xe0/0x110
[  799.606489][ T1419]  ? handle_tx+0x5dc/0x630
[  799.606505][ T1419]  handle_tx+0x5dc/0x630
[  799.606521][ T1419]  dev_hard_start_xmit+0x97/0x6e0
[  799.606541][ T1419]  __dev_queue_xmit+0x6d7/0x4650
[  799.606558][ T1419]  ? trace_sched_exit_tp+0xd1/0x110
[  799.606569][ T1419]  ? __schedule+0x10b9/0x6150
[  799.606581][ T1419]  ? __schedule+0x114c/0x6150
[  799.606593][ T1419]  ? __pfx___dev_queue_xmit+0x10/0x10
[  799.606609][ T1419]  ? __lock_acquire+0x436/0x2890
[  799.606622][ T1419]  ? ref_tracker_free+0x37c/0x830
[  799.606639][ T1419]  ? do_raw_spin_lock+0x12c/0x2b0
[  799.606655][ T1419]  ? rcu_is_watching+0x12/0xc0
[  799.606665][ T1419]  tx+0xcc/0x190
[  799.606678][ T1419]  ? __pfx_tx+0x10/0x10
[  799.606690][ T1419]  kthread+0x1e4/0x3e0
[  799.606701][ T1419]  ? find_held_lock+0x2b/0x80
[  799.606717][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.606728][ T1419]  ? __pfx_default_wake_function+0x10/0x10
[  799.606744][ T1419]  ? lockdep_hardirqs_on+0x7c/0x110
[  799.606757][ T1419]  ? __kthread_parkme+0x19e/0x250
[  799.606767][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.606778][ T1419]  kthread+0x3c5/0x780
[  799.606790][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.606801][ T1419]  ? rcu_is_watching+0x12/0xc0
[  799.606811][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.606822][ T1419]  ret_from_fork+0x983/0xb10
[  799.606834][ T1419]  ? __pfx_ret_from_fork+0x10/0x10
[  799.606845][ T1419]  ? __switch_to+0x7af/0x10d0
[  799.606864][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.606876][ T1419]  ret_from_fork_asm+0x1a/0x30
[  799.606895][ T1419]  </TASK>
[  799.606899][ T1419] 
[  799.681058][ T1419] Allocated by task 15201:
[  799.682479][ T1419]  kasan_save_stack+0x33/0x60
[  799.683970][ T1419]  kasan_save_track+0x14/0x30
[  799.685539][ T1419]  __kasan_kmalloc+0xaa/0xb0
[  799.687131][ T1419]  alloc_tty_struct+0x96/0x8c0
[  799.689046][ T1419]  tty_init_dev.part.0+0x1e/0x500
[  799.691043][ T1419]  tty_open+0xa4f/0xf90
[  799.692396][ T1419]  chrdev_open+0x234/0x6a0
[  799.693843][ T1419]  do_dentry_open+0x748/0x1590
[  799.695508][ T1419]  vfs_open+0x82/0x3f0
[  799.697139][ T1419]  path_openat+0x2078/0x3140
[  799.698610][ T1419]  do_filp_open+0x20b/0x470
[  799.700138][ T1419]  do_sys_openat2+0x121/0x290
[  799.702003][ T1419]  __x64_sys_openat+0x174/0x210
[  799.703993][ T1419]  do_syscall_64+0xcd/0xf80
[  799.705826][ T1419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.708208][ T1419] 
[  799.709200][ T1419] Freed by task 20533:
[  799.710830][ T1419]  kasan_save_stack+0x33/0x60
[  799.712614][ T1419]  kasan_save_track+0x14/0x30
[  799.714105][ T1419]  kasan_save_free_info+0x3b/0x60
[  799.715994][ T1419]  __kasan_slab_free+0x5f/0x80
[  799.717543][ T1419]  kfree+0x2f8/0x6e0
[  799.718999][ T1419]  process_one_work+0x9ba/0x1b20
[  799.720920][ T1419]  worker_thread+0x6c8/0xf10
[  799.722741][ T1419]  kthread+0x3c5/0x780
[  799.724367][ T1419]  ret_from_fork+0x983/0xb10
[  799.726070][ T1419]  ret_from_fork_asm+0x1a/0x30
[  799.727764][ T1419] 
[  799.728535][ T1419] Last potentially related work creation:
[  799.730248][ T1419]  kasan_save_stack+0x33/0x60
[  799.731684][ T1419]  kasan_record_aux_stack+0xa7/0xc0
[  799.733366][ T1419]  insert_work+0x36/0x230
[  799.734682][ T1419]  __queue_work+0x94f/0x10e0
[  799.736402][ T1419]  queue_work_on+0x1a4/0x1f0
[  799.738119][ T1419]  release_tty+0x4de/0x5d0
[  799.739520][ T1419]  tty_release_struct+0xb7/0xe0
[  799.741564][ T1419]  tty_release+0xe2d/0x1470
[  799.743477][ T1419]  __fput+0x402/0xb70
[  799.744894][ T1419]  task_work_run+0x150/0x240
[  799.746450][ T1419]  exit_to_user_mode_loop+0xfb/0x540
[  799.748152][ T1419]  do_syscall_64+0x4ee/0xf80
[  799.749691][ T1419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.751587][ T1419] 
[  799.752339][ T1419] The buggy address belongs to the object at ffff888045120000
[  799.752339][ T1419]  which belongs to the cache kmalloc-cg-2k of size 2048
[  799.757152][ T1419] The buggy address is located 1168 bytes inside of
[  799.757152][ T1419]  freed 2048-byte region [ffff888045120000, ffff888045120800)
[  799.762251][ T1419] 
[  799.763082][ T1419] The buggy address belongs to the physical page:
[  799.765095][ T1419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45120
[  799.767822][ T1419] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  799.770478][ T1419] memcg:ffff8880633c9301
[  799.771799][ T1419] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  799.774195][ T1419] page_type: f5(slab)
[  799.775495][ T1419] raw: 00fff00000000040 ffff88801b44c140 ffffea0001255a00 dead000000000002
[  799.778182][ T1419] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff8880633c9301
[  799.780848][ T1419] head: 00fff00000000040 ffff88801b44c140 ffffea0001255a00 dead000000000002
[  799.783686][ T1419] head: 0000000000000000 0000000000080008 00000000f5000000 ffff8880633c9301
[  799.786432][ T1419] head: 00fff00000000003 ffffea0001144801 00000000ffffffff 00000000ffffffff
[  799.789127][ T1419] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  799.791687][ T1419] page dumped because: kasan: bad access detected
[  799.793722][ T1419] page_owner tracks the page as allocated
[  799.795455][ T1419] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 13009, tgid 13009 (syz-executor), ts 775183666519, free_ts 775171447467
[  799.802505][ T1419]  post_alloc_hook+0x1af/0x220
[  799.804061][ T1419]  get_page_from_freelist+0xd0b/0x31a0
[  799.805788][ T1419]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  799.807650][ T1419]  alloc_pages_mpol+0x1fb/0x550
[  799.809121][ T1419]  new_slab+0x2c3/0x430
[  799.810465][ T1419]  ___slab_alloc+0xe18/0x1c90
[  799.811986][ T1419]  __slab_alloc.constprop.0+0x63/0x110
[  799.813743][ T1419]  __kvmalloc_node_noprof+0x592/0xa40
[  799.815480][ T1419]  alloc_fdtable+0x110/0x2d0
[  799.816977][ T1419]  dup_fd+0x803/0xc70
[  799.818286][ T1419]  copy_process+0x255d/0x7430
[  799.819806][ T1419]  kernel_clone+0xfc/0x910
[  799.821251][ T1419]  __do_sys_clone+0xce/0x120
[  799.822680][ T1419]  do_syscall_64+0xcd/0xf80
[  799.824105][ T1419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.825962][ T1419] page last free pid 13914 tgid 13914 stack trace:
[  799.827977][ T1419]  __free_frozen_pages+0x7df/0x1170
[  799.829618][ T1419]  page_frag_free+0x27f/0x2e0
[  799.831093][ T1419]  skb_free_head+0xa4/0x210
[  799.832507][ T1419]  skb_release_data+0x795/0x9e0
[  799.834090][ T1419]  napi_consume_skb+0x20a/0x300
[  799.835645][ T1419]  skb_defer_free_flush+0x1ec/0x280
[  799.837280][ T1419]  net_rx_action+0x39f/0xfa0
[  799.838782][ T1419]  handle_softirqs+0x219/0x950
[  799.840286][ T1419]  __irq_exit_rcu+0x109/0x170
[  799.841785][ T1419]  irq_exit_rcu+0x9/0x30
[  799.843087][ T1419]  common_interrupt+0xbf/0xe0
[  799.844623][ T1419]  asm_common_interrupt+0x26/0x40
[  799.846217][ T1419] 
[  799.846986][ T1419] Memory state around the buggy address:
[  799.848735][ T1419]  ffff888045120380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  799.851214][ T1419]  ffff888045120400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  799.853708][ T1419] >ffff888045120480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  799.856158][ T1419]                          ^
[  799.857658][ T1419]  ffff888045120500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  799.860122][ T1419]  ffff888045120580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  799.862600][ T1419] ==================================================================
[  799.866099][    C1] hpet: Lost 16 RTC interrupts
[  799.867948][ T1419] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  799.870178][ T1419] CPU: 1 UID: 0 PID: 1419 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  799.873444][ T1419] Tainted: [L]=SOFTLOCKUP
[  799.874815][ T1419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  799.878165][ T1419] Call Trace:
[  799.879235][ T1419]  <TASK>
[  799.880211][ T1419]  dump_stack_lvl+0x3d/0x1f0
[  799.881718][ T1419]  vpanic+0x640/0x6f0
[  799.883023][ T1419]  panic+0xca/0xd0
[  799.884268][ T1419]  ? __pfx_panic+0x10/0x10
[  799.885743][ T1419]  ? check_panic_on_warn+0x1f/0xb0
[  799.887410][ T1419]  check_panic_on_warn+0xab/0xb0
[  799.889039][ T1419]  end_report+0x107/0x160
[  799.890472][ T1419]  kasan_report+0xee/0x110
[  799.891865][ T1419]  ? handle_tx+0x5dc/0x630
[  799.893312][ T1419]  handle_tx+0x5dc/0x630
[  799.894675][ T1419]  dev_hard_start_xmit+0x97/0x6e0
[  799.896238][ T1419]  __dev_queue_xmit+0x6d7/0x4650
[  799.897816][ T1419]  ? trace_sched_exit_tp+0xd1/0x110
[  799.899392][ T1419]  ? __schedule+0x10b9/0x6150
[  799.900852][ T1419]  ? __schedule+0x114c/0x6150
[  799.902358][ T1419]  ? __pfx___dev_queue_xmit+0x10/0x10
[  799.904067][ T1419]  ? __lock_acquire+0x436/0x2890
[  799.905663][ T1419]  ? ref_tracker_free+0x37c/0x830
[  799.907222][ T1419]  ? do_raw_spin_lock+0x12c/0x2b0
[  799.908768][ T1419]  ? rcu_is_watching+0x12/0xc0
[  799.910237][ T1419]  tx+0xcc/0x190
[  799.911383][ T1419]  ? __pfx_tx+0x10/0x10
[  799.912665][ T1419]  kthread+0x1e4/0x3e0
[  799.913953][ T1419]  ? find_held_lock+0x2b/0x80
[  799.915434][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.916922][ T1419]  ? __pfx_default_wake_function+0x10/0x10
[  799.918743][ T1419]  ? lockdep_hardirqs_on+0x7c/0x110
[  799.920387][ T1419]  ? __kthread_parkme+0x19e/0x250
[  799.921972][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.923447][ T1419]  kthread+0x3c5/0x780
[  799.924779][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.926238][ T1419]  ? rcu_is_watching+0x12/0xc0
[  799.927706][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.929137][ T1419]  ret_from_fork+0x983/0xb10
[  799.930575][ T1419]  ? __pfx_ret_from_fork+0x10/0x10
[  799.932177][ T1419]  ? __switch_to+0x7af/0x10d0
[  799.933674][ T1419]  ? __pfx_kthread+0x10/0x10
[  799.934991][ T1419]  ret_from_fork_asm+0x1a/0x30
[  799.936360][ T1419]  </TASK>
[  799.937932][ T1419] Kernel Offset: disabled
[  799.939157][ T1419] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:43:38  Registers:
info registers vcpu 0

CPU#0
RAX=00000000007cbfc9 RBX=0000000000000000 RCX=ffffffff8b7816d9 RDX=0000000000000000
RSI=ffffffff8dacde6c RDI=ffffffff8bf2b380 RBP=fffffbfff1c12f68 RSP=ffffffff8e007df8
R8 =0000000000000001 R9 =ffffed100d48673d R10=ffff88806a4339eb R11=ffffffff8e098670
R12=0000000000000000 R13=ffffffff8e097b40 R14=ffffffff9088b3d0 R15=0000000000000000
RIP=ffffffff8b77fdcf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d68f5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000559b65baece8 CR3=000000000e184000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcc0c002 Opmask01=0000000000000010 Opmask02=000000000000001f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffff0f0e0d0c0b
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100008781
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7230ff7d48
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000559b65b9a560
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000662d 0000559b65ba1d70 0000559b65ba1d90 6368642f6374005b
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 828183873a3d0015 16170b3637303f3e 3d3c3b3a2d2a2928 2726242221200a09
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000559b65ba60b8 0000000000000000 000000000000000f 0000559b6500873d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000559b65ba0918 0000000000000000 000000000000000f 0000000000875d81
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85326365 RDI=ffffffff9aeedc00 RBP=ffffffff9aeedbc0 RSP=ffffc900075cf3d8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000031 R14=ffffffff9aeedbc0 R15=ffffffff85326300
RIP=ffffffff8532638f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69f5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fad99698e9c CR3=00000000494d9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000006f6c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca1415050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca141505d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca1415057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca141506b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca14150f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca14151cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca15ba4a8 00007f4ca15ba4a0 00007f4ca15ba498 00007f4ca15ba470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca211d100 00007f4ca15ba460 00007f4ca15ba478 0000000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca15ba4b8 00007f4ca15ba4b0 00007f4ca15ba4a8 00007f4ca15ba4a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=0000000000000002 RDX=ffff888030918000
RSI=ffffffff816bdc71 RDI=ffffffff8bf2b380 RBP=ffff88804e8a7d40 RSP=ffffc9000403f628
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff9088b3d7 R11=ffff888030918b30
R12=0000000000000003 R13=0000000000000003 R14=ffff88806a63bbc0 R15=ffffed1009d14fa8
RIP=ffffffff8b77fdcf RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6af5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000010000 CR3=00000000494d9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000006f6c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca1415050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca141505d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca1415057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca141506b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca14150f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca14151cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca15ba4a8 00007f4ca15ba4a0 00007f4ca15ba498 00007f4ca15ba470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca211d100 00007f4ca15ba460 00007f4ca15ba478 0000000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ca15ba4b8 00007f4ca15ba4b0 00007f4ca15ba4a8 00007f4ca15ba4a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88806a73be80 RCX=ffffffff81b2a2b3 RDX=ffff88801deac980
RSI=ffffffff81b2a28d RDI=0000000000000005 RBP=ffffc90000157c88 RSP=ffffc90000157b40
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1c7a8ce
R12=1ffff9200002af70 R13=0000000000000002 R14=0000000000000001 R15=ffffed100d4e77d1
RIP=ffffffff81b2a293 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6bf5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f6bfcdaed58 CR3=0000000041972000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004040101 Opmask01=0000000001007fff Opmask02=00000000ffff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9342b82ed7ecee88 dfcd999d675d1eed
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ce468cbeee3d9e22 989ccb41b91a0d9f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 147bba4000b762ec b9e4d5af9740af48
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5385d549f436f90e a7cec6f6882a6217
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a92e1e2899e7e893 611a2a7265801640
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6646de31a98b74c5 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6639df389ffddccb 0aac6ae23c1b0c8f
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b1ecce2500000000 cf5dc34a8d005cc4
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3f9930207f9b0ab3 fe24b70e0b1c190f
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5e0aaf721f317873 cfdb1622b1a4e421
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 79786f7270206465 67656c6976697270 002f74656e2f7373 616c632f7379732f
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e69626572004d52 4c4147495300676e 697361656c657200 4d52455447495300
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b4c474057004d52 4c4147495300424b 4c56444049405700 4d52455447495300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6474656e0001000e 803e002c0000006d 697376656474656e 0039000e0000306d
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8041000400000003 000300080000306d 697376656474656e 0002000f0000006d
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 697376656474656e 0001000e803e002c 0000006d69737665 6474656e0039000e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000306d69737665 6474656e0038000f 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000e002400000000 0008000500000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a206464615f2020 0a6264650a206420 3331202032336220 0a00206464615f20
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000