last executing test programs:

52.355755219s ago: executing program 1 (id=1289):
prlimit64(0x0, 0x7, &(0x7f0000000000)={0x7, 0x3}, 0x0) (async)
prlimit64(0x0, 0x7, &(0x7f0000000000)={0x7, 0x3}, 0x0)
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040), 0x10001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x34, r2, 0x431, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0xfc}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c810}, 0x20000000)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f00000000c0)={'syztnl1\x00', <r3=>0x0, 0x2f, 0x40, 0x72, 0x5, 0x12, @private0, @local, 0x8000, 0x7800, 0x1ff, 0x9}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x128, r2, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x100000c1}, 0x2040000)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, 0x0)

52.300688622s ago: executing program 1 (id=1290):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r0) (async)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0xfffff000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) (async, rerun: 64)
r5 = memfd_create(&(0x7f0000000b40)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x84\xcdN\xf7\xf6\b~\xed_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xadNaC\xa6\xf9\xa7>c\x84\xd8\xfa\xf1\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8g8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZH\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\xea\x82\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\x0f\x8eS\xaeX\x93\x7f\xd3\xb9a\xe4\xe0\xbd\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x84\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1#\xe7N\x89\xf8\xe8+\xa1\x82\x13\xb2\xa9\xef\xa5\xf8\x8b \x00\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)2\xe2\xd6\x81\x00b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|&k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc2Ru2Ht\re\xa1\xf6\xbd\xaa\xb0\x83}i\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf\xa4O\xb4\xed\xc8\xccH\xd1=\x81\x00\x00\x00\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xd6\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\x86C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17U\xf0\x16K\xf9&@\xb1[\xe2j$F1n@\xde\n%t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5#\x7f\xa8\x1f\x14\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebk\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x850\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96\x87\xc0e\xab\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!\xec\xf7$\xc2\xbaU \x98\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\"k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xec\x01\'\t\x89(\xf9\x98B\xaf\xde*\x91\xd5k\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\xdfC\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84\x0e\xa7U\xc7}\xea.U`\x1b*\xcep\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xc9\xcfw\xf3\x02\x1b\xde\xc3\x86\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x13\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcdQ\xdf\x83\xbdjp,\xe8\xbb\xe6\xc6Db\xb8\xd6\xcd\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd4k7L\x8a\xa3Z\xf9%{\xfax\x9a\x04\'/\x90\xe6\xe2\xe9\xf1@o\x0ez\xb8\xce\xbeF\x0fkE\xf4ry\x92n\xff\xcb\xf8e\xf3j\xc5[wK\x91\xdb\xf7-r\xd3\x1bx\x9b$\x91\x03q~@\xd8R\x11\x05|\x8f\xb4\xc9\x16\x87C\xab\x96\xc4\xef\xea\xb9\r\xf5\xf3\xbe\x8a\t\xc7\x88\xc0sL;.\xcf\x1d\xc4^\xb0l\xbb\x97\xc5\xf6n\xca\x18M\xb8\x81\xff\xa9~\xf7\xa3\xa6\xd3\x15I\xecXG\x89\xa8\b\x8b\xcc\xe8\x88\xa07Z\x03\xff14\x87I\xc7\\vK<m2\x16\x03\xcd\xc1\xa8.\x7f\x16qlk\xf1\xf1y\x8c\xde\xd6|\xa1(\xf4\x12O\xca3\xf8%1\x8d\xd7\a\xfeJ\xe6\x8bc\xb3\x1bKC.\xafB\x8d\xdd\xf9\x1e\x9d\xa7\x13\x00\x14\xc7\xa1\xf3\x1e\xcb\x19\x13z`\xac\xf3\xd1x\x1b#}\xfaYR\xc5#Zoag@\x18\xfa*\xb4\xc4\x04\x03V\x87\xc5\xe7\xb5\x9bJ\x85-\x7f\xfe\xc0\xb7g\xe8\'`\x96q\x88[\xf8\xe8L\x12\x85\xf5t\x99\x0e}\xd3H\xed\xda\xf3>\xd8\x12\x8cXc5%\x03\x8d`\xdayC\x9b\x9a\xd9c\xe9\xb4\v\x99\x87\xe4\x00\x8a\x8eS\x8e\f\x05ZH\xa2\x0e\xbc\x9c\x95\b2Cf6\x9a\xe7\xb9\x86\xbe\xd0\xda\x91\xc1sl\x11PA\x93\xa5\x93\xc8\xf1w\x7fp6z\xbf\xe8[\'u\xb8\xd2$K\x12\rt\x87\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\xe2`\xdf\xd2\xb3\xaf\xe9\xc4!Z\xb4&\xa2\x12\xe2i\x91kC$A\xafR\xb3\xff\x1d=Z\x0e\xde\x99\xec\x10\xb4+\x13\'\x92>\x14\x00\a\xb6R\x8b\xdcz\xc3\xd1Y\xd6\xd9;s \xb0\x938\xb7D9\xdcN\xbd\xdbn\xe35\xa7\x02\x9c\xc1\xd9\x13?\xc9\xd7\xab\x9c\xf3\x82\xd1\xee^kk\xce\xdbn\x02\x1f\x80\t\xdbr\xa9\xcc\xf1\xcb\x9f@\x8c\xfc\x02W/p\x97\xb0\xbd\x8f\xdb|n2a\xee\x95u\x83\xca\x8a>}\xd3\xd0\xff6.pa\x17\xe3e\xd2\x7f\xf6\xbc\x9d\x112\x1b\x14<B\x91\xc0{{\x9d@\xb3a\xad\x14\xe9\xcc|\xd7\xa1\xc6\xb9F\x04\xce]\xb9Y\xbd\xbd\f\xa4F;q\xec\x83\x9bM\x93\xa4\x9c\xdd\x93\xa0\x82E\x02d\xd4RAI\xd9O\x17\xa6P#\xa35\a\xf6\xbb\t>p\xa1\xd6u\xefn\xb4\xa3\x05D\x8c\xc5l\xcc\b\xeb\xf42\xe9\xf15\xf3\xf2\xee\xd6\xed\t\xb3\xf7\x1a\x7f\xe6\xb4z\x19\xe1\xb4w\xf7\xa6\xd7\\\xfa\x96\xe2\xf9\xb1\x81\xba\xdfg\xadI\x1c\xde*_\xd5\xdf\xeeA\xcd \x91\xc9\xd4\xd1\xcd*.t\x80]\xd5~\xfb\xfb>\x9d\x91Kq]N\x87\x0f\x04L\xd4(\xf2G \xfdr~:\xc4\xc3\xfe\x14G\xadG~^l\xe0:(Y`\x0e\x90\xfa\x1c\xb6\f6\x92B\x92\xd3\xa9BG\xd2*AB\x1e\x01\xf0m+\x02\x87\x81aj;\xb6y.g\xeb\xc4\x0f\xd3\x85\xa5\x00\xa1\xa6iP\x0f\x02\x14\x90q\x94\xab\xb3\x0f\x01=\x06\x98\xa8\x87\xd9=\xce\xbef<\x1d\v\xba[\xd8]\x9e\xf30\xb8\xf1\b\x06M\x18w\xdc\x0e\x98?\x04G\xf9\x99\xab\xc1\xc0z\xe9Fu\x03\x9aj\xc0]\xb47\xd5\xb8]\x98y@\x8c\x8fM\x8c],\x1b\x03\xaa\'gv\xeb\xbf\xa8d\"\x94e3Q\xfci\xdf\xad\x819\xd1\xf3\xaa\xc8i\xf2\x8a\xc4CU3\x87Ns\x9f\x9f\xcd\x05\x06g\x9aRBg\x98\x10Ch\x1c\x96\xd3\xce', 0x7) (rerun: 64)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000002, 0x10012, r5, 0x0) (async)
preadv(r5, &(0x7f0000000400)=[{&(0x7f0000000540)=""/17, 0x11}, {0x0, 0xffffffa0}, {&(0x7f0000000280)=""/190, 0xbe}, {&(0x7f0000000100)=""/101, 0x65}, {&(0x7f00000001c0)=""/15, 0xf}, {&(0x7f0000000340)=""/142, 0x8e}], 0x6, 0x5, 0x4) (async)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) (async)
r6 = socket$netlink(0x10, 0x3, 0x14) (async)
add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) (async, rerun: 64)
socket$netlink(0x10, 0x3, 0xa) (rerun: 64)
r7 = add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000080)='syzkaller\x00', 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'syzkaller0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040000}, 0x100) (async, rerun: 64)
close_range(r1, 0xffffffffffffffff, 0x0) (rerun: 64)

52.050567527s ago: executing program 1 (id=1291):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000140)={0x1, 0x1, 0x9, 0x5, 0x120, &(0x7f0000000500)})
r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bind$l2tp(r2, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0xfb7c}, r1, 0x7}}, 0x48)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r3, 0x50009402, 0x0)

52.050287544s ago: executing program 1 (id=1292):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0xc0049364, &(0x7f0000000180))

51.99941042s ago: executing program 1 (id=1294):
mlockall(0x1)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
pread64(r0, &(0x7f0000000180)=""/196, 0xc4, 0x3)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40086602, &(0x7f0000000000))
fstat(r1, &(0x7f0000000340))
munlockall()

51.330586046s ago: executing program 1 (id=1300):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r2, &(0x7f0000000340)={0x1d, r1, 0x20000, {0x2, 0x0, 0x6}, 0x1}, 0x18)
bind$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x2, {0x2, 0x0, 0x4}, 0x2}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x43, 0x9, 0x0, 0x0, {0x3}}, 0x14}}, 0x24000044)
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xfffffffffffffd62, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x7, 0x3e}}}}, [@NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x8040}, 0x0)

36.356944524s ago: executing program 32 (id=1300):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r2, &(0x7f0000000340)={0x1d, r1, 0x20000, {0x2, 0x0, 0x6}, 0x1}, 0x18)
bind$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x2, {0x2, 0x0, 0x4}, 0x2}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x43, 0x9, 0x0, 0x0, {0x3}}, 0x14}}, 0x24000044)
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xfffffffffffffd62, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x7, 0x3e}}}}, [@NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x8040}, 0x0)

31.49806755s ago: executing program 2 (id=1626):
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r0=>0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e80", 0x3)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x0)
write$char_usb(r1, &(0x7f0000002600)="b56511e72c6cba780ce701ed0b2db27a336692892a6491e2488652ff00c468d353d809d5b20d8ee0f9fefa6cd7bd1036ed25f0e37053d291887c707a892884c2b4aa2ebac156ef8288264449eea05c4f51c3bb4355eb108744fe34e5d0e851d51a855854135f04dd5d854459226f090b6f0d6135e8f2824eed7469236cad2251116a381d8cd30bae59c1fe71e028a667cb910d523aa5d7208286755075ee8be937304cca20e234303df72ad4e2bdc71219456229460a7c6a2df61e8b21b4a4941dcba5c257b90bbf0a976a73973319258ad7f738c04dfbdee4ea0e1b77a909a154fd934f791ebea03db6f06c8f14bc40924e46cbb9b343f25d63f332f9b3f176601f842a4e40401cbc62ee7803c3a2d71f3878f61d8fb8cb5ee90a696b22fb97bbdfd36af05c2e34dfb3d380ae7bc701053b9009d654d84f04c851b311341efcec16ef3d5c8a7e8af494068dbad55bfa7b7bf4475ceb03a6f4ef11ce14652dc36f279671b7184586c7aab57d50ca23deaeeeaebc2ed024d91f399c84834e7802ad28b6ffec7ed089e8af35d15f2713e70ce55b3f60b9c002496e110c3a68e4c01faf901df4e39d007bf99f3a2d2e33c58b92b961937060a92ab6347995c09eb6a363092e3a45b68bd5e734d43b0bc98070d66c8d03490897a7d05e894da6d92c46cb1d961d11a7d1cd9d3c437c07e9f090690d2b344a93fdc5d7276b74231f1ad050024359e7a73ee913e9a7eba72f23482de94c572d07491328ca363762c44ddcdb1623ec6d639b368d407ffafbb265de19bd5e52ec86c12167dfe2a3de629af1d66612c3f313e07a301d8378fc6eb551196b51680d1194d682ff6cdbb0f811608d6321b41664108ef6dd1dfcc7df602901b0c0d549fb8d0c1aa9b542b99d76b6b8c360c9bcb01ed819a57441948465279d0b2652be1058065929bffae3e9c8923ba01c954f3c49298db8ffad96b73684daf2e608046be2ffb0de70237e044d4be3e6ccc1984ebd2f6e0f57e99fcb0ec30598f121bd93a4003e0ba0815e5ddbeba9f3f8600ef86258a5423fb1f30da5be531e573bf5322a5842eeb23107f02021dc332e0e687bd1f4f0ac09293c3638603279484dd552d534089e0b5b903c4ceeedef410662ec12e17e9b616950874e24d313d770e84b488544a8b829039d06637269367c108dc37712d46ef6601ef4e937a120c607e570446d6216366a72ced5d543ba92a929cef7c4fb03307e88174ad88381b16de1c3f9985f483ff75e9b40fc6ba11d037dda41df9a583009baa3b246c19ab5a20cb4e62accb7a86090717c17db68b0d14905ed0ce6e49555de65448782fc0899f631393b5ccd65da59265d1b4ba9ff4d8a328cb42d2e3a465db23cfa9f159ce5716df7ccf393a561a1783679048570f2467c5336106bc8954569c047e854b2211141d169b27ca796b42c544f70123bd9f6ae23f87d1be164cd7bb2da3dc79e6f12a687296942c9c8f2d99b6961b48e046028bd69dcda162510ad235b7bf28a0ff994e23f08e807437dcd1a426a31e818b918e5c28725bf12f42d6f719d9d81100e529b9f7e4891167aef44ec7afa086e46cf832d144ebe668dbafcbf229be799f33df6c1fb3365f4cb64f360fb70ee140818503a185a44f15d3db5fd5abe8ea3c59f4120c23d3792a4ac791959858dc88286e403ad45b31716e28be7684375c2651f88ed78c2948d673ef2a8a937136ca9842717585894453a83280edc21f3fadb974c36696fe7d8bd136a005a69d14d034a869c4035282ac7c91642a05743814b4cd57df50a4eb15dd7a561637ea4ef6b3bcf89695f125fcd390746357917a6bcf55e0268a09ae5b1195f99a7fe5fec2d4115978052e195d7b5df345b827121a86166c9095e387301fc561654db0183715239247eb9dc15e83c20389aa6271b42125bd475b82db032150aa39fab06fde1034347a8a884c74edb21be34c8cf5b437ad7223970defbb27ca8eb0029fdd4acd4bc92236584ed42f03706376c583a5c8e5cf9f2415ee1f8c1b01f34d7cf1b673db2158eb99d55878ee41b391f8d7339c6f3471ae4af25e5ecb8cea2fbed9f915ce483f1a9411ca5b21776295aa4f52fa31d875f9850f3e07b8093b0f92570d41d77e68e9a79a27b6f5a2c9a100cde02ea745353e996b99b43e0f1aa51288d863859bc618a602c17a15e285e6c189a21a4762b57ce396c852a5453f035c7a2d849a98c30a2e7f797ed13ffae44e4d15a240d092a25b4820e0d2fe3b9cb74b89efc977634d1f37eddc1433f6b06fd13c543bceca1254f91413d8b914bd67f1dca660ad8ef561dfb2ce5f0486b3e1a19a3682dad8a727177a1ea448273c3cd308300e3b4fc4f96efa8d6d723de8b38f7688e13c47b2aa801ba5c33a138208412524250e41eb253520f68324dbdb5e7de6e02dc315e20cf1844cc7a5f15428dd342bcf40895d94b3de0e1acdb698a94e0dd881edfb7569d0c81981213e7186eac0d80dd35e1a48aad319678db523e9cea10163e3924c52d1d4ff589b3b228d98e64e6ee22990600ac9b272b483520148dac0e26d27ef618c86b0a49075f71d8c21e49bbcf83eb1374f0ad393074e32fa33a257f13fb187ba40b02ee6e688092e81ce0c04e3e53507b4b244fcf3afd4dbf05747a8c81828351558223a7bd0ff6684e94cd264bb3841cca4983c10b627c3c13286872798a3bce148b7f9847cb2b485bb900ad006b08482c801e9f05e5e57591e9c9ed1235c397ebffec2bffdf0eaa4aa2b3927e583f913edb95ce47603bc725ad16c59c4b638668190bd1f9c4b2c9e1b14a85d9e3e81ef3668baf27e59dd14d1ade2d7873d4feb989cdac04675f40b59a1a41453b44e0fdb89f4a7f3f52cb3a6a79d0763f85826fe1b5acb3215a0328c32ccdf2c21bb4ab3310c2d33f9b1255582e0807492ce59953f6cd4422bfa5ea9192177bbf13bd7a83807362036708653bd01b67d3def4ef7041ea29995404c0b10b0eae74bbf614652f887f755e94d390341437d50cecbf2c16fa21638ad3f85f30db17e1af9bf2b4aa8113d6a9170dc4c024f484200a471e9c73f6d2055585bdb499156081d3bc288a2ddd2b9d856c69c22ad3b4ee16555c64d86b7a9d83722860fdbf06b3a1592f3e5832fdf2d3ee078e54b7cee981cec96de0a4c77e052d2f86061cba468f6c5861771014dd56320f5fd4f84b5a890838e9fe72f41620d131cfdb7d0e627dd490acab383d5fc8cfc95e966ced3dfe3d315ad76a0452a50e8b4e9882ca9294eaa12f73629affc90505f48aedc1da6081259226056012decf4a60c3e252860cc7452e6058d8029d2d0971496e19cc94558c96678bd1b074894271b2bff2810f8a684c9329c584641bfeeb2fd4db920aec9d18e1b05803c37bc1b3cd1b3782a713ea754b1a35f137e21e31afd230aa1ba53cbc0af2ec98c860c993441007f910b8814e115725753f7a05d0b0b290048dd6aa97f3ae6f14b9652db8017e23303a3aa52c9fd5b83aa3f8ecb5e280425709237cd6fc6728664168bb2dda083ceab3ca528a78432104912e96a2ff9057885b1aebf1a8423b5c390f32bc5f3f0093870a27d8eee3576aa70a9b1ee21041a64e7dc0bbac8b46e7aa6a825bddeeab7f7bdad2ffa238a6cc77532551ebe4e650faadf67328371563e17b508ace6ed5dfcec60cd4b90ca23260f8ae78d937b7503f9595f233c7b719b837484bb684b2f9ca4df4d716a7de9ceadf0212e7f24574f1f14015ffb583c9ad2747cbddf2f0903d3dfc60eb204c6b581ba9caba16471d1bfb09b8b96ddadadcc97435ad6fe5ed249e25b01e0d5af5fe0430e4fb18eefce981fa6c78abab2a35f186137f256d8719f2053316680c03e7499941efd68a0ff066519f4d02608c320228c8cdc42fde4abecefde9d2113f730529e0215f284732d267c6804a49778a4ee32fb860122b4584a519ced4dfc0c8a3d25d90142d16e9e36eff436881dbddd06b99dee8c4e2ff7dbc19edaa7e1ad5b1f9d713abd72d4e4547b3a46ab6acfaa7d92b6da52b75bd530f6d833d156b95f1da248219c85fe807af0a47ae22c20392c889f5e89a3524cf42412a70277fe98196deb7a4c2b136fba8cc411afa84ab762d9b95b284d95f9220b3789ab54dcfb21cd2b99fcd501263cf23654c332a3aa37c6dac0c9c54e5602a691192707708e53abea4c63b7943b1348d3cf0bdce7e4076e3a4ed9afe8651cd8e953e30104534dcb6e85ab77773b60be7e46f6cd07ea8fc675d27593223dadb9cba83f3976e5133d79afd6e4a83877bd8f0d56bd99f3d996df0295838ffb421781da6c088f18f1f94e149659f02f01b99c73de89826f65bd3dbb44468518e0f0dd5fca324d3c9864d192040cd067b54b8801610bf8391ded4df50968bf7a0d0c0f7c56f47da904ad9bcc52e8690a844b7b0be9a4e7bc8ae396382ad4f6910df9eee9f19cacd9fb0aa9a378ee8b2e58befcd7158d1ea6cdc73cc63233d8c09fb4a04e7e672d7d0c7187f7b027e87560649eb8dfe97c81f3dea408f7f9c171e38892f077e9423e91b55a4635ddbea7b535d31c8ab28ae5030f04356bf05c737884a351a8da8ae81535ed5e9628befc767cd431907dd388c00b9a8d8ebf5b57017f70830dac5eb2872b77da544742d2c93940a945ed060e387e14680ea92e9a93799e64aca69ded0219486df2541b9fa209923c8d0f57978a39eba4fd17e9108243101d441cfe2c0374aaa65c434cea22e5d103588d526fc92531249ff8b8cd4783d8b915584c5ac71ff330797c85d5f66510a403cf996bec00239cef1730a35c1138b8f7f63f14e253e4d91999632d80f23076f7af79a38388e935e198d666efe799a4b8c2d82e443f01ea4907183d3bc9fb5bb94e119b1fb34beaaf1c0d296c4898600f99488a243c00309ee68a3c7297f3851ca8226eb72103d3e9981ab2dbc7dce584795aa452ee7950508f6016f04c965309f381edb1ce91059c3c21e0f7adf67f966d690545fb9597529fd5885937c433c5a156867951fc419f92ad55795a4267b0c66b59ba22ba782f92d431e37748aa41949a954b3c68120ddac938788b6d753d9152a562f8bf972c744359def08a16da4c077df2795710397e70faa3fe8e004ccf7275ad42d518094821207ad6813f66bf5c15e1a61298b3f977d7fd783f7cac82e88b652a14b9f6df36425cf89507428a6594d2200f392faea2542e6e51faa934ec1218652afd32c1f09ba277f8faa0b0fbf60b82340b42f88115394b36524026e71638bb7faec318168164e7448214f755c36dba743b15858788365171e521b9722d7950d48cb274b67361c89ef262a320186b8fb4ab84394fffdba09b14ca27608e6f49b6513d84a182459666d66902ef5cd3fa048d811401b910fc284c2d07dfe83bd398321f5e4a528b5c76dd2a4bbb7e68ce5826788c065cc686c8e174cc7cafdb289b0e4accd73fb54cccfdf3111a22a0fd764e5677cb54c94f7387b3290e8ea96a43ab678c514a33f497c3ed42ddaae3b1bad3c137d2b4aa193b2de5f4ac6e3f2a1404fcdf9919e18fb4cc8c042a72b550cf01d1dfffb8857d05d92430a669197cd66b7c7c88c539ff61aa880b94b5375989bae5fb8f381f8b211e52fd1bc3060eb2ad77d8de778a49ef3a21d992d3166c586eb5f3bb72a29da04c88441c381752939dc478b3088a66c869949b6d05a66286c61598dba66afb6d57b53ad164476d69fdb2ac668bb9c6fc4452dbb28041bb24556d3aae1dcaee06666fa18d0398e42a93741b508", 0xffe)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7, 0x5], &(0x7f0000000240), 0x0, 0x12}}, 0x40)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
socket$netlink(0x10, 0x3, 0x8000000004)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
clock_gettime(0xb, &(0x7f0000000040))
openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCGIFADDR(r5, 0x8915, &(0x7f0000000000)={'macvtap0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040e1a00031000"], 0xf)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200), 0x111}}, 0x20)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000100)={{0x9, 0x3, 0x6, 0x5, 'syz0\x00', 0x2}, 0x6, 0x3, 0x1, r0, 0x5, 0x5, 'syz1\x00', &(0x7f0000000040)=['/selinux/policy\x00', '(%*#)Q\x00', '/selinux/load\x00', '/selinux/load\x00', '/selinux/load\x00'], 0x41})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x12, 0xffffffffffffffff, 0x0)

30.948839164s ago: executing program 2 (id=1636):
syz_emit_ethernet(0x8a, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\\'], 0x7c}}, 0x80)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffff9, 0x12, r0, 0x0)
syz_emit_vhci(&(0x7f0000000600)=ANY=[@ANYBLOB="0413bd04b8b30d140900ff00c9000600c800000298899168fb9bd47a417377f44663375531f39a6b4c47d538a6b9f31e040c953f471ac1cf83eb4d3d208e410b04efeb7ec8b52100519b54110bf4eb80dd7f09733b5e9ade4141a25fdfb4543dc270c8f7acd8d7aa79d5720a5e8865ae62aa39b7c6f19337cb9c0184639247f05fd23ba47a6b7c1cab75d89343a7902a3f2347e7d43fd5ad2499da5803549020345de72a9568553bc0b1775e1b95a3dd73065e96843a9de6f3696a3d23e146762481b6b5086cfe5ef99325f937a07073e5ad50f6843851efd43e02f29b94c709c38f029839d2cc"], 0x10)

30.947940051s ago: executing program 2 (id=1638):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x800)
pipe2(&(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84080)
splice(r0, 0x0, r1, 0x0, 0x9aa7, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0xb0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @empty}}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SYNPROXY={0x1c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0xffffffff}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x8}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x9}]}]}, 0xb0}}, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000000)={0x0, <r3=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={r3, 0x80000})
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="180100000000000000000000000800218500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x20}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="6400000010000305160000000000000000008847", @ANYRES32=0x0, @ANYBLOB="00000000000000004400128009000100626f6e6400000000340002800500010004000000050016000000000008001c000000000005000c00"], 0xc3}, 0x1, 0x100000000000000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000880)=ANY=[@ANYBLOB="04010000160001040000000000000000ac1414aa000000000000000000000000ff01000000000000000000000000000100000fd100040002020000000c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc02000000000000000000000000000000000000330000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000080010000800000000000000000f3000000000000000000000000010100000000000000000000000000000000000000000000000800000000000004000000060000000004000000000000000000000a0000009400000000000000f5"], 0x104}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)

30.799891936s ago: executing program 2 (id=1641):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$peekuser(0x3, r0, 0x388)
setpgid(r0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0xc0049364, &(0x7f0000000180))

30.718299949s ago: executing program 2 (id=1643):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002640)=@newtaction={0xe94, 0x30, 0x3f, 0x0, 0x0, {}, [{0xe80, 0x1, [@m_pedit={0xe7c, 0x1, 0x0, 0x0, {{0xa}, {0xe50, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x2c, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0xfffffffc, 0x0, 0x0, 0x0, 0x100, 0x81}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x5943}, {0x0, 0x800000, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x10}, {}, {0x0, 0x2}, {0x0, 0xa2}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x1cbe}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x1}, {}, {}, {0x8, 0x10000000}, {}, {0x0, 0xfffffffe, 0x400000}, {0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff6a}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x800000}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x0, 0x0, 0x10000000, 0x0, 0x0, 0x8}, {0x0, 0x7fffffff}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x27a}, {0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x4, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0xa, 0x0, 0x200}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0xf49, 0x0, 0x0, 0x1}, {0xc}, {}, {0x0, 0x0, 0x2b7f}, {0x3ff, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0xcfc, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x800}, {0xfffffffb, 0x0, 0x0, 0x0, 0xa92}, {}, {0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x0, 0x40000000, 0x1, 0x0, 0x10001}, {0x0, 0x0, 0x20}, {}, {0x80000, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, {0xfffffffc}, {}, {}, {}, {0x0, 0xa, 0xfffffffc}, {0x0, 0x0, 0x0, 0x8}, {0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x40, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x4, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2}, {0x5}, {}, {}, {0x0, 0x1}, {}, {}, {0x7, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe94}, 0x1, 0x0, 0x0, 0x40004000}, 0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1c}, @hci_ev_le_advertising_info={{}, {0x1, [{0x0, 0x1, @none, 0x10, "0fa9d518a374131d6655df00a13637a0", 0x8}]}}}}, 0x1f)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x30, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x30}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f000000a4c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0x48}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="300000001c0001000000000004086aa42d"], 0x30}}, 0x0)

30.620107576s ago: executing program 2 (id=1646):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = dup2(r0, r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r2}, 0x10)
r3 = socket$kcm(0x29, 0x5, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x18c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x45, 0xe, {{{}, {}, @broadcast, @device_b, @random="8e742f592bf6"}, 0x0, @default, 0x1, @void, @void, @void, @val={0x4, 0x6, {0x7f, 0x1, 0x7}}, @void, @val={0x5, 0x3, {0xeb, 0x3a, 0xb0}}, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x8, 0x9, 0x11, 0x979}}}}, @NL80211_ATTR_BEACON_TAIL={0x10e, 0xf, [@perr={0x84, 0x108, {0x1, 0x10, [{{}, @device_b, 0x7c, @void, 0x7e}, {{}, @device_a, 0x90, @void, 0x25}, {{0x0, 0x1}, @broadcast, 0x5, @value, 0x22}, {{0x0, 0x1}, @device_b, 0x5, @value, 0x30}, {{0x0, 0x1}, @device_a, 0x4, @value=@device_b, 0x1d}, {{}, @device_a, 0x6, @void, 0x3e}, {{}, @broadcast, 0x38000000, @void, 0x1d}, {{0x0, 0x1}, @broadcast, 0x7, @value, 0x3c}, {{}, @device_a, 0x0, @void, 0x26}, {{0x0, 0x1}, @device_b, 0x8ec, @value=@device_b, 0xb}, {{0x0, 0x1}, @device_a, 0x1, @value, 0x40}, {{0x0, 0x1}, @device_a, 0x400, @value=@device_b, 0x1e}, {{0x0, 0x1}, @device_a, 0x7, @value=@broadcast, 0x33}, {{}, @broadcast, 0xdfb421f, @void, 0x3c}, {{0x0, 0x1}, @device_a, 0x8000, @value=@device_b, 0xa}, {{}, @device_b, 0x7a, @void, 0x32}]}}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x7}]}, 0x18c}}, 0xc010)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000040)={r4, r2})

30.469920357s ago: executing program 33 (id=1646):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = dup2(r0, r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r2}, 0x10)
r3 = socket$kcm(0x29, 0x5, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x18c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x45, 0xe, {{{}, {}, @broadcast, @device_b, @random="8e742f592bf6"}, 0x0, @default, 0x1, @void, @void, @void, @val={0x4, 0x6, {0x7f, 0x1, 0x7}}, @void, @val={0x5, 0x3, {0xeb, 0x3a, 0xb0}}, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x8, 0x9, 0x11, 0x979}}}}, @NL80211_ATTR_BEACON_TAIL={0x10e, 0xf, [@perr={0x84, 0x108, {0x1, 0x10, [{{}, @device_b, 0x7c, @void, 0x7e}, {{}, @device_a, 0x90, @void, 0x25}, {{0x0, 0x1}, @broadcast, 0x5, @value, 0x22}, {{0x0, 0x1}, @device_b, 0x5, @value, 0x30}, {{0x0, 0x1}, @device_a, 0x4, @value=@device_b, 0x1d}, {{}, @device_a, 0x6, @void, 0x3e}, {{}, @broadcast, 0x38000000, @void, 0x1d}, {{0x0, 0x1}, @broadcast, 0x7, @value, 0x3c}, {{}, @device_a, 0x0, @void, 0x26}, {{0x0, 0x1}, @device_b, 0x8ec, @value=@device_b, 0xb}, {{0x0, 0x1}, @device_a, 0x1, @value, 0x40}, {{0x0, 0x1}, @device_a, 0x400, @value=@device_b, 0x1e}, {{0x0, 0x1}, @device_a, 0x7, @value=@broadcast, 0x33}, {{}, @broadcast, 0xdfb421f, @void, 0x3c}, {{0x0, 0x1}, @device_a, 0x8000, @value=@device_b, 0xa}, {{}, @device_b, 0x7a, @void, 0x32}]}}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x7}]}, 0x18c}}, 0xc010)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000040)={r4, r2})

1.970379019s ago: executing program 0 (id=2057):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a90010000060a0b0400000000000000000200000064010480600101800a0001006d617463680000005001028008000240000000000b000100706f6c696379000038010300ebae551382395afa4d23edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316334e8278ad51f6d123a616073eb44b275fe6bc6bf402a3f9335458bb7a92f23fc0aa88f2495ff70157ea6b29f7fab11ec362920cab33500000749f342b38e0df9334cea6fe1e331d76beb7094102d5d409992dcd236e3fd7a8785f97ae9d01b0822c161a491bef0501f8e81ddd66d1b676e8c9f0b2159c2cc0b069669b5af546f644c39bedd627181d27d9c1852ae5d910550f08822c6fec60302779b9e81240172ff826781b4c761bd14eb7515ae224260c9534891afdd05d18b2ffe91f4052766a0b9fe39578fb1866142e7c1caceb88de7d6e8a5c08ce052bb461f0c7ee914ca5c98c19442d0262a6d04a8e3e29360a9b5871812e08542d54775f5843d70b15871bc247e30d66b83560c014f50000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000ae6d33c2599aa5c037ed6e1bdcb9ff20a526aeea76c00cf4ae072ebebddce29e0a1530500383c537f6c81e554a11afb2046462a57ef49acea3cba3537501dd40533eb7d45a1bc3cba6f45f5ebf7"], 0x1b8}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800) (async)
r2 = epoll_create1(0x0)
epoll_wait(r2, &(0x7f0000000480)=[{}], 0x1, 0x10000200) (async)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
epoll_pwait(r2, &(0x7f0000000040)=[{}], 0x1, 0xea5, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000080)={0x9d32f4b220c65367}) (async)
setsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, 0x0, 0x0) (async)
r4 = socket$inet6(0xa, 0x2, 0x0) (async)
rt_sigaction(0x15, 0x0, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000740))
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r5)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) (async)
sendmsg$nl_route(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="3800000068fbc77662bd7000fedbdf25000004003400000014000c1722b98b650459a25480060001001400200008000300000001001b000880050004"], 0x38}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async)
accept4$phonet_pipe(r0, &(0x7f0000000340), &(0x7f0000000380)=0x10, 0x80000) (async)
r8 = accept4$phonet_pipe(r0, &(0x7f00000003c0), &(0x7f0000000140)=0x10, 0x800)
getsockopt$PNPIPE_INITSTATE(r8, 0x113, 0x4, &(0x7f0000000200), &(0x7f0000000280)=0x4) (async)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r7, 0x800455ca, 0x0)
sendmmsg$inet(r4, &(0x7f0000000880)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880)

1.82426655s ago: executing program 0 (id=2062):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x8, 0x100800)
ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r1, 0x80184132, &(0x7f0000000240))
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syslog(0xc6761ed3, &(0x7f0000000280)=""/169, 0xa9)
r3 = mq_open(&(0x7f0000000100)='..\x00', 0x1, 0xd0, &(0x7f0000000140)={0x7, 0x1f20000000, 0x9, 0xff})
mq_notify(r3, &(0x7f0000000180)={0x0, 0x6, 0x4, @tid=r2})
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040)=0xfff)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000080), 0x9, 0x400)
ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r4, 0x80184132, &(0x7f00000000c0))

1.558880972s ago: executing program 3 (id=2070):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d300000000000001f001400070010000800130008000300080012"], 0x44}}, 0x0)

1.557984918s ago: executing program 3 (id=2072):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
openat$kvm(0x0, &(0x7f00000002c0), 0x102, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x9b99}, 0x9, [0x7, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0xa2b9, 0x6, 0x7, 0xe4, 0x9, 0xfc000000, 0x24d, 0xbbf, 0x4a732f64, 0x8, 0x9, 0xd, 0x2, 0x12a0, 0x6, 0x1, 0x2, 0x4, 0x7, 0x81, 0x8a, 0x79, 0x558e0d31, 0x4, 0x0, 0x91, 0x4, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7fff, 0x5, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x3, 0x2, 0x2, 0x3, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x6], [0x9, 0x3, 0x2, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0x10001, 0x8000, 0x5, 0x2, 0x9, 0x80000c1, 0x5, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x2, 0x1c, 0x7, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0xffff58b9, 0x4c2336d3, 0x4, 0x20000001, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00000, 0x4, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7faf, 0x35db, 0x1cb, 0x1, 0x4, 0x6, 0x438, 0x2, 0x9, 0x95, 0x8000, 0x5, 0xfffffff9, 0x200004, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x5, 0x2e6bf783, 0x80000001, 0xb, 0x5, 0x491, 0x8d3, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x40, 0x6, 0x10007, 0x7, 0x5, 0x4, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x100006, 0x8000, 0x400, 0x3e55, 0xff, 0xd3, 0x7, 0x3435, 0x3, 0x9, 0xfd, 0x401, 0x101, 0xdd83, 0x60a2, 0x17fc, 0x9d26, 0x5, 0x8, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0xfffffffc, 0x10000, 0x1, 0x8, 0xc], [0xa772, 0x1, 0x5, 0x1afa, 0x20bfc, 0x8, 0x7c81, 0x7f, 0xfffffff8, 0x100040, 0xff, 0x5, 0x7fffffff, 0x7, 0x4, 0x9, 0x81, 0x3, 0x9, 0x9, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x101, 0x80000001, 0x7777, 0xfff, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0xc, 0x7f, 0x1000, 0x1ff, 0x2000005, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x1000, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x1, 0x8, 0x5393, 0x1, 0x1b18]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r3, 0x4068aea3, &(0x7f0000000280)={0xa3, 0x0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x4005, 0x6, 0x0, 0x45, 0x1, 0xbdb], 0x1, 0x1c4213})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1.343469992s ago: executing program 4 (id=2077):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x3c, 0x0, 0x8, 0x201, 0x0, 0x0, {0x3, 0x0, 0x5}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x9c4825b4e13df336}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_SYN_SENT2={0x8, 0x9, 0x1, 0x0, 0x5}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000280)=0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000001c0)={'team0\x00', <r3=>0x0})
sendmsg$inet(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="1bce51e30f3e66d5137025fcffd61679f5011592a82cfca673d792c500c85c7dcf4569fcd1391d7eef9fa7bc182de222de65c2c8a765a37490d4a8ae29977490b3526e403805778c91b82a9c47c64e524269c49959d19b42fceb95dfbe77049e2e607081d2cbb435180cb6028318d4207fbb6ee28046a422325ce49c1804b3ca48a858d0fbd944a9531a151dcd63262b8e169f73de7b38e5b44d7d1ba4", 0x9d}, {&(0x7f00000000c0)="eedda78c4209b30877ac93b817ed52d822f86e37fea31f1f8879da57d539719c9a34b5a2ab02f6a913f5502913e937c4f2055e10c54107fb5d6fb023b997089c9fe5f19eff4a8dfa0a0df7ebfa6e77b8e777d23f433f5abfd3b17c93a0c74b67b7ed04018e220b34174cd78416ff506cd411e1", 0x73}], 0x2, &(0x7f00000002c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xe4d0}}, @ip_retopts={{0x9c, 0x0, 0x7, {[@timestamp_addr={0x44, 0x34, 0xcc, 0x1, 0xe, [{@private=0xa010100, 0x7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x6}, {@rand_addr=0x64010101, 0xffffffff}, {@multicast1, 0x10}, {@empty, 0x2}, {@local, 0x8}]}, @timestamp={0x44, 0x24, 0xaf, 0x0, 0x8, [0xffff8001, 0x66, 0x4, 0x8, 0x2, 0x4, 0xf4e9, 0x6]}, @rr={0x7, 0x27, 0x29, [@remote, @dev={0xac, 0x14, 0x14, 0x17}, @multicast2, @private=0xa010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @local, @loopback, @local]}, @ra={0x94, 0x4}, @generic={0x82, 0x6, "0e0b4284"}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @empty}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @private=0xa010100, @multicast1}}}, @ip_tos_u8={{0x11}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}], 0x158}, 0x44)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e20, @dev}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000056c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee01}}}], 0x20}}], 0x2, 0x0)
close(r0)

1.20367274s ago: executing program 4 (id=2080):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d30000000000000080014001f0010000800130008000300080012"], 0x44}}, 0x0)

1.199153136s ago: executing program 3 (id=2082):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x148)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200))

1.197394083s ago: executing program 4 (id=2083):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280)=0x11)
ioctl$TCSETSW2(r0, 0x8910, &(0x7f0000000000)={0x10000, 0xf, 0x81, 0x2, 0x4, "02a5e6aaa52f87540c49eb781075432e8bf74d", 0x9, 0x5})
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[<r3=>0x0], &(0x7f0000000340)=[<r4=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000002c0)={0x0, 0x0, 0x80000})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r4, r3], 0x2})
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r5, 0xfffffffc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0x1d, 0xa, 0xa, 0x0, 0x0, 0x61, 0x10, 0x10}}, &(0x7f0000000480)='GPL\x00'}, 0xfffffffffffffd4a)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_GET_CONFIG(r1, 0x0, 0x4080)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000e00)={0x54, r7, 0x1, 0xfffffffd, 0x25dfdbfe, {0x26}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}, {0xc, 0x8f, 0x2}, {0xc, 0x90, 0x7}}]}, 0x54}}, 0x0)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r2, &(0x7f00000006c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x80, r7, 0x100, 0x70bd29, 0x25dfdbff, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x10000}, {0x6, 0x11, 0x32}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x7}}]}, 0x80}, 0x1, 0x0, 0x0, 0x8000}, 0x81)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r9, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a33120800", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@volatile={0x7, 0x0, 0x0, 0x9, 0x5}]}}, 0x0, 0x26}, 0x28)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0900000004000000040000000200000080000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000000000000000000000003e0e58e90cef6fbde96deccc7ab73a81aea1fd20531fe00c74d49d382caf75375e8be5eaab31ab8ae38b32a7c084fd0ac22a40a3d93b5e0503f6b71b17b7db2397bb761af4a0445dd6ddb0acf4023bb7075688af8c8f93741674d849d", @ANYRES32=0x0, @ANYRES32=r10, @ANYBLOB="010000000100"/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xd, 0x4, 0x4, 0xa8, 0x0, r11, 0x0, '\x00', 0x0, r10, 0x0, 0x5}, 0x48)
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r13 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_emit_ethernet(0x56, &(0x7f0000000180)={@local, @multicast, @void, {@canfd={0xd, {{0x4, 0x0, 0x1}, 0x29, 0x1, 0x0, 0x0, "10b603c157237b1c60b0c35f407a57a88f1bc318e9f3885b94e65278919fbc170d30722f37c42c2bf5cb861483667074ff73e2b37b447c086a859dec61c861ec"}}}}, &(0x7f0000000280)={0x1, 0x1, [0xf2e, 0x26a, 0x303, 0x9e]})
connect$inet(r13, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r12, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x44801)
socket(0xa, 0x2, 0x0)

1.010099115s ago: executing program 4 (id=2085):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0xfdef)

1.00979792s ago: executing program 3 (id=2086):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x240, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)}, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001400010000000000ff94"], 0x59}, {&(0x7f0000000340)={0x109c, 0x27, 0xab4b3fff43090545, 0x70bd26, 0x25dfdbfe, "", [@generic="6f1b53883b5f27be817601f3a67ce004f6dc78b7ff17f9115444461a22f85b9f255907f1879a291a2ad6238a0c7120e53d50a86d7598c1214770afb62b09951e510716d4d185a6e25545916c1f4822b87c27663ae713aa703f1e061158d070d681d91b5141821331a12714d30e52b11b2290b434c8b5d28b120b49879b7c7a26e48d308f5ac69b4c608344", @generic="307362e83df9dbc9e72bee384b5b9117d533a5038d3067c701ba7087ede4ff56155b194d882a3791aa396c9f3f36fe6f1dfe8524b1a2fa8b5da342e7b9517ef5563af20efef09b4af5874a449b7689837aa158a238ba376f7d0f12845489f2aa5bb1ec956b41f712d9a0c81621034ae994f3255282947d376aa83a65517b5429703085acdc0a2766577431026f0d31654476ed01eafb39c0df29e348bbfaf4ad25240d9c53bccf69f9e2dfad9bcdc9269faed426f8085ff674d27b89860507380dcfb5f8386fa0ad0fcf2d5789a4c0442902d87cd11f6aebce6bfbb470740be9d99237f1dc6c0f14acdb70917b943c52de256825d4854a8415f31c51a8f44250471f543cb71d0cbc01059bb1e6ff1270c112385a8a1682a5b13cd4a8deded2c455abadd6377e225ebb52b39122ac7dc04f8a2e85f1d50edbf785d5dc0bb3660c3afbf017790a158d45fa5e11916af77daed87c451146dcb60efc32e579a3ec2292e15d8cf19e5fdeee33c19b99c400e9c66607929ab615a9caf0d71a3cbf2a30092a3b56712acc40380ae0caf1bb8152c44e71ecd08290e7d32b367b6f9cbdfbcffca6ede02aefa210098081b249a6e45a102c90a6cecb989d196b20ac84b3f0576bdf8e019af2387b5459cea26d67c5c37ceb098174cfc76b91452f4b3021a04820de5034d13664fd22b041cf926c6688ffeb3ee26307382fd6b1941c88055d381c7511924a1d0ba65c64cc08d3fdd86f98276a1188a2b39e564a2d1e064834293d3a9f9571292d16f05bdaba36af439ad784c928790035905d7ac76531ff2edb711be3baba8ae16609911f63a62fe0331e8821a7d3d1b0daa67da34b01c927f011c1ba3eec0fc4e1fd347d410bbac25537e5ebbc596560995ebaaf80981a1545dfb490bdd148bfe2378f17513a2e472f8f4eecf86bb529e47bf29a1b6fb1d88cb65c6fdd6ccc866f1d6fd2f2f91f389c289edea8179a6cb1228ed40aa4f4029647a597d19de0a53866308d23f66e48e37dbd61237ed15ce0b5b9ab4af797d7f54929c813a8db263c9d93b53c7c9566173621c94c6d91168ee06b6c3bc340918b959b3efbb2cd001a0f834d61e5aea50c0c426e19f24092dd21e6ead20f0c0aa725915fdab136b282ccaed3d2de4a713701ba0cbe005df79911a5cc4fc61f89d5d2c86036378ead1000eef55ba183de534497ef68043fa0d4835a3913a6f776ff875b403fb38fd2b6765864a25d728a3a296b4bd0c192c001b5a6125c13cf0f6d020d1d69deb821b34cefdc5cfd596aa07465a666ccac3f45b8139acab747684220a6c8f70df9fa24428d840412ed5fb109fb6eb5b922db82a103e975df1cb11afab48f7d07f5889f73be27980a8eba699ed9404de746ab9510806c4c4d2777731ed32f8bf0bf0a67c07faa66cb4a5c256635fa4aa390ae5273190351fa776562bd2401f33b10a21f0e621db5e2a89aa2b726420dc64a6a1a862f30d215d60610eb9b44090b2bbbe637f0885839d4cf87932e12d4a978a243c8fcf904f47f93921552efddf4645a1a4a53745fbb2da788c111abc43d6fbd84c2940b7e61ffbbfac9552a39860fe5fd3850630d107e670f26f26cc8e2662e2900a3766beb929bc874c801bdfaefa8b15d9061490c576ae6f2cc35966a14487e2d14540e5b2b34dcbb571f60f0ad1349d6d77641f9977a87cb414e9bc8bed3a0a1e5d885cd3add7172c33a5ac47e04d9b61f44f42fa171e8ffe670e9e3688ee65a233ec0b320d39a1e2e961196a629e22427d2a77b955606c20bcb9b411aa385595a9b1a17a4d71282d61266172affccc2450bfd7032148d009bcc188da7c2c4aee36cc1aae53ee1484ef7e0ed6b83d14a145227405eb983ce4cbfc2db680b719fe23b80ef11ca18b15b42bbb0d0b43fd77d38759a5a96c9b3de9e5c6f0bf23b85b68f379f4db83d24ff0c5d913e8acc0710f6f12c060cc83d386e1c7a18ec06e3232272191b268ca086cd1dff94e9fad7d47654b55dc99c838086011af289ba5729df2768952c3daf53026c251825486d2370f691397f7873abc0239f918297a410ea1d38709702e20b81012b9b7549f9068836f7587407dcbd94fcec857fba80c97b57c33f0f74f61d504fa1041cdbd6377f3b191dc14700c49463bed6ece1f5bff189efe3d877ad8a02d9943c3ee513dd5fae087755e00ef18ccc89f3aca1cfabbbeb19224c0f419019d40e16473583d57c774f654edcbb889cdf2698009352b760a04eb7d1d856fed8af81e5cfccf04a4906ca4c37314eaba6e64c5f222858dace33edffbc54edb4d2d96d112a019da36b71e039ef7063660cd2a8fc5911fb37e20cc73217f76381417a4835ff24f76c7b5c47e9a3b9bbb35b7796a1d8b1f6d1d96ad348efdfee725e7a65750cd30ecc889b54101ded4e5a1740dce29ce7dd78a1d1f64c3448cd9de54633848ebae7071efb9b9f7fbef54fd4636859c475ed6f7173c89220e9cfde7b8eeb9536dc4be11287ae2e2601402cb3ba63e98349f02b45da674efa7d9f1f258510d21fc2b86c00eb216a6ba3b8fb25cb9868dde0caeb632de8e6e8c7a4494b504b8dcd63c0139fea8c8b0b4cf5b279fc3c9dfca258c1962f9823ff6c0b529a3385507a25bb245fdb35a5be93e422991ac9256b29278c6561aaa15fba086111bd104b2be46d64d73f66028dbdf0b9cd60812fd6d8e40a6416561e1b38bf5b46fa3e2bcda4254e5e226a81b6e64422441ce353a69f0632ec6b6e12025414fe6f0b474be0af2f2f4773c46a12a2be8ccfcd8658b092899d0327e80d4e41ed5bb8a97e66afa4f7d46aced8021471813cba5f5f208b71de0a793717c12c2044c26cd3f751549c4a63c327d0922ea36955df968074508e062b097b1ddb6cd5554299d9d38831f06d6022d614e7c76d285f43c4179269c3d3a389395cb96c4eaf39fd51670db2d6e653215a855cedc585384537d6ca484d2d3c6b632a9cff016946011b005879d3d9d7fdb04d596b0031a0b55909713170e5acad4fbf0d1c6c1de7fc2e56080a7e07873a6dd8ff826dab942d9ab1bdedfa90284ff162b212ce4e098ddc76c86459ae6081b47ba5fbd7c15c3b6d923fbe1f5c86eeadda3b5a0ce41dd2c501b22097e94f39b7b7a64450ffbbe4bb6b6a733989fe63347281beff5790663cdeb15a4d35f50fe361d87eb2a8fa2e60a5d878abdcdae03101effa78f3c2b702945e4482dd5967c121ba7be7d3a0390375cf034b6d23cd9770bf711d16c8d0450b8d475e5a8ec65d8c3ac9ba306d8275bb6f700f690e3219234830940b0da67648a54d51caf19e25d8dc77619d839d65aa2b839f4558c6eaeca646bca300c731cd0da7932e3fc41a92509e402e1d01650484a269ff1eb265ff47d60a205626c62b2834eadde698cfb92ab0d56843b2959633e9d5696ab42354c1c727b7f7e479287e21ad0e2f13dc7c6dff0881c805ca79736abd1a45901ad77b1207295b8fc0be0d657943bb62235299cf3e2f7d379ceb6cdc48234fb1e35916604cb11179f507964fe19d613ec937003faeb824f0e76bb48a3e579a0b66027d103d0eeff46c8c727c9df93afc4bb2b7d53f9a37df9a563bfd4ab5cac5d5d3230e8fe543ac814e567e337ab496920282622faae595569dbb20d1fc5eb6af6bdb7cb716e81601dc6a1368e4d3dd0a1c38bab1d1c56d0597d4172b5c4429b5e604fdbc240a5794b7fec8cd02097f977c1b4aaf11829747a61d9badbe37bbe1f5fe26f383c7f6d4ee36740fca21f5c64cc6b5ff69631b3d5894eb088d671ff58826785f0f65941aa24809d0288bc53a7f41874c5ffd2fbb4370cb4ee979923e787c6f684e83e30623f246449418f5de74427b43a7dfb59832ef7e4b26f10a21316f05ec252bab8da4f5ebe3cf5ebd89e3dc840ce0dfac2ab3f491df09ed52a07b49cf8db8460067b0d00d389fd94e870bfe54d199495d87ac4a91d823e8e8d6870cc4b95c6dfde14d77d2e79aee817d7b17730e4bcafe17ecc18f0831dde90913c181b9c010217307f70956c60b421787e98d25b14449bcda5415ef42c404defa16b0ad7488c80264db56f485c3054a7062ecd05c5e0dcc64bb4935f1d0a1f057ed386078e1c7a3d5ee7cf53b8595471cbfb95760063cb2435f45de1efc3b190e7d5bc00d0fda63e3a6e6b6fa2c8cf8d1ff8816e3accb3f4626e74f28ef76b2e1c5fd2a4d272efcc8eb03fa8ead93248e16bc9d854fe9e78ac55c4663477df5264a4c9b9acea5e0c167da5b31bfc0c44ce2446e30d8c141c18dcb554e8481114baa033c03c458d4a9d4a1a00f1dc9cf0e7a525055bd107ada1b8d287e30f325021d057e2d290a1b9511c4d594850c3a6f564af4379309e84e29bff6374bd2db94dc63251fc4c005ae3ba22d6970a7210952703adeb1f88d28913660f0d271449598279c15a6b1d52e56f10f2a3f10b796d0564be453231f3d62260cbf4a98d96d7ff1d21308df5b22e3efc4ea8762a372b91de3460d38655ff5bf7853f23401229977cf407707181c57c72ab1fb075751c82e2c867a157138fad142fa23e273fccebbac203a41833e0ef4ea58a886f2ce2c750fade46ed41a6498c232498e8922b50940657c24d71effd52668580dcabbdb4ab6ffb50bfe75ac7067c251b548eac54253d4c5f2638aca5df3e014bf0152d2f7633932809c4575238a19a15b424b7ee3a0d338c4346d215f2240730f67677e61ad5de2c13d0b135cebc69fa73daa75437020e221addd390d8e55f4d5b6b718e84405cbee73f93f1bac1bbc11236bd8e02880df18a85d36cad63a3e597c42ea6ac1e5722d5d20c02f15f7121697c35b8ab2b8e13470961049c0fa40c714f1e18d3d9c121fcb1db2eb20a2d3917664f473def367813f5d684b86849509bcebb0be28148933e26d32460aeeb6da026e0176a2b54f7c794d8fef5605006e52d5e99f180b2e07a53f8844e5baf999dee0078cedf0758744c29659d447c791aa49dc0c6a46a12e673764ddf323a3721c47169c57c6d919efa45b636a944e49864872dc25ffa005388a721a86e356c6a0c74ffd448a672f49874970b138adc6ea58081c69f0bd204ff9c967c269be6835b2b419fb7b03c383a4e56f8eab8663f41feee37348e124e23ba88e5c13d7052161ba54ec085da098489be02acae48b1f9ebd2935e69159f3c3ea5f48062e645c9a486898eaf08dc36fe596c49b044d85ee0e4fc146c1ca829a5507800ccc1c5bf05506ac015d17ce07bfe055914af49ac8d42f5190ebf4a9d093c93c58f5da9f54124cd3cfc55e61385f417149ff6d70d2c44d5af6d86eb9db739baea19edadbd1c7bbb320ea8a2a882e4d2e6d1d9d0b97feead2fb28dbe639820fadc67bc8b444c0ab4ce14eba4bbffe8e8fee2bfbc3e5764323d1db4b51e9759e5d8e76c14655041ffc60402343477e5c732f694994cc3d5eaa28f93c49ad200ba2fbc636e9a0624881e514943e4eceefcf1b76882411fd6a19b187013830154d31df60cf4eb96242b8393b45aead999c6f70d2d857f3581e8e1f89fae50e6c25f9cc2526d79e815efd6daac5c614220c9fbc1596ccdafcf5c67bac2d98d6cbd05c634341f7fb317f6fa3676fa7bca7e45c74e282d374d9990b78f0d0110d226bfb12a26d5f73a8fdb031a99351e09a69037bb2721d89bfd33246fd237f22687439835f9731cc5d77053c2b4904c9253495ef69b2ccbd5e0458c640b6a7dd744ff002fe9302000bdddd3a7c68384f85089443d038b36502e9c0d61430287d05097d45c92d69c55b19"]}, 0x109c}], 0x2, 0x0, 0x0, 0x4000}, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

935.753706ms ago: executing program 0 (id=2088):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'ip6tnl0\x00', <r1=>0x0, 0x29, 0x7f, 0x6, 0x10000, 0x64, @loopback, @loopback, 0x8, 0x700, 0x0, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000180)={'syztnl2\x00', &(0x7f00000000c0)={'tunl0\x00', <r2=>r1, 0x1, 0x1, 0x0, 0x3, {{0x21, 0x4, 0x1, 0x4, 0x84, 0x67, 0x0, 0x2, 0x2f, 0x0, @rand_addr=0x64010101, @multicast2, {[@timestamp={0x44, 0x10, 0x16, 0x0, 0x0, [0x1ae7, 0xfffffffa, 0x9]}, @cipso={0x86, 0x2c, 0xffffffffffffffff, [{0x0, 0x2}, {0x0, 0xe, "c85562e6827c8f3c6627a8ee"}, {0x1, 0x4, "ad71"}, {0x6, 0x8, "f56619dd5623"}, {0x5, 0x6, "ad65e4bd"}, {0x1, 0x2}, {0x1, 0x2}]}, @timestamp_addr={0x44, 0x34, 0xc3, 0x1, 0x7, [{@local, 0xf6}, {@empty, 0x746b}, {@loopback, 0x1}, {@dev={0xac, 0x14, 0x14, 0x22}, 0x3}, {@dev={0xac, 0x14, 0x14, 0x21}, 0x8}, {@loopback, 0x1}]}]}}}}})
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4) (async)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/kexec_loaded', 0x400000, 0x94)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000240)={"88a834bc53f5f241d16e2f284402901b5c082d1e915b5fc4daa35654db84a597", 0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000280)={"af78f3f9441aa8f23e9273922236e085e1e5ca6e506457c3483e40646d9b3b03", r5}) (async)
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000280)={"af78f3f9441aa8f23e9273922236e085e1e5ca6e506457c3483e40646d9b3b03", r5, <r6=>0xffffffffffffffff})
r7 = bpf$ITER_CREATE(0x21, &(0x7f00000002c0)={r4}, 0x8)
setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000300)={r1, 0x1, 0x6, @remote}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r8=>0xffffffffffffffff})
pread64(r8, &(0x7f0000000380)=""/14, 0xe, 0x800)
socket$inet_icmp(0x2, 0x2, 0x1) (async)
r9 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000003c0)={'wlan1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000003c0)={'wlan1\x00'})
ioctl$MON_IOCX_MFETCH(r4, 0xc0109207, &(0x7f0000000440)={&(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x4})
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r10, 0x11, 0x64, &(0x7f0000000480)=0x2, 0x4) (async)
setsockopt$inet6_udp_encap(r10, 0x11, 0x64, &(0x7f0000000480)=0x2, 0x4)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f00000004c0)=0x3, 0x4) (async)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f00000004c0)=0x3, 0x4)
socket$inet6(0xa, 0xa, 0x4dde)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000500)={0x8, 0x5, 0xffffffff}) (async)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000500)={0x8, 0x5, 0xffffffff})
ioctl$SYNC_IOC_FILE_INFO(r6, 0xc0383e04, &(0x7f00000005c0)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000540)=[{}]})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000600)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, <r11=>0x0})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r10, 0x50009417, &(0x7f0000000800)={{r9}, r11, 0x6, @unused=[0x3, 0x3, 0x9ee, 0x3], @devid})
sendmsg$nl_route(r7, &(0x7f00000018c0)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001880)={&(0x7f0000001840)=@bridge_newneigh={0x3c, 0x1c, 0x800, 0x70bd27, 0x25dfdbfb, {0xa, 0x0, 0x0, r2, 0xdbbbd39c39ba17c9, 0xe, 0x7}, [@NDA_VNI={0x8, 0x7, 0x9}, @NDA_PROTOCOL={0x5, 0xc, 0x8}, @NDA_SRC_VNI={0x8, 0xb, 0x5}, @NDA_PROBES={0x8, 0x4, 0xfffffff8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4000080)
mkdir(&(0x7f0000001900)='./file0\x00', 0x44)
bind$inet(r9, &(0x7f0000001940)={0x2, 0x4e21, @empty}, 0x10)
socket$unix(0x1, 0x5, 0x0) (async)
socket$unix(0x1, 0x5, 0x0)
r12 = openat2$dir(0xffffffffffffff9c, &(0x7f0000001980)='./file0\x00', &(0x7f00000019c0)={0x10000, 0x0, 0x18}, 0x18)
mkdirat(r12, &(0x7f0000001a00)='./file0\x00', 0x100)

934.294636ms ago: executing program 4 (id=2090):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xff0a, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='comm\x00')
syz_usb_connect(0x5, 0x815, &(0x7f0000000180)={{0x12, 0x1, 0x250, 0x15, 0x14, 0x9b, 0x8, 0x56e, 0xbd63, 0x9dd1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x803, 0x2, 0x6, 0x8, 0x40, 0x0, [{{0x9, 0x4, 0x9c, 0x6, 0x9, 0xff, 0x5d, 0x81, 0x2, [@uac_as={[@as_header={0x7, 0x24, 0x1, 0x2, 0x1, 0x3}, @as_header={0x7, 0x24, 0x1, 0x4, 0x1, 0x2}, @as_header={0x7, 0x24, 0x1, 0xf, 0xd2}, @format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0xff, 0x48, 0x1, "3c74470ef63e"}]}], [{{0x9, 0x5, 0x8, 0xc, 0x200, 0x8, 0x4, 0x80, [@generic={0xb0, 0x57, "38902726354ae54f4d24025de34b89af015e77c5560f020740498f2cef784292f66811e30b4f6c42330787dfa2f814700232038bad9dc8c4e9d50e6f5fee03ed82eaf74f759ff2ecfb49547d9e65a8d485316cff48778cda149be54147f8ad6defd1351c7eefb31ef9dd1e1d0da916fb9bd15220c48abdea2a96d20a4ccc8aa5006282d4bcc2e7d86a822e756fcf11ed1cd3013441f295751422f62f02e28a3930dc83a7118e3ccc4f9cb3cc6b63"}]}}, {{0x9, 0x5, 0x2, 0x0, 0x40, 0x7, 0x3, 0x4, [@generic={0x6d, 0xc, "713601f012f5f48c866a09fce52704a9cf2e61e6e7292bd4797797818d991959062549899906c3671191b71e793d58ebfe3155e999b987fc76db7d79ecca3c024136918400d9380a82890c44cc00653b251c4491d4e1c70e80315009502613c6074429e589cd3a9a1dc840"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0xe3, 0xfff}]}}, {{0x9, 0x5, 0x0, 0x1, 0x0, 0xf, 0x9, 0x2}}, {{0x9, 0x5, 0x8, 0x10, 0x400, 0xff, 0x4, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0xff, 0x4}]}}, {{0x9, 0x5, 0xc, 0x10, 0x200, 0x3, 0x81, 0x40}}, {{0x9, 0x5, 0x0, 0x0, 0x0, 0xf8, 0x25, 0x5}}, {{0x9, 0x5, 0x6, 0x0, 0x10, 0xff, 0x8, 0x3}}, {{0x9, 0x5, 0xe, 0x2, 0x10, 0xd, 0x9, 0xd}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x8, 0x1, 0x4, [@generic={0x27, 0x30, "79e5780d83e52af2c432c8ed4ecbfe240cd2476d40e8428fa15ead02fde5af80cd3bad5f51"}]}}]}}, {{0x9, 0x4, 0x39, 0x9, 0x10, 0x60, 0xf8, 0xf, 0x42, [], [{{0x9, 0x5, 0x2, 0x1, 0x10, 0x6, 0x1, 0xe}}, {{0x9, 0x5, 0x9, 0x3, 0x200, 0x9, 0x0, 0x80}}, {{0x9, 0x5, 0x5, 0x0, 0x10, 0x9, 0x4, 0x41, [@generic={0x76, 0x22, "6e6b8c9380f8c484e9ec04d7f78c2671b361c1ed9a44f74ab047d7426c92f195d7799414425dc6c0ceab55b7f3da4bc82f019230ddb42ba6e5f80c486e81bb64e68b116e356b659c477b743fe58123c417d67d8f3c9e4b54eea2a07f57a65763febdd6bb4b6a427cafb9bc08d85d5d3ea57618ca"}, @generic={0xb4, 0x8, "a36a5bb356866724044a565be17303505421587c273f55d1adb123244719d817fd71bfeb910d473a2d075a728235f70947787d5994e06dac1b7537dda7e4e498f7f147b3ba2c10dcf73704a33a7c0a0336b4ac2b515071bb4d4e71fd24a08b8e4973b1fb58a294731384b10766da674b9acee802c81167beb64db32f607e1fd99998e8037555887676a425d20ad0dae228ffdf5665507c970ff3e03d80c106bc5451e635706f3dc56818bb0a1b435d7af269"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x400, 0x7, 0x1, 0x5, [@generic={0x32, 0xe, "7f74cf2abbce142635dbb234220330b5ff9eade411fdbc9e645fff61fcf7debe40ec9524cbdb36aab4c9665c814d2e42"}, @generic={0x14, 0xd, "cc2d11a51b7d15b196aec780540a36529277"}]}}, {{0x9, 0x5, 0x8, 0x0, 0x40, 0x5, 0x7}}, {{0x9, 0x5, 0xf, 0x0, 0x400, 0xeb, 0x1, 0x6, [@generic={0xec, 0x23, "71e323be9aa59562ae2937fff18988fcd04e3f2720d0ba18f405918f653c00060dc6649f56bcaf96c80a3807c0b10220b64cebf5e0d14302ef008b447b503455d4a272e9c64f4e092b7d67be3b3f542bb28c89097f64d598c22e667a8f69d4822e67415213834a39cf8bddb134023f32b0c68ff2e510e7657ebb695deff69111e67065f5b58ef53fc2c02aebc778385314a8d2ec1dc20224e783c41e4f4395f79558d5fe0bf6519439758cf2009db355f37730ed9e8f142f8c82e05f20f3e49c672e3123a84ee9768ba68e83e6011363c7d07f7638139ad822e4906e9799ef07dabaae78c9425ac6a537"}]}}, {{0x9, 0x5, 0xa, 0x10, 0x10, 0xf6, 0x0, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0xe, 0x9}]}}, {{0x9, 0x5, 0xa, 0x0, 0x40, 0x2, 0x7, 0x79}}, {{0x9, 0x5, 0x0, 0x10, 0x3ff, 0x3, 0x3, 0x30, [@uac_iso={0x7, 0x25, 0x1, 0x9487148a2733b2a5, 0x15, 0x81}, @generic={0x9b, 0xf, "ede16c4c02e0f39b6781b66f932ee6688b7ef9ebdad344dfd4931c631cb64a481db46e4ca5133cc2fbbb5875d4d5ae8f406ea8379556c18a8667ffa013d9b650f174e577977e289cd6cd1a2c8ab39b676694c42fadc53c2de60943c393467f2ab682a23e14e4ed0ef8b52ccf32dbf7b452eb47bddb52998f0d447e0005965913d8c9a357bd83f6f06ec80a88108a83aad1c6a33d150c86c539"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x10, 0xd, 0x9, 0x1}}, {{0x9, 0x5, 0x2, 0x4, 0x8, 0x2, 0xd7, 0x3}}, {{0x9, 0x5, 0x2, 0x8, 0x400, 0x4, 0x9, 0x4, [@generic={0x3f, 0x30, "178e1b27a24da825499d7735573be7b44d69a16cbb7f24c639cf81e8ec6518c03008e8f0068fa010986bbe9ac90dd178014fe70b025edf2ef316076b66"}]}}, {{0x9, 0x5, 0x0, 0x4, 0x10, 0x8, 0x7, 0xf4, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x7, 0xc}]}}, {{0x9, 0x5, 0x9, 0x3, 0x9ef2b5c78ac53002, 0x26, 0x7, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0xfc, 0x6}]}}, {{0x9, 0x5, 0x7, 0x0, 0x40, 0x5, 0x8, 0x0, [@generic={0xf2, 0x10, "698069b52505b44edd412ff11cae05aa638ea28f2aef8738e54bfd601db909ee70aa509a5b499af49d0861ef77c7912992aca227210219c66799229b29845942ca6ac7e69fc978b4b50d234fb195ae01a36a60bb90f483a6a2decf200ae936496906eb03109852c63f04fece537385e07940b305c08b93e61916b830dd02b2a1375e1976322009e7f9d029d65f650d36d337d7e219ab4088b094f71096de548493f9d9823100703ad4162ff6f7be40db37e17e4258e927f967783b01cc70dfa7dd16279308831e8ca486022af650d2424eed102b86daefa1f55bf4e64cc4a84ea8b19ba8deb6fd15a3f5fc2352b0fce2"}]}}, {{0x9, 0x5, 0xe, 0x3, 0x20, 0x4, 0x2, 0x8, [@generic={0x79, 0x21, "0c0c6137205fe5b98ebbed114d60f193c54df2d1c399595240df98602d0e20306e50c47560486fc725592ae41b1247c924ebd1e39c4789131ffd07c58a402701813324f7ec9626a564ae2b35088700fb8b1d82b5722a2d0c648abeaff3e52725a0be834b451f58a54c9c2c4ffa2075693e89ac9299dd72"}, @generic={0xd4, 0x22, "2b14bd7cc552edee8035d820e0fd2bb72375dfec7cab5d0080c040131da0bc018159263a2eef2700a731e1c6818fdac4a7c1c27449b3031b58eaa93bf555871e8b8af2a058531e503b004aa419da00c288a3a56b8b518462c47241c2571d202caf4001b9182747cacb261665821806afa3329a8d281e7fd3116eb6926a71d8b56b04837aab71178862a7f547953f87b84c87d856d82eae8103b78efc65338646e7c385435e797bb83253a502e4bf586a5aa4e93a6ec761b6ca8e8a073854a79846b1149fa9c5afe3f17c9f67bdea90f576df"}]}}]}}]}}]}}, &(0x7f0000000a80)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x310, 0x7, 0x7, 0x4}, 0x28, &(0x7f00000000c0)={0x5, 0xf, 0x28, 0x2, [@ssp_cap={0x20, 0x10, 0xa, 0x5f, 0x5, 0xe77e, 0xf000, 0x9, [0x19e, 0xa0, 0xc000, 0x30, 0x0]}, @ptm_cap={0x3}]}, 0x2, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x41a}}, {0x85, &(0x7f00000009c0)=@string={0x85, 0x3, "06845a1b76b7b92c870e3821863385404b39389c7b212fd9e7586c1b45891d9167845630b00fe688a5030795a7da022ea80aaad58ef48f5e7aee84dd2672f4f7410f8a86a4a1c2e9cab19505731c19765942e3cd3c24f356cfab692aa543e9845b8ab98267b12a779b9e9a894fe6a02506a9fb523310d08ff45830e66998b07cdb1fed"}}]})
write$binfmt_script(r2, 0x0, 0x0)
ioctl$KVM_CAP_VM_TYPES(r2, 0x4068aea3, &(0x7f0000000000)={0xeb, 0x0, 0x9})

847.435659ms ago: executing program 0 (id=2091):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
openat$kvm(0x0, &(0x7f00000002c0), 0x102, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x9b99}, 0x9, [0x7, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0xa2b9, 0x6, 0x7, 0xe4, 0x9, 0xfc000000, 0x24d, 0xbbf, 0x4a732f64, 0x8, 0x9, 0xd, 0x2, 0x12a0, 0x6, 0x1, 0x2, 0x4, 0x7, 0x81, 0x8a, 0x79, 0x558e0d31, 0x4, 0x0, 0x91, 0x4, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7fff, 0x5, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x3, 0x2, 0x2, 0x3, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x6], [0x9, 0x3, 0x2, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0x10001, 0x8000, 0x5, 0x2, 0x9, 0x80000c1, 0x5, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x2, 0x1c, 0x7, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0xffff58b9, 0x4c2336d3, 0x4, 0x20000001, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00000, 0x4, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7faf, 0x35db, 0x1cb, 0x1, 0x4, 0x6, 0x438, 0x2, 0x9, 0x95, 0x8000, 0x5, 0xfffffff9, 0x200004, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x5, 0x2e6bf783, 0x80000001, 0xb, 0x5, 0x491, 0x8d3, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x40, 0x6, 0x10007, 0x7, 0x5, 0x4, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x100006, 0x8000, 0x400, 0x3e55, 0xff, 0xd3, 0x7, 0x3435, 0x3, 0x9, 0xfd, 0x401, 0x101, 0xdd83, 0x60a2, 0x17fc, 0x9d26, 0x5, 0x8, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0xfffffffc, 0x10000, 0x1, 0x8, 0xc], [0xa772, 0x1, 0x5, 0x1afa, 0x20bfc, 0x8, 0x7c81, 0x7f, 0xfffffff8, 0x100040, 0xff, 0x5, 0x7fffffff, 0x7, 0x4, 0x9, 0x81, 0x3, 0x9, 0x9, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x101, 0x80000001, 0x7777, 0xfff, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0xc, 0x7f, 0x1000, 0x1ff, 0x2000005, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x1000, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x1, 0x8, 0x5393, 0x1, 0x1b18]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r3, 0x4068aea3, &(0x7f0000000280)={0xa3, 0x0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

710.149942ms ago: executing program 3 (id=2092):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d30000000000000080014001f0010000800130008000300080012"], 0x44}}, 0x0)

709.926703ms ago: executing program 3 (id=2093):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
r4 = syz_io_uring_setup(0x49b, &(0x7f0000000400)={0x0, 0xcc90, 0x100, 0x100003, 0x288}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITE={0x17, 0x0, 0x4004, @fd=r3, 0xb, 0x0, 0x0, 0x4, 0x1})
io_uring_enter(r4, 0x3513, 0x217, 0xa1, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x33, 0x1, 0x70bd2b, 0x25dbdbfe, {0x4}, [@typed={0x8, 0x4, 0x0, 0x0, @u32=0x2}, @typed={0x8, 0x5, 0x0, 0x0, @uid}]}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x4000000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYRES16=r7], 0x34}}, 0x40800)

550.378711ms ago: executing program 0 (id=2096):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="ec00000021000100000000000000000000000000000000000000000000000000fe8000"/54, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c001100e0000001000000000000000000000000ac1414aa000000000000000000000000ac1414aa000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000ac1e0001000000000000000000000000e000000200"/164], 0xec}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000030a01080000000000000000010040000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000088000000060a010400000000000000000100000008000b40000000000900010073797a3000000000600004805c0001800b0001007470726f787900004c00028008000340000000160800014000"], 0x110}}, 0x40040)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000340)=0x9, 0x4)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100, 0x198)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="ec00000021000100000000000000000000000000000000000000000000000000fe8000"/54, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c001100e0000001000000000000000000000000ac1414aa000000000000000000000000ac1414aa000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000ac1e0001000000000000000000000000e000000200"/164], 0xec}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000030a01080000000000000000010040000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000088000000060a010400000000000000000100000008000b40000000000900010073797a3000000000600004805c0001800b0001007470726f787900004c00028008000340000000160800014000"], 0x110}}, 0x40040) (async)
socket$nl_audit(0x10, 0x3, 0x9) (async)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000340)=0x9, 0x4) (async)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100, 0x198) (async)

549.181153ms ago: executing program 0 (id=2098):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x1ab801, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6d, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}], 0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x7, 0x3, 0x6, 0x2, 0x80000000, 0x2004c8, 0x0, 0x0, 0x1000000100800001, 0x0, 0x0, 0x2000, 0x4, 0x0, 0x5], 0x6000, 0x200306})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f0000000100)=0xf, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e21, @private=0xa010102}], 0x10)
recvmsg(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
setsockopt(r4, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)

548.547414ms ago: executing program 5 (id=2099):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x111481, 0x0)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001200)={0x11, 0x15, &(0x7f0000001340)=@framed={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x3}}, @initr0, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000007910a800000000001d0a00000000000095001c0000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="0001000000000000000000000000006111180000000000950000000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xac, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x70)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x111481, 0x0) (async)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001200)={0x11, 0x15, &(0x7f0000001340)=@framed={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x3}}, @initr0, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000007910a800000000001d0a00000000000095001c0000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="0001000000000000000000000000006111180000000000950000000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xac, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x70) (async)

468.000484ms ago: executing program 5 (id=2100):
socket$netlink(0x10, 0x3, 0x14)
socket$packet(0x11, 0xa, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="080086dd0001110004600000a60c6eec00be00442cfffe8000000000000000000000000000aaff02000080fe00000000000000000001", @ANYRES64=r1], 0xfdef)

370.122069ms ago: executing program 5 (id=2101):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0}, './file1\x00'}) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, 0x13, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async)
chdir(&(0x7f0000000140)='./bus\x00') (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0) (async)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x0) (async)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x7d, &(0x7f0000000000)={0x0, 0xffff0006}, 0x8) (async)
syz_emit_ethernet(0x6a, &(0x7f00000007c0)=ANY=[@ANYBLOB="ffffffffffff1704b45adbde08004500005c0000000000019078ac1e0001ac1414aa05009078e00000e0400000000001000000330000ac1414aa0000000083030007030044240003ac1e060155ab00000000000000000000ac1414aa00000000ac1414bb000000000000"], 0x0) (async)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x4, 0x3, 0x3}, 0x10) (async)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0) (async)
mount(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='nfs4\x00', 0x208000, 0x0) (async)
r4 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2) (async)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
write$binfmt_misc(r5, &(0x7f00000000c0), 0xfdef) (async)
fspick(r5, &(0x7f0000000200)='./file0\x00', 0x0)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f00000001c0)=0x304008000) (async)
ioctl$VIDIOC_S_TUNER(r4, 0x4054561e, &(0x7f00000000c0)={0x5, "8dd0bdd37d33e83cccdb253ebab7c8dc9687983ba5298e04b9ef8e177c23dc3f", 0x3, 0x8, 0x6, 0xfffffffb, 0x8, 0x0, 0x2, 0xf38}) (async)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x49, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1}}) (async)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r7, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)={0x118, 0x4, 0x8, 0x401, 0x0, 0x0, {0x5, 0x0, 0x9}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x44, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xff}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xfff}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xfffffffb}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xffff777c}]}, @CTA_TIMEOUT_L4PROTO={0x5}, @CTA_TIMEOUT_DATA={0x3c, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x88}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3ff}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0xdbb}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x9}]}, @CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_TIMEWAIT={0x8, 0x7, 0x1, 0x0, 0x80000004}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_DCCP_REQUEST={0x8, 0x1, 0x1, 0x0, 0xe0}]}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_CLOSE_WAIT={0x8, 0x5, 0x1, 0x0, 0x40}, @CTA_TIMEOUT_TCP_SYN_SENT={0x8, 0x1, 0x1, 0x0, 0xffffffff}]}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0xaa53}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x2}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x201}]}, 0x118}, 0x1, 0x0, 0x0, 0x40000}, 0x9f59c312aaccb9d)

369.929591ms ago: executing program 5 (id=2102):
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r0=>0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e80", 0x3)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560a067fbc45ff620500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000ffd9dd00000010000100030808004149004006040800", 0x58}], 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
clock_gettime(0xb, &(0x7f0000000040))
openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCGIFADDR(r5, 0x8915, &(0x7f0000000000)={'macvtap0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040e1a00031000"], 0xf)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200), 0x111}}, 0x20)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000100)={{0x9, 0x3, 0x6, 0x5, 'syz0\x00', 0x2}, 0x6, 0x3, 0x1, r0, 0x5, 0x5, 'syz1\x00', &(0x7f0000000040)=['/selinux/policy\x00', '(%*#)Q\x00', '/selinux/load\x00', '/selinux/load\x00', '/selinux/load\x00'], 0x41})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x12, 0xffffffffffffffff, 0x0)

169.999649ms ago: executing program 4 (id=2103):
r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x200000001000, 0x2)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
ppoll(&(0x7f0000000240)=[{r1}], 0x1, &(0x7f0000000340), 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x18, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_GET(r3, 0x4b66, &(0x7f0000000100)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = dup(r2)
write$UHID_INPUT(r4, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b29090955f70e0dd038e7ff7fc6e5539b324c078b089b32313b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r5 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x400000)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffffffffffb, 0x6, 0x4, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000000)="a1f8a81b133d", 0x0, 0x0, 0x10060, 0x0, 0x0})
gettid()
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
r7 = syz_open_dev$video(&(0x7f0000000000), 0xd, 0x0)
ioctl$VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f00000002c0)={0xa, @pix={0x2, 0x0, 0x30314247, 0x0, 0x0, 0x0, 0x6, 0x1, 0x3, 0x0, 0x0, 0x1}})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000300)={'bond0\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r10, 0x401c0}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x1}]}}}]}, 0x3c}}, 0x0)
r11 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xffeffffffffffffa]}, 0x8, 0x0)
io_setup(0x206, &(0x7f0000000200)=<r12=>0x0)
io_submit(r12, 0x47f, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r11, &(0x7f00000003c0)="951aa14bd6f68579cac67c83bf8d4500e5cea1bb1596d4ee6645fa16fa7cacb9214070a622a2c57b89075f59b85c7b5b2c41edc9d2cd5a2c95ed1c2cf72425be9c1a2df1b60a309bc3228d7e85b300f0d7a042a40166b9208e9d2e423c32ad8e47adedf5dc425c6bcb031fb2230835d41afc23476eae602bad3246417e5ac757", 0x80}])
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r6, &(0x7f0000006840)={0x2020, 0x0, 0x0, <r13=>0x0}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000, 0x0, r13, 0x0, 0x440}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
fstat(r5, &(0x7f0000000380))
fcntl$getown(r5, 0x9)

209.199µs ago: executing program 5 (id=2104):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtaction={0x14, 0x30, 0x1}, 0x14}}, 0x80)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_debug_messages', 0x48a82, 0x0)
write$sysctl(r1, &(0x7f0000000100)='0\x00', 0x2)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000080)=[{&(0x7f00000000c0)="480000001500257f09004b01fcfc8c860a881300f217e0060000e3323909b8f8896e33719fe3bb036e0bc90900000000000000000000ffff5bf1090000d0bd5e000000006203005b", 0x48}], 0x1)

0s ago: executing program 5 (id=2105):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2)
r2 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x200)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
r4 = dup3(r2, r1, 0x80000)
ioctl$NBD_DO_IT(r4, 0xab03)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r4)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x1c, r5, 0x1, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='udf\x00', 0x20001b, 0x0)

kernel console output (not intermixed with test programs):

3][T10868] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1502'.
[  146.870708][T10870] netlink: 'syz.0.1503': attribute type 21 has an invalid length.
[  146.902162][T10878] trusted_key: encrypted_key: key user:syz not found
[  147.250598][T10896] overlayfs: failed to clone lowerpath
[  147.577973][T10916] overlayfs: workdir and upperdir must be separate subtrees
[  147.581184][T10915] overlayfs: workdir and upperdir must be separate subtrees
[  147.667125][T10922] fuse: Unknown parameter 'fÄ'
[  148.198523][T10947] __nla_validate_parse: 4 callbacks suppressed
[  148.198533][T10947] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1527'.
[  148.201080][T10945] erspan0: entered promiscuous mode
[  148.296537][T10950] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1528'.
[  148.465910][   T24] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  148.475540][T10966] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[  148.625144][   T24] usb 7-1: Using ep0 maxpacket: 8
[  148.627661][T10983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1537'.
[  148.628694][   T24] usb 7-1: config 106 has an invalid interface number: 120 but max is 2
[  148.633328][   T24] usb 7-1: config 106 contains an unexpected descriptor of type 0x1, skipping
[  148.636363][   T24] usb 7-1: config 106 has an invalid interface number: 163 but max is 2
[  148.639041][   T24] usb 7-1: config 106 contains an unexpected descriptor of type 0x1, skipping
[  148.641858][   T24] usb 7-1: config 106 has an invalid interface number: 58 but max is 2
[  148.644427][   T24] usb 7-1: config 106 has no interface number 0
[  148.646449][   T24] usb 7-1: config 106 has no interface number 1
[  148.648647][   T24] usb 7-1: config 106 has no interface number 2
[  148.650612][   T24] usb 7-1: config 106 interface 120 altsetting 9 endpoint 0x9 has an invalid bInterval 195, changing to 7
[  148.654095][   T24] usb 7-1: config 106 interface 120 altsetting 9 endpoint 0x7 has invalid maxpacket 1104, setting to 1024
[  148.657681][   T24] usb 7-1: config 106 interface 120 altsetting 9 bulk endpoint 0x7 has invalid maxpacket 1024
[  148.660870][   T24] usb 7-1: config 106 interface 120 altsetting 9 has a duplicate endpoint with address 0xF, skipping
[  148.664228][   T24] usb 7-1: config 106 interface 120 altsetting 9 endpoint 0x5 has invalid maxpacket 512, setting to 64
[  148.667779][   T24] usb 7-1: config 106 interface 120 altsetting 9 has a duplicate endpoint with address 0x6, skipping
[  148.671221][   T24] usb 7-1: config 106 interface 120 altsetting 9 endpoint 0x1 has invalid maxpacket 57591, setting to 64
[  148.676609][   T24] usb 7-1: config 106 interface 120 altsetting 9 has a duplicate endpoint with address 0x5, skipping
[  148.681324][   T24] usb 7-1: config 106 interface 120 altsetting 9 has a duplicate endpoint with address 0xC, skipping
[  148.685726][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x1, skipping
[  148.690342][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[  148.694865][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x8, skipping
[  148.699679][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[  148.704129][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[  148.708640][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  148.713120][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x6, skipping
[  148.717918][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x7, skipping
[  148.722383][   T24] usb 7-1: config 106 interface 163 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  148.726756][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[  148.731251][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[  148.736008][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0xE, skipping
[  148.740492][   T24] usb 7-1: config 106 interface 163 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  148.745047][   T24] usb 7-1: config 106 interface 58 altsetting 1 has a duplicate endpoint with address 0xB, skipping
[  148.749756][   T24] usb 7-1: config 106 interface 58 altsetting 1 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  148.754589][   T24] usb 7-1: config 106 interface 58 altsetting 1 has a duplicate endpoint with address 0x8E, skipping
[  148.759121][   T24] usb 7-1: config 106 interface 58 altsetting 1 has a duplicate endpoint with address 0x1, skipping
[  148.763567][   T24] usb 7-1: config 106 interface 58 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[  148.768099][   T24] usb 7-1: config 106 interface 58 altsetting 1 has a duplicate endpoint with address 0x3, skipping
[  148.772810][   T24] usb 7-1: config 106 interface 58 altsetting 1 has a duplicate endpoint with address 0x7, skipping
[  148.777386][   T24] usb 7-1: config 106 interface 58 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[  148.781991][   T24] usb 7-1: config 106 interface 58 altsetting 1 has a duplicate endpoint with address 0x3, skipping
[  148.786596][   T24] usb 7-1: config 106 interface 58 altsetting 1 has a duplicate endpoint with address 0x3, skipping
[  148.791246][   T24] usb 7-1: config 106 interface 58 altsetting 1 has 9 endpoint descriptors, different from the interface descriptor's value: 8
[  148.796058][T10990] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1539'.
[  148.796797][   T24] usb 7-1: config 106 interface 120 has no altsetting 0
[  148.800814][T10990] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1539'.
[  148.803367][   T24] usb 7-1: config 106 interface 163 has no altsetting 0
[  148.803387][   T24] usb 7-1: config 106 interface 58 has no altsetting 0
[  148.814504][   T24] usb 7-1: New USB device found, idVendor=0cf3, idProduct=b003, bcdDevice=85.ec
[  148.818487][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.821936][   T24] usb 7-1: Product: Ъ
[  148.823763][   T24] usb 7-1: Manufacturer: ᠌
[  148.826249][   T24] usb 7-1: SerialNumber: �
[  148.831884][T10990] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  148.837370][T10948] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  148.839761][T10948] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  149.047930][T10945] netlink: 'syz.2.1525': attribute type 64 has an invalid length.
[  149.051239][T10945] netlink: 'syz.2.1525': attribute type 4 has an invalid length.
[  149.054377][T10945] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1525'.
[  149.089444][T11006] netlink: 'syz.3.1542': attribute type 10 has an invalid length.
[  149.106120][T11006] team0: Port device dummy0 added
[  149.110020][T11006] netlink: 'syz.3.1542': attribute type 10 has an invalid length.
[  149.123188][T11006] team0: Port device dummy0 removed
[  149.128529][T11006] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  149.140419][   T24] usb 7-1: ath9k_htc: Device endpoint numbers are not the expected ones
[  149.155483][   T24] usb 7-1: ath9k_htc: Device endpoint numbers are not the expected ones
[  149.176861][   T24] usb 7-1: ath9k_htc: Device endpoint numbers are not the expected ones
[  149.181652][   T24] usb 7-1: USB disconnect, device number 12
[  149.271353][T11014] 9pnet_virtio: no channels available for device ./file0
[  149.280037][T11014] binder: 11013:11014 ioctl c0306201 0 returned -14
[  149.325528][T11010] block nbd3: Attempted send on invalid socket
[  149.327638][T11010] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  149.331056][T11010] XFS (nbd3): SB validate failed with error -5.
[  149.739621][T11044] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1554'.
[  149.746760][T11045] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  150.281283][ T5974] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  150.288428][ T5974] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  150.292401][ T5974] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  150.298237][ T5974] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  150.301971][ T5974] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  150.469467][T11064] chnl_net:caif_netlink_parms(): no params data found
[  150.553890][T11064] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.560317][T11064] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.563428][T11064] bridge_slave_0: entered allmulticast mode
[  150.567784][T11064] bridge_slave_0: entered promiscuous mode
[  150.572345][T11064] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.575811][T11064] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.578903][T11064] bridge_slave_1: entered allmulticast mode
[  150.582754][T11064] bridge_slave_1: entered promiscuous mode
[  150.588557][T11073] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1563'.
[  150.631558][T11064] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  150.636288][T11064] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  150.703070][   T46] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.718663][T11064] team0: Port device team_slave_0 added
[  150.724077][T11064] team0: Port device team_slave_1 added
[  150.766521][T11064] batman_adv: batadv0: Adding interface: batadv_slave_0
[  150.768911][T11064] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.777402][T11064] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  150.782782][T11064] batman_adv: batadv0: Adding interface: batadv_slave_1
[  150.786581][T11064] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.797730][T11064] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  150.810956][   T46] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.874421][T11088] xt_l2tp: invalid flags combination: 8
[  150.893771][   T46] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.904565][T11064] hsr_slave_0: entered promiscuous mode
[  150.908213][T11064] hsr_slave_1: entered promiscuous mode
[  150.932526][T11060] overlayfs: statfs failed on './file0'
[  150.941604][T11062] overlayfs: statfs failed on './file0'
[  150.963671][T11094] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1570'.
[  150.974835][   T46] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.095405][T11094] team0 (unregistering): Port device team_slave_0 removed
[  151.106278][T11094] team0 (unregistering): Port device team_slave_1 removed
[  151.315543][   T46] dummy0: left allmulticast mode
[  151.319446][   T46] bridge0: port 3(dummy0) entered disabled state
[  151.324865][   T46] bridge_slave_1: left allmulticast mode
[  151.327426][   T46] bridge_slave_1: left promiscuous mode
[  151.329831][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.337888][   T46] bridge_slave_0: left allmulticast mode
[  151.340265][   T46] bridge_slave_0: left promiscuous mode
[  151.342846][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.444864][   T46] bond4 (unregistering): (slave ip6gre1): Releasing backup interface
[  151.448448][   T46] ip6gre1 (unregistering): left promiscuous mode
[  151.456605][T11120] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1575'.
[  151.652063][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  151.658647][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  151.664934][   T46] bond0 (unregistering): Released all slaves
[  151.740703][   T46] bond1 (unregistering): Released all slaves
[  151.751010][   T46] bond2 (unregistering): Released all slaves
[  151.763009][   T46] bond3 (unregistering): Released all slaves
[  151.852625][   T46] bond4 (unregistering): Released all slaves
[  151.890596][T11064] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  151.898681][T11064] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  151.907994][T11064] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  151.946512][T11064] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  151.966815][   T46] tipc: Left network mode
[  152.123017][T11064] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.136015][T11154] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  152.136703][T11064] 8021q: adding VLAN 0 to HW filter on device team0
[  152.159018][   T91] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.161435][   T91] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.178124][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.180352][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.296123][   T46] hsr_slave_0: left promiscuous mode
[  152.298455][   T46] hsr_slave_1: left promiscuous mode
[  152.300613][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.303071][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.319903][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.322262][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.335319][ T5974] Bluetooth: hci4: command tx timeout
[  152.354714][   T46] veth1_macvtap: left promiscuous mode
[  152.357910][   T46] veth0_macvtap: left promiscuous mode
[  152.360158][   T46] veth1_vlan: left promiscuous mode
[  152.361955][   T46] veth0_vlan: left promiscuous mode
[  152.748366][T11187] No control pipe specified
[  153.078367][   T46] team0 (unregistering): Port device team_slave_1 removed
[  153.160686][   T46] team0 (unregistering): Port device team_slave_0 removed
[  153.811263][T11064] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.830467][   T40] kauditd_printk_skb: 76 callbacks suppressed
[  153.830477][   T40] audit: type=1400 audit(1758375953.835:691): avc:  denied  { bind } for  pid=11211 comm="syz.0.1598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  153.866942][T11208] macsec1: entered promiscuous mode
[  153.869965][T11208] bridge0: port 3(macsec1) entered blocking state
[  153.873106][T11208] bridge0: port 3(macsec1) entered disabled state
[  153.877757][T11208] macsec1: entered allmulticast mode
[  153.879720][T11208] bridge0: entered allmulticast mode
[  153.891289][T11208] macsec1: left allmulticast mode
[  153.893498][T11208] bridge0: left allmulticast mode
[  154.050651][T11064] veth0_vlan: entered promiscuous mode
[  154.058170][T11064] veth1_vlan: entered promiscuous mode
[  154.073785][T11064] veth0_macvtap: entered promiscuous mode
[  154.080124][T11064] veth1_macvtap: entered promiscuous mode
[  154.089015][T11064] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.097026][T11064] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.104384][ T1144] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.110111][ T1144] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.120900][ T1144] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.128595][ T1144] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.193672][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.196523][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.210103][T11249] IPVS: Error connecting to the multicast addr
[  154.216039][T11250] IPVS: Error connecting to the multicast addr
[  154.220505][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.223664][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.236442][   T40] audit: type=1400 audit(1758375954.245:692): avc:  denied  { mounton } for  pid=11064 comm="syz-executor" path="/syzkaller.V0sC8b/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  154.260640][T11254] tmpfs: User quota inode hardlimit too large.
[  154.282616][   T40] audit: type=1400 audit(1758375954.285:693): avc:  denied  { mounton } for  pid=11255 comm="syz.4.1562" path="/0/file1/file0" dev="autofs" ino=37652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  154.282657][T11256] fuse: Unknown parameter 'rootmod{'
[  154.410231][T11267] overlayfs: failed to clone upperpath
[  154.415189][ T5974] Bluetooth: hci4: command tx timeout
[  154.419066][T11268] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  154.419066][T11268] The task syz.4.1613 (11268) triggered the difference, watch for misbehavior.
[  154.479665][T11276] afs: Bad value for 'source'
[  154.482141][   T40] audit: type=1400 audit(1758375954.485:694): avc:  denied  { setopt } for  pid=11274 comm="syz.3.1617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  154.541936][T11281] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1617'.
[  154.677189][   T40] audit: type=1400 audit(1758375954.685:695): avc:  denied  { create } for  pid=11284 comm="syz.0.1619" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  154.713877][   T40] audit: type=1400 audit(1758375954.715:696): avc:  denied  { unlink } for  pid=5979 comm="syz-executor" name="file0" dev="tmpfs" ino=3051 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  154.839009][T11298] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  154.843950][T11298] lo speed is unknown, defaulting to 1000
[  154.846834][T11298] lo speed is unknown, defaulting to 1000
[  154.849906][T11298] lo speed is unknown, defaulting to 1000
[  154.861804][T11298] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  154.887405][T11298] lo speed is unknown, defaulting to 1000
[  154.890209][T11298] lo speed is unknown, defaulting to 1000
[  154.892786][T11298] lo speed is unknown, defaulting to 1000
[  154.894883][   T40] audit: type=1400 audit(1758375954.895:697): avc:  denied  { ioctl } for  pid=11297 comm="syz.0.1624" path="socket:[37739]" dev="sockfs" ino=37739 ioctlcmd=0x9414 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  154.896989][T11298] lo speed is unknown, defaulting to 1000
[  154.900288][T11301] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  154.910532][T11298] lo speed is unknown, defaulting to 1000
[  155.103252][T11316] overlay: ./file0 is not a directory
[  155.116168][T11316] pvfs2: Unknown parameter 'cache'
[  155.549928][T11345] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1638'.
[  155.554044][T11345] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (133)
[  155.567867][T11348] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1639'.
[  155.572278][T11345] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1638'.
[  155.606710][   T40] audit: type=1400 audit(1758375955.615:698): avc:  denied  { module_load } for  pid=11347 comm="syz.4.1639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  156.138082][   T40] audit: type=1400 audit(1758375956.145:699): avc:  denied  { connect } for  pid=11369 comm="syz.0.1649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  156.178374][   T63] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  156.183603][   T63] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  156.188018][   T63] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  156.190967][   T63] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  156.194441][   T63] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  156.229657][T11374] lo speed is unknown, defaulting to 1000
[  156.308781][T11380] No control pipe specified
[  156.377907][T11389] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1653'.
[  156.420266][T11374] chnl_net:caif_netlink_parms(): no params data found
[  156.444571][   T40] audit: type=1400 audit(1758375956.445:700): avc:  denied  { getopt } for  pid=11394 comm="syz.3.1655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  156.499534][T11403] No control pipe specified
[  156.503373][   T63] Bluetooth: hci4: command tx timeout
[  156.549481][T11374] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.552093][T11374] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.555007][T11374] bridge_slave_0: entered allmulticast mode
[  156.558056][T11374] bridge_slave_0: entered promiscuous mode
[  156.561212][T11374] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.563437][T11374] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.566043][T11374] bridge_slave_1: entered allmulticast mode
[  156.569059][T11374] bridge_slave_1: entered promiscuous mode
[  156.621854][T11374] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.627061][T11374] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.688963][T11374] team0: Port device team_slave_0 added
[  156.694681][T11374] team0: Port device team_slave_1 added
[  156.747733][T11374] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.750004][T11374] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.759475][T11374] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.764670][T11374] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.767935][T11374] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.776170][T11374] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.821987][T11374] hsr_slave_0: entered promiscuous mode
[  156.824252][T11374] hsr_slave_1: entered promiscuous mode
[  156.826508][T11374] debugfs: 'hsr0' already exists in 'hsr'
[  156.828396][T11374] Cannot create hsr debugfs directory
[  156.968351][T11374] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  156.974540][T11374] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  156.980327][T11374] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  156.984564][T11374] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  157.046182][T11374] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.062363][T11374] 8021q: adding VLAN 0 to HW filter on device team0
[  157.070270][   T91] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.072575][   T91] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.085185][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.087577][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.218601][T11374] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.382009][T11374] veth0_vlan: entered promiscuous mode
[  157.390273][T11374] veth1_vlan: entered promiscuous mode
[  157.411250][T11374] veth0_macvtap: entered promiscuous mode
[  157.420093][T11374] veth1_macvtap: entered promiscuous mode
[  157.431645][T11374] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.439674][T11374] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.448515][ T7936] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.451296][ T7936] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.454065][ T7936] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.457297][ T7936] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.500770][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.510056][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.528635][ T7942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.531269][ T7942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.614188][T11449] lo speed is unknown, defaulting to 1000
[  157.825057][T11461] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1665'.
[  157.897478][T11456] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1664'.
[  158.002542][T11473] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1670'.
[  158.072283][T11480] netlink: 'syz.0.1673': attribute type 1 has an invalid length.
[  158.201305][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.204284][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.206864][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.209292][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.211667][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.220333][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.222943][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.226560][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.228870][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.231353][   T34] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  158.240188][   T34] hid-generic 0000:0000:0000.000D: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  158.255389][   T63] Bluetooth: hci1: command tx timeout
[  158.267361][T11498] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1678'.
[  158.267718][T11497] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1679'.
[  158.348532][T11502] overlayfs: failed to clone upperpath
[  158.587483][   T63] Bluetooth: hci4: command tx timeout
[  158.911523][ T5974] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  158.915653][ T5974] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  158.919280][ T5974] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  158.922045][ T5974] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  158.924973][ T5974] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  158.952294][T11536] lo speed is unknown, defaulting to 1000
[  159.043517][T11536] chnl_net:caif_netlink_parms(): no params data found
[  159.104752][T11547] /dev/nullb0: Can't open blockdev
[  159.197211][T11536] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.200269][T11536] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.203383][T11536] bridge_slave_0: entered allmulticast mode
[  159.209723][T11536] bridge_slave_0: entered promiscuous mode
[  159.214713][T11536] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.219911][T11536] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.223221][T11536] bridge_slave_1: entered allmulticast mode
[  159.228214][T11536] bridge_slave_1: entered promiscuous mode
[  159.283944][T11536] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.328882][T11536] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.338150][T11559] geneve4: entered promiscuous mode
[  159.340410][T11559] geneve4: entered allmulticast mode
[  159.414003][T11536] team0: Port device team_slave_0 added
[  159.419690][T11536] team0: Port device team_slave_1 added
[  159.498324][T11536] batman_adv: batadv0: Adding interface: batadv_slave_0
[  159.501080][T11536] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.511188][T11536] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  159.520279][T11536] batman_adv: batadv0: Adding interface: batadv_slave_1
[  159.523127][T11536] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.535426][T11536] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.579367][ T1144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.662104][T11536] hsr_slave_0: entered promiscuous mode
[  159.664947][T11536] hsr_slave_1: entered promiscuous mode
[  159.668046][T11536] debugfs: 'hsr0' already exists in 'hsr'
[  159.669880][T11536] Cannot create hsr debugfs directory
[  159.680708][ T1144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.710980][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  159.710995][   T40] audit: type=1400 audit(1758375959.715:703): avc:  denied  { execute } for  pid=11576 comm="syz.3.1705" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  159.806441][ T1144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.898776][ T1144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.985251][   T34] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  160.016147][ T1144] bridge_slave_1: left allmulticast mode
[  160.018503][ T1144] bridge_slave_1: left promiscuous mode
[  160.022231][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.026442][   T53] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  160.030574][ T1144] bridge_slave_0: left allmulticast mode
[  160.032887][ T1144] bridge_slave_0: left promiscuous mode
[  160.035681][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.161709][   T34] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  160.167023][   T34] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  160.169893][   T34] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.172434][   T34] usb 8-1: Product: syz
[  160.173833][   T34] usb 8-1: Manufacturer: syz
[  160.175715][   T53] usb 9-1: Using ep0 maxpacket: 8
[  160.177684][   T34] usb 8-1: SerialNumber: syz
[  160.183461][   T34] usb 8-1: config 0 descriptor??
[  160.187445][   T53] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  160.194668][   T53] usb 9-1: config 0 has no interface number 0
[  160.197559][   T53] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  160.201043][   T53] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  160.204560][   T53] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.210994][   T53] usb 9-1: config 0 descriptor??
[  160.218078][   T53] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  160.345228][ T5974] Bluetooth: hci1: command tx timeout
[  160.500220][ T1144] bond0 (unregistering): Released all slaves
[  160.570681][ T1144] : left promiscuous mode
[  160.669826][ T6035] usb 9-1: USB disconnect, device number 2
[  160.786672][ T1144] hsr_slave_0: left promiscuous mode
[  160.789515][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.792725][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.817360][ T1144] veth1_macvtap: left promiscuous mode
[  160.819781][ T1144] veth0_macvtap: left promiscuous mode
[  160.823643][ T1144] veth1_vlan: left promiscuous mode
[  160.978040][ T5974] Bluetooth: hci2: command tx timeout
[  161.139466][   T24] usb 8-1: USB disconnect, device number 13
[  161.481503][ T5974] Bluetooth: hci4: Malformed Event: 0x13
[  161.575189][   T40] audit: type=1400 audit(1758375961.575:704): avc:  denied  { write } for  pid=11620 comm="syz.4.1714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  162.326351][T11634] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  162.330214][T11635] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  162.416589][ T5974] Bluetooth: hci1: command tx timeout
[  162.457077][T11536] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  162.464126][T11536] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  162.477798][T11536] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  162.488003][T11536] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  162.494614][ T5974] Bluetooth: hci1: Malformed Event: 0x13
[  162.525764][T11665] No control pipe specified
[  162.570231][T11536] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.587053][T11536] 8021q: adding VLAN 0 to HW filter on device team0
[  162.601711][   T91] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.604774][   T91] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.620328][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.623422][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.644541][ T1144] IPVS: stop unused estimator thread 0...
[  162.825747][T11696] /dev/sg0: Can't lookup blockdev
[  162.829036][T11696] I/O error, dev loop3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.832046][T11699] autofs: Unknown parameter '„“µEÕOÄBËrÁý÷µî"˜Å¯?hã+K-m'
[  162.832215][T11696] MINIX-fs: unable to read superblock
[  162.904427][T11536] 8021q: adding VLAN 0 to HW filter on device batadv0
[  162.918377][T11702] netlink: 'syz.4.1734': attribute type 2 has an invalid length.
[  162.968773][T11536] veth0_vlan: entered promiscuous mode
[  162.997238][T11536] veth1_vlan: entered promiscuous mode
[  163.020606][T11536] veth0_macvtap: entered promiscuous mode
[  163.027321][T11536] veth1_macvtap: entered promiscuous mode
[  163.039502][T11536] batman_adv: batadv0: Interface activated: batadv_slave_0
[  163.047674][T11536] batman_adv: batadv0: Interface activated: batadv_slave_1
[  163.068191][ T5974] Bluetooth: hci2: command tx timeout
[  163.070362][   T91] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.074900][   T91] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.085464][   T61] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.088219][   T61] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.123837][T11716] __nla_validate_parse: 1 callbacks suppressed
[  163.123853][T11716] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1738'.
[  163.130177][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.133097][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.167838][   T91] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.170318][   T91] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.235696][T11723] FAULT_INJECTION: forcing a failure.
[  163.235696][T11723] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  163.240319][T11723] CPU: 3 UID: 0 PID: 11723 Comm: syz.5.1739 Not tainted syzkaller #0 PREEMPT(full) 
[  163.240334][T11723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.240341][T11723] Call Trace:
[  163.240345][T11723]  <TASK>
[  163.240349][T11723]  dump_stack_lvl+0x16c/0x1f0
[  163.240384][T11723]  should_fail_ex+0x512/0x640
[  163.240404][T11723]  _copy_from_user+0x2e/0xd0
[  163.240426][T11723]  copy_msghdr_from_user+0x98/0x160
[  163.240441][T11723]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  163.240461][T11723]  ___sys_sendmsg+0xfe/0x1d0
[  163.240475][T11723]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.240505][T11723]  __sys_sendmsg+0x16d/0x220
[  163.240519][T11723]  ? __pfx___sys_sendmsg+0x10/0x10
[  163.240541][T11723]  do_syscall_64+0xcd/0x4e0
[  163.240563][T11723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.240574][T11723] RIP: 0033:0x7f1000d8ec29
[  163.240583][T11723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.240594][T11723] RSP: 002b:00007f1001c5b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.240605][T11723] RAX: ffffffffffffffda RBX: 00007f1000fd5fa0 RCX: 00007f1000d8ec29
[  163.240612][T11723] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  163.240618][T11723] RBP: 00007f1001c5b090 R08: 0000000000000000 R09: 0000000000000000
[  163.240625][T11723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.240631][T11723] R13: 00007f1000fd6038 R14: 00007f1000fd5fa0 R15: 00007ffcc0712238
[  163.240644][T11723]  </TASK>
[  163.490782][T11742] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1746'.
[  163.556933][T11744] netlink: 'syz.3.1747': attribute type 1 has an invalid length.
[  163.698801][T11752] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11752 comm=syz.3.1749
[  163.773377][T11761] FAULT_INJECTION: forcing a failure.
[  163.773377][T11761] name failslab, interval 1, probability 0, space 0, times 0
[  163.779504][T11761] CPU: 3 UID: 0 PID: 11761 Comm: syz.5.1752 Not tainted syzkaller #0 PREEMPT(full) 
[  163.779529][T11761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.779539][T11761] Call Trace:
[  163.779546][T11761]  <TASK>
[  163.779553][T11761]  dump_stack_lvl+0x16c/0x1f0
[  163.779581][T11761]  should_fail_ex+0x512/0x640
[  163.779605][T11761]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  163.779626][T11761]  should_failslab+0xc2/0x120
[  163.779654][T11761]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  163.779674][T11761]  ? __alloc_skb+0x2b2/0x380
[  163.779698][T11761]  __alloc_skb+0x2b2/0x380
[  163.779718][T11761]  ? __pfx___alloc_skb+0x10/0x10
[  163.779741][T11761]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  163.779768][T11761]  netlink_alloc_large_skb+0x69/0x130
[  163.779792][T11761]  netlink_sendmsg+0x6a1/0xdd0
[  163.779819][T11761]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.779847][T11761]  ____sys_sendmsg+0xa95/0xc70
[  163.779874][T11761]  ? copy_msghdr_from_user+0x10a/0x160
[  163.779896][T11761]  ? __pfx_____sys_sendmsg+0x10/0x10
[  163.779933][T11761]  ___sys_sendmsg+0x134/0x1d0
[  163.779958][T11761]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.780009][T11761]  __sys_sendmsg+0x16d/0x220
[  163.780031][T11761]  ? __pfx___sys_sendmsg+0x10/0x10
[  163.780070][T11761]  do_syscall_64+0xcd/0x4e0
[  163.780095][T11761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.780114][T11761] RIP: 0033:0x7f1000d8ec29
[  163.780129][T11761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.780145][T11761] RSP: 002b:00007f1001c5b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.780163][T11761] RAX: ffffffffffffffda RBX: 00007f1000fd5fa0 RCX: 00007f1000d8ec29
[  163.780176][T11761] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  163.780187][T11761] RBP: 00007f1001c5b090 R08: 0000000000000000 R09: 0000000000000000
[  163.780199][T11761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.780208][T11761] R13: 00007f1000fd6038 R14: 00007f1000fd5fa0 R15: 00007ffcc0712238
[  163.780232][T11761]  </TASK>
[  163.934750][   T40] audit: type=1400 audit(1758375963.935:705): avc:  denied  { bind } for  pid=11768 comm="syz.3.1755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  163.982496][T11775] Malformed UNC in devname
[  163.982496][T11775] 
[  163.984824][T11775] CIFS: VFS: Malformed UNC in devname
[  164.251524][T11785] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1761'.
[  164.255887][T11785] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1761'.
[  164.268525][T11785] overlayfs: missing 'workdir'
[  164.276365][ T6035] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  164.397633][T11788] netlink: 'syz.4.1762': attribute type 4 has an invalid length.
[  164.405858][T11788] netlink: 'syz.4.1762': attribute type 4 has an invalid length.
[  164.436193][ T6035] usb 10-1: Using ep0 maxpacket: 16
[  164.443719][ T6035] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.447880][ T6035] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.452046][ T6035] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  164.459311][ T6035] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  164.463105][ T6035] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.476300][ T6035] usb 10-1: config 0 descriptor??
[  164.495366][ T5978] Bluetooth: hci1: command tx timeout
[  164.525030][T11807] netlink: 'syz.3.1768': attribute type 13 has an invalid length.
[  164.849528][T11818] FAULT_INJECTION: forcing a failure.
[  164.849528][T11818] name failslab, interval 1, probability 0, space 0, times 0
[  164.854634][T11818] CPU: 2 UID: 0 PID: 11818 Comm: syz.4.1771 Not tainted syzkaller #0 PREEMPT(full) 
[  164.854656][T11818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.854667][T11818] Call Trace:
[  164.854672][T11818]  <TASK>
[  164.854680][T11818]  dump_stack_lvl+0x16c/0x1f0
[  164.854724][T11818]  should_fail_ex+0x512/0x640
[  164.854758][T11818]  ? fs_reclaim_acquire+0xae/0x150
[  164.854784][T11818]  ? tomoyo_encode2+0x100/0x3e0
[  164.854807][T11818]  should_failslab+0xc2/0x120
[  164.854826][T11818]  __kmalloc_noprof+0xd2/0x510
[  164.854849][T11818]  tomoyo_encode2+0x100/0x3e0
[  164.854875][T11818]  tomoyo_encode+0x29/0x50
[  164.854899][T11818]  tomoyo_realpath_from_path+0x18f/0x6e0
[  164.854930][T11818]  ? tomoyo_profile+0x47/0x60
[  164.854948][T11818]  tomoyo_path_number_perm+0x245/0x580
[  164.854967][T11818]  ? tomoyo_path_number_perm+0x237/0x580
[  164.854989][T11818]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  164.855029][T11818]  ? find_held_lock+0x2b/0x80
[  164.855074][T11818]  ? find_held_lock+0x2b/0x80
[  164.855109][T11818]  ? hook_file_ioctl_common+0x145/0x410
[  164.855133][T11818]  ? __fget_files+0x20e/0x3c0
[  164.855156][T11818]  security_file_ioctl+0x9b/0x240
[  164.855181][T11818]  __x64_sys_ioctl+0xb7/0x210
[  164.855212][T11818]  do_syscall_64+0xcd/0x4e0
[  164.855247][T11818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.855263][T11818] RIP: 0033:0x7ff9b058ec29
[  164.855279][T11818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.855294][T11818] RSP: 002b:00007ff9b13b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.855320][T11818] RAX: ffffffffffffffda RBX: 00007ff9b07d5fa0 RCX: 00007ff9b058ec29
[  164.855331][T11818] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  164.855343][T11818] RBP: 00007ff9b13b0090 R08: 0000000000000000 R09: 0000000000000000
[  164.855354][T11818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.855365][T11818] R13: 00007ff9b07d6038 R14: 00007ff9b07d5fa0 R15: 00007ffc578b0e48
[  164.855391][T11818]  </TASK>
[  164.893510][ T6035] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:05AC:8241.000E/input/input24
[  164.896320][T11818] ERROR: Out of memory at tomoyo_realpath_from_path.
[  164.947054][T11820] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1772'.
[  164.983020][ T6035] appleir 0003:05AC:8241.000E: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[  165.128594][T11836] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1779'.
[  165.132478][T11837] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1779'.
[  165.145402][   T63] Bluetooth: hci2: command tx timeout
[  165.325327][    T9] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  165.495168][    T9] usb 8-1: Using ep0 maxpacket: 16
[  165.500920][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.509848][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.514499][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  165.522066][    T9] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  165.525800][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.530422][    T9] usb 8-1: config 0 descriptor??
[  165.610798][   T34] usb 10-1: USB disconnect, device number 2
[  165.684188][T11863] FAULT_INJECTION: forcing a failure.
[  165.684188][T11863] name failslab, interval 1, probability 0, space 0, times 0
[  165.690373][T11863] CPU: 2 UID: 0 PID: 11863 Comm: syz.5.1784 Not tainted syzkaller #0 PREEMPT(full) 
[  165.690395][T11863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.690405][T11863] Call Trace:
[  165.690411][T11863]  <TASK>
[  165.690418][T11863]  dump_stack_lvl+0x16c/0x1f0
[  165.690443][T11863]  should_fail_ex+0x512/0x640
[  165.690464][T11863]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  165.690492][T11863]  should_failslab+0xc2/0x120
[  165.690511][T11863]  __kmalloc_cache_noprof+0x6a/0x3e0
[  165.690536][T11863]  ? rcu_is_watching+0x12/0xc0
[  165.690556][T11863]  ? vhost_task_create+0xe5/0x2e0
[  165.690574][T11863]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  165.690597][T11863]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  165.690623][T11863]  vhost_task_create+0xe5/0x2e0
[  165.690639][T11863]  ? __pfx_vhost_task_create+0x10/0x10
[  165.690663][T11863]  ? __pfx_vhost_task_fn+0x10/0x10
[  165.690697][T11863]  kvm_mmu_post_init_vm+0x1b7/0x380
[  165.690718][T11863]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  165.690741][T11863]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  165.690768][T11863]  kvm_vcpu_ioctl+0x5eb/0x1690
[  165.690792][T11863]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  165.690813][T11863]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.690834][T11863]  ? do_vfs_ioctl+0x128/0x14f0
[  165.690859][T11863]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  165.690883][T11863]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  165.690916][T11863]  ? hook_file_ioctl_common+0x145/0x410
[  165.690938][T11863]  ? selinux_file_ioctl+0x180/0x270
[  165.690960][T11863]  ? selinux_file_ioctl+0xb4/0x270
[  165.690985][T11863]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  165.691036][T11863]  __x64_sys_ioctl+0x18e/0x210
[  165.691063][T11863]  do_syscall_64+0xcd/0x4e0
[  165.691088][T11863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.691104][T11863] RIP: 0033:0x7f1000d8ec29
[  165.691117][T11863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.691132][T11863] RSP: 002b:00007f1001c5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.691149][T11863] RAX: ffffffffffffffda RBX: 00007f1000fd5fa0 RCX: 00007f1000d8ec29
[  165.691160][T11863] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  165.691170][T11863] RBP: 00007f1001c5b090 R08: 0000000000000000 R09: 0000000000000000
[  165.691179][T11863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.691189][T11863] R13: 00007f1000fd6038 R14: 00007f1000fd5fa0 R15: 00007ffcc0712238
[  165.691211][T11863]  </TASK>
[  165.931378][T11868] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1785'.
[  165.937977][    T9] hid_parser_main: 73 callbacks suppressed
[  165.937989][    T9] shield 0003:0955:7214.000F: unknown main item tag 0x0
[  165.942118][    T9] shield 0003:0955:7214.000F: unknown main item tag 0x0
[  165.944408][    T9] shield 0003:0955:7214.000F: unknown main item tag 0x0
[  165.946719][    T9] shield 0003:0955:7214.000F: unknown main item tag 0x0
[  165.948908][    T9] shield 0003:0955:7214.000F: unknown main item tag 0x0
[  165.954073][    T9] input: HID 0955:7214 Haptics as /devices/virtual/input/input25
[  165.976131][    T9] shield 0003:0955:7214.000F: Registered Thunderstrike controller
[  165.979125][    T9] shield 0003:0955:7214.000F: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  166.140492][ T6065] shield 0003:0955:7214.000F: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  166.140615][   T24] usb 8-1: USB disconnect, device number 14
[  166.145626][ T6065] shield 0003:0955:7214.000F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  166.151044][ T6065] shield 0003:0955:7214.000F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  166.155321][ T6065] shield 0003:0955:7214.000F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  166.253021][   T40] audit: type=1400 audit(1758375966.255:706): avc:  denied  { accept } for  pid=11879 comm="syz.0.1786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  166.256527][   T63] Bluetooth: hci2: Malformed Event: 0x13
[  166.369364][   T40] audit: type=1400 audit(1758375966.375:707): avc:  denied  { create } for  pid=11887 comm="syz.0.1789" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  166.377804][   T40] audit: type=1400 audit(1758375966.385:708): avc:  denied  { setopt } for  pid=11887 comm="syz.0.1789" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  166.577037][   T63] Bluetooth: hci1: command 0x0406 tx timeout
[  166.616443][T11898] FAULT_INJECTION: forcing a failure.
[  166.616443][T11898] name failslab, interval 1, probability 0, space 0, times 0
[  166.620443][T11898] CPU: 3 UID: 0 PID: 11898 Comm: syz.0.1793 Not tainted syzkaller #0 PREEMPT(full) 
[  166.620458][T11898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.620465][T11898] Call Trace:
[  166.620469][T11898]  <TASK>
[  166.620477][T11898]  dump_stack_lvl+0x16c/0x1f0
[  166.620495][T11898]  should_fail_ex+0x512/0x640
[  166.620510][T11898]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  166.620524][T11898]  should_failslab+0xc2/0x120
[  166.620537][T11898]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  166.620549][T11898]  ? copy_process+0x4b6/0x7690
[  166.620565][T11898]  ? _raw_spin_unlock_irq+0x23/0x50
[  166.620593][T11898]  copy_process+0x4b6/0x7690
[  166.620615][T11898]  ? __pfx_copy_process+0x10/0x10
[  166.620632][T11898]  ? lockdep_init_map_type+0x5c/0x280
[  166.620644][T11898]  ? lockdep_init_map_type+0x5c/0x280
[  166.620655][T11898]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  166.620670][T11898]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  166.620688][T11898]  vhost_task_create+0x1d2/0x2e0
[  166.620700][T11898]  ? __pfx_vhost_task_create+0x10/0x10
[  166.620715][T11898]  ? __pfx_vhost_task_fn+0x10/0x10
[  166.620733][T11898]  kvm_mmu_post_init_vm+0x1b7/0x380
[  166.620747][T11898]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  166.620764][T11898]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  166.620781][T11898]  kvm_vcpu_ioctl+0x5eb/0x1690
[  166.620797][T11898]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.620812][T11898]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.620827][T11898]  ? do_vfs_ioctl+0x128/0x14f0
[  166.620844][T11898]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  166.620861][T11898]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  166.620884][T11898]  ? hook_file_ioctl_common+0x145/0x410
[  166.620899][T11898]  ? selinux_file_ioctl+0x180/0x270
[  166.620915][T11898]  ? selinux_file_ioctl+0xb4/0x270
[  166.620931][T11898]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.620946][T11898]  __x64_sys_ioctl+0x18e/0x210
[  166.620964][T11898]  do_syscall_64+0xcd/0x4e0
[  166.620980][T11898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.620991][T11898] RIP: 0033:0x7f8c48b8ec29
[  166.621000][T11898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.621011][T11898] RSP: 002b:00007f8c49a58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.621022][T11898] RAX: ffffffffffffffda RBX: 00007f8c48dd5fa0 RCX: 00007f8c48b8ec29
[  166.621029][T11898] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  166.621035][T11898] RBP: 00007f8c49a58090 R08: 0000000000000000 R09: 0000000000000000
[  166.621042][T11898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.621048][T11898] R13: 00007f8c48dd6038 R14: 00007f8c48dd5fa0 R15: 00007ffde397d7d8
[  166.621062][T11898]  </TASK>
[  166.638123][T11901] exFAT-fs (nullb0): mounting with "discard" option, but the device does not support discard
[  166.725055][T11901] exFAT-fs (nullb0): invalid boot record signature
[  166.727919][T11901] exFAT-fs (nullb0): failed to read boot sector
[  166.730657][T11901] exFAT-fs (nullb0): failed to recognize exfat type
[  166.855068][T11917] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  166.898568][   T63] Bluetooth: to_multiplier 54284 > 3200
[  166.911960][   T40] audit: type=1400 audit(1758375966.915:709): avc:  denied  { connect } for  pid=11929 comm="syz.4.1803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  166.919019][T11930] [U] 
[  166.920387][T11930] [U] 
[  166.921533][T11930] [U] 
[  166.922676][T11930] [U] 
[  166.923969][T11930] [U] 
[  166.925126][T11930] [U] 
[  166.926246][T11930] [U] 
[  166.927139][T11930] [U] 
[  166.929767][T11930] [U] 
[  166.930936][T11930] [U] 
[  166.932109][T11930] [U] 
[  166.933282][T11930] [U] 
[  166.934780][T11930] [U] 
[  166.936042][T11930] [U] 
[  166.937256][T11930] [U] 
[  166.938410][T11930] [U] 
[  166.968338][T11933] FAULT_INJECTION: forcing a failure.
[  166.968338][T11933] name failslab, interval 1, probability 0, space 0, times 0
[  166.972591][T11933] CPU: 0 UID: 0 PID: 11933 Comm: syz.5.1804 Not tainted syzkaller #0 PREEMPT(full) 
[  166.972605][T11933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.972612][T11933] Call Trace:
[  166.972617][T11933]  <TASK>
[  166.972621][T11933]  dump_stack_lvl+0x16c/0x1f0
[  166.972639][T11933]  should_fail_ex+0x512/0x640
[  166.972656][T11933]  should_failslab+0xc2/0x120
[  166.972669][T11933]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  166.972682][T11933]  ? skb_clone+0x190/0x3f0
[  166.972698][T11933]  skb_clone+0x190/0x3f0
[  166.972712][T11933]  netlink_deliver_tap+0xabd/0xd30
[  166.972731][T11933]  netlink_unicast+0x64c/0x870
[  166.972747][T11933]  ? __pfx_netlink_unicast+0x10/0x10
[  166.972762][T11933]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  166.972781][T11933]  netlink_sendmsg+0x8d1/0xdd0
[  166.972798][T11933]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.972820][T11933]  ____sys_sendmsg+0xa95/0xc70
[  166.972838][T11933]  ? copy_msghdr_from_user+0x10a/0x160
[  166.972852][T11933]  ? __pfx_____sys_sendmsg+0x10/0x10
[  166.972875][T11933]  ___sys_sendmsg+0x134/0x1d0
[  166.972889][T11933]  ? __pfx____sys_sendmsg+0x10/0x10
[  166.972920][T11933]  __sys_sendmsg+0x16d/0x220
[  166.972933][T11933]  ? __pfx___sys_sendmsg+0x10/0x10
[  166.972956][T11933]  do_syscall_64+0xcd/0x4e0
[  166.972972][T11933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.972983][T11933] RIP: 0033:0x7f1000d8ec29
[  166.972992][T11933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.973003][T11933] RSP: 002b:00007f1001c5b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  166.973013][T11933] RAX: ffffffffffffffda RBX: 00007f1000fd5fa0 RCX: 00007f1000d8ec29
[  166.973020][T11933] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000006
[  166.973027][T11933] RBP: 00007f1001c5b090 R08: 0000000000000000 R09: 0000000000000000
[  166.973033][T11933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.973039][T11933] R13: 00007f1000fd6038 R14: 00007f1000fd5fa0 R15: 00007ffcc0712238
[  166.973053][T11933]  </TASK>
[  167.004138][T11929] [U] 
[  167.050445][T11937] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1805'.
[  167.065642][T11937] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1805'.
[  167.070645][   T40] audit: type=1400 audit(1758375967.075:710): avc:  denied  { write } for  pid=11936 comm="syz.5.1805" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  167.143190][T11941] FAULT_INJECTION: forcing a failure.
[  167.143190][T11941] name failslab, interval 1, probability 0, space 0, times 0
[  167.147394][T11941] CPU: 0 UID: 0 PID: 11941 Comm: syz.4.1807 Not tainted syzkaller #0 PREEMPT(full) 
[  167.147415][T11941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.147427][T11941] Call Trace:
[  167.147434][T11941]  <TASK>
[  167.147440][T11941]  dump_stack_lvl+0x16c/0x1f0
[  167.147460][T11941]  should_fail_ex+0x512/0x640
[  167.147474][T11941]  ? __kmalloc_noprof+0xbf/0x510
[  167.147487][T11941]  ? lsm_blob_alloc+0x68/0x90
[  167.147498][T11941]  should_failslab+0xc2/0x120
[  167.147511][T11941]  __kmalloc_noprof+0xd2/0x510
[  167.147522][T11941]  ? __pfx_perf_event_init_task+0x10/0x10
[  167.147538][T11941]  ? audit_alloc+0xa2/0x7b0
[  167.147554][T11941]  lsm_blob_alloc+0x68/0x90
[  167.147566][T11941]  security_task_alloc+0x2d/0x260
[  167.147577][T11941]  copy_process+0x2205/0x7690
[  167.147599][T11941]  ? __pfx_copy_process+0x10/0x10
[  167.147623][T11941]  ? lockdep_init_map_type+0x5c/0x280
[  167.147635][T11941]  ? lockdep_init_map_type+0x5c/0x280
[  167.147645][T11941]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  167.147661][T11941]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  167.147679][T11941]  vhost_task_create+0x1d2/0x2e0
[  167.147691][T11941]  ? __pfx_vhost_task_create+0x10/0x10
[  167.147706][T11941]  ? __pfx_vhost_task_fn+0x10/0x10
[  167.147723][T11941]  kvm_mmu_post_init_vm+0x1b7/0x380
[  167.147738][T11941]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  167.147754][T11941]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  167.147771][T11941]  kvm_vcpu_ioctl+0x5eb/0x1690
[  167.147788][T11941]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  167.147802][T11941]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  167.147816][T11941]  ? do_vfs_ioctl+0x128/0x14f0
[  167.147833][T11941]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  167.147851][T11941]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  167.147874][T11941]  ? hook_file_ioctl_common+0x145/0x410
[  167.147889][T11941]  ? selinux_file_ioctl+0x180/0x270
[  167.147905][T11941]  ? selinux_file_ioctl+0xb4/0x270
[  167.147921][T11941]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  167.147936][T11941]  __x64_sys_ioctl+0x18e/0x210
[  167.147954][T11941]  do_syscall_64+0xcd/0x4e0
[  167.147971][T11941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.147981][T11941] RIP: 0033:0x7ff9b058ec29
[  167.147991][T11941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.148002][T11941] RSP: 002b:00007ff9b13b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.148013][T11941] RAX: ffffffffffffffda RBX: 00007ff9b07d5fa0 RCX: 00007ff9b058ec29
[  167.148019][T11941] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  167.148026][T11941] RBP: 00007ff9b13b0090 R08: 0000000000000000 R09: 0000000000000000
[  167.148032][T11941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.148038][T11941] R13: 00007ff9b07d6038 R14: 00007ff9b07d5fa0 R15: 00007ffc578b0e48
[  167.148052][T11941]  </TASK>
[  167.215238][   T63] Bluetooth: hci2: command 0x0419 tx timeout
[  167.323331][T11957] FAULT_INJECTION: forcing a failure.
[  167.323331][T11957] name failslab, interval 1, probability 0, space 0, times 0
[  167.328044][T11957] CPU: 3 UID: 0 PID: 11957 Comm: syz.4.1813 Not tainted syzkaller #0 PREEMPT(full) 
[  167.328065][T11957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.328074][T11957] Call Trace:
[  167.328080][T11957]  <TASK>
[  167.328087][T11957]  dump_stack_lvl+0x16c/0x1f0
[  167.328106][T11957]  should_fail_ex+0x512/0x640
[  167.328120][T11957]  ? __kmalloc_noprof+0xbf/0x510
[  167.328134][T11957]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  167.328152][T11957]  should_failslab+0xc2/0x120
[  167.328165][T11957]  __kmalloc_noprof+0xd2/0x510
[  167.328179][T11957]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  167.328200][T11957]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  167.328218][T11957]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  167.328240][T11957]  ? bpf_lsm_capable+0x9/0x10
[  167.328255][T11957]  ? security_capable+0x7e/0x260
[  167.328270][T11957]  ? ns_capable+0xd7/0x110
[  167.328284][T11957]  genl_rcv_msg+0x55c/0x800
[  167.328303][T11957]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.328320][T11957]  ? __pfx_mptcp_pm_nl_add_addr_doit+0x10/0x10
[  167.328338][T11957]  netlink_rcv_skb+0x158/0x420
[  167.328353][T11957]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.328374][T11957]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  167.328403][T11957]  ? netlink_deliver_tap+0x1ae/0xd30
[  167.328428][T11957]  genl_rcv+0x28/0x40
[  167.328450][T11957]  netlink_unicast+0x5a7/0x870
[  167.328479][T11957]  ? __pfx_netlink_unicast+0x10/0x10
[  167.328500][T11957]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  167.328519][T11957]  netlink_sendmsg+0x8d1/0xdd0
[  167.328536][T11957]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.328557][T11957]  ____sys_sendmsg+0xa95/0xc70
[  167.328574][T11957]  ? copy_msghdr_from_user+0x10a/0x160
[  167.328588][T11957]  ? __pfx_____sys_sendmsg+0x10/0x10
[  167.328611][T11957]  ___sys_sendmsg+0x134/0x1d0
[  167.328626][T11957]  ? __pfx____sys_sendmsg+0x10/0x10
[  167.328656][T11957]  __sys_sendmsg+0x16d/0x220
[  167.328670][T11957]  ? __pfx___sys_sendmsg+0x10/0x10
[  167.328698][T11957]  do_syscall_64+0xcd/0x4e0
[  167.328714][T11957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.328726][T11957] RIP: 0033:0x7ff9b058ec29
[  167.328735][T11957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.328747][T11957] RSP: 002b:00007ff9b13b0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  167.328762][T11957] RAX: ffffffffffffffda RBX: 00007ff9b07d5fa0 RCX: 00007ff9b058ec29
[  167.328770][T11957] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000006
[  167.328777][T11957] RBP: 00007ff9b13b0090 R08: 0000000000000000 R09: 0000000000000000
[  167.328783][T11957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.328789][T11957] R13: 00007ff9b07d6038 R14: 00007ff9b07d5fa0 R15: 00007ffc578b0e48
[  167.328803][T11957]  </TASK>
[  167.493269][T11968] openvswitch: netlink: Flow actions attr not present in new flow.
[  167.497812][T11968] netlink: 'syz.0.1818': attribute type 1 has an invalid length.
[  167.647537][T11995] netlink: 'syz.3.1826': attribute type 21 has an invalid length.
[  167.650830][T11995] IPv6: NLM_F_CREATE should be specified when creating new route
[  167.673082][T11998] fuse: Bad value for 'user_id'
[  167.674684][T11998] fuse: Bad value for 'user_id'
[  168.146153][   T40] audit: type=1400 audit(1758375968.155:711): avc:  denied  { read } for  pid=12030 comm="syz.5.1840" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  168.154604][   T40] audit: type=1400 audit(1758375968.155:712): avc:  denied  { open } for  pid=12030 comm="syz.5.1840" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  168.426469][   T54] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  168.590956][   T54] usb 10-1: Using ep0 maxpacket: 16
[  168.594955][   T54] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.598408][   T54] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.601395][   T54] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  168.605544][   T54] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  168.608332][   T54] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.611969][   T54] usb 10-1: config 0 descriptor??
[  168.843737][T12047] netlink: 'syz.4.1846': attribute type 1 has an invalid length.
[  168.846610][T12047] netlink: 'syz.4.1846': attribute type 4 has an invalid length.
[  168.849225][T12047] __nla_validate_parse: 3 callbacks suppressed
[  168.849234][T12047] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1846'.
[  168.975194][   T63] Bluetooth: hci4: command tx timeout
[  169.052169][T12055] netlink: 'syz.4.1849': attribute type 9 has an invalid length.
[  169.054906][T12055] netlink: 'syz.4.1849': attribute type 7 has an invalid length.
[  169.057690][T12055] netlink: 'syz.4.1849': attribute type 8 has an invalid length.
[  169.178318][T12063] FAULT_INJECTION: forcing a failure.
[  169.178318][T12063] name failslab, interval 1, probability 0, space 0, times 0
[  169.182332][T12063] CPU: 2 UID: 0 PID: 12063 Comm: syz.3.1852 Not tainted syzkaller #0 PREEMPT(full) 
[  169.182376][T12063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.182383][T12063] Call Trace:
[  169.182387][T12063]  <TASK>
[  169.182392][T12063]  dump_stack_lvl+0x16c/0x1f0
[  169.182410][T12063]  should_fail_ex+0x512/0x640
[  169.182425][T12063]  ? __kmalloc_noprof+0xbf/0x510
[  169.182446][T12063]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  169.182476][T12063]  should_failslab+0xc2/0x120
[  169.182488][T12063]  __kmalloc_noprof+0xd2/0x510
[  169.182502][T12063]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  169.182524][T12063]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  169.182541][T12063]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  169.182563][T12063]  ? bpf_lsm_capable+0x9/0x10
[  169.182579][T12063]  ? security_capable+0x7e/0x260
[  169.182593][T12063]  ? ns_capable+0xd7/0x110
[  169.182610][T12063]  genl_rcv_msg+0x55c/0x800
[  169.182628][T12063]  ? __pfx_genl_rcv_msg+0x10/0x10
[  169.182645][T12063]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  169.182665][T12063]  netlink_rcv_skb+0x158/0x420
[  169.182680][T12063]  ? __pfx_genl_rcv_msg+0x10/0x10
[  169.182697][T12063]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  169.182718][T12063]  ? netlink_deliver_tap+0x1ae/0xd30
[  169.182734][T12063]  genl_rcv+0x28/0x40
[  169.182749][T12063]  netlink_unicast+0x5a7/0x870
[  169.182765][T12063]  ? __pfx_netlink_unicast+0x10/0x10
[  169.182780][T12063]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  169.182799][T12063]  netlink_sendmsg+0x8d1/0xdd0
[  169.182818][T12063]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.182838][T12063]  ____sys_sendmsg+0xa95/0xc70
[  169.182855][T12063]  ? copy_msghdr_from_user+0x10a/0x160
[  169.182869][T12063]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.182893][T12063]  ___sys_sendmsg+0x134/0x1d0
[  169.182907][T12063]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.182938][T12063]  __sys_sendmsg+0x16d/0x220
[  169.182952][T12063]  ? __pfx___sys_sendmsg+0x10/0x10
[  169.182991][T12063]  ? rcu_is_watching+0x12/0xc0
[  169.183035][T12063]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  169.183053][T12063]  do_syscall_64+0xcd/0x4e0
[  169.183069][T12063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.183080][T12063] RIP: 0033:0x7f17cb18ec29
[  169.183089][T12063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.183099][T12063] RSP: 002b:00007f17cc0fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.183110][T12063] RAX: ffffffffffffffda RBX: 00007f17cb3d5fa0 RCX: 00007f17cb18ec29
[  169.183117][T12063] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  169.183123][T12063] RBP: 00007f17cc0fa090 R08: 0000000000000000 R09: 0000000000000000
[  169.183129][T12063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.183135][T12063] R13: 00007f17cb3d6038 R14: 00007f17cb3d5fa0 R15: 00007ffcdb239658
[  169.183149][T12063]  </TASK>
[  169.295971][   T63] Bluetooth: hci2: command 0x0419 tx timeout
[  169.300179][T12057] /dev/sr0: Can't open blockdev
[  169.381745][   T40] audit: type=1326 audit(1758375969.385:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12039 comm="syz.0.1844" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c48b8ec29 code=0x7fc00000
[  169.393065][   T40] audit: type=1326 audit(1758375969.385:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12039 comm="syz.0.1844" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8c48b8ec29 code=0x7fc00000
[  169.396327][T12058] /dev/sr0: Can't open blockdev
[  169.404247][   T40] audit: type=1326 audit(1758375969.385:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12039 comm="syz.0.1844" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c48b8ec29 code=0x7fc00000
[  169.549069][   T54] usbhid 10-1:0.0: can't add hid device: -71
[  169.551527][   T54] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  169.564650][   T54] usb 10-1: USB disconnect, device number 3
[  169.735203][T12093] comedi comedi3: comedi_config --init_data is deprecated
[  169.933688][T12106] FAULT_INJECTION: forcing a failure.
[  169.933688][T12106] name failslab, interval 1, probability 0, space 0, times 0
[  169.939421][T12106] CPU: 1 UID: 0 PID: 12106 Comm: syz.3.1867 Not tainted syzkaller #0 PREEMPT(full) 
[  169.939446][T12106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.939456][T12106] Call Trace:
[  169.939462][T12106]  <TASK>
[  169.939469][T12106]  dump_stack_lvl+0x16c/0x1f0
[  169.939495][T12106]  should_fail_ex+0x512/0x640
[  169.939518][T12106]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  169.939540][T12106]  should_failslab+0xc2/0x120
[  169.939560][T12106]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  169.939579][T12106]  ? __alloc_skb+0x2b2/0x380
[  169.939603][T12106]  __alloc_skb+0x2b2/0x380
[  169.939627][T12106]  ? __pfx___alloc_skb+0x10/0x10
[  169.939646][T12106]  ? genl_rcv_msg+0x4bb/0x800
[  169.939680][T12106]  netlink_ack+0x15d/0xb80
[  169.939711][T12106]  netlink_rcv_skb+0x332/0x420
[  169.939734][T12106]  ? __pfx_genl_rcv_msg+0x10/0x10
[  169.939760][T12106]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  169.939795][T12106]  ? netlink_deliver_tap+0x1ae/0xd30
[  169.939821][T12106]  genl_rcv+0x28/0x40
[  169.939843][T12106]  netlink_unicast+0x5a7/0x870
[  169.939870][T12106]  ? __pfx_netlink_unicast+0x10/0x10
[  169.939895][T12106]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  169.939926][T12106]  netlink_sendmsg+0x8d1/0xdd0
[  169.939954][T12106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.939987][T12106]  ____sys_sendmsg+0xa95/0xc70
[  169.940014][T12106]  ? copy_msghdr_from_user+0x10a/0x160
[  169.940036][T12106]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.940075][T12106]  ___sys_sendmsg+0x134/0x1d0
[  169.940098][T12106]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.940152][T12106]  __sys_sendmsg+0x16d/0x220
[  169.940174][T12106]  ? __pfx___sys_sendmsg+0x10/0x10
[  169.940214][T12106]  do_syscall_64+0xcd/0x4e0
[  169.940238][T12106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.940256][T12106] RIP: 0033:0x7f17cb18ec29
[  169.940270][T12106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.940286][T12106] RSP: 002b:00007f17cc0fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.940304][T12106] RAX: ffffffffffffffda RBX: 00007f17cb3d5fa0 RCX: 00007f17cb18ec29
[  169.940316][T12106] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000006
[  169.940327][T12106] RBP: 00007f17cc0fa090 R08: 0000000000000000 R09: 0000000000000000
[  169.940337][T12106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.940348][T12106] R13: 00007f17cb3d6038 R14: 00007f17cb3d5fa0 R15: 00007ffcdb239658
[  169.940372][T12106]  </TASK>
[  170.046057][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.090327][ T6065] IPVS: starting estimator thread 0...
[  170.108274][T12108] qnx4: no qnx4 filesystem (no root dir).
[  170.175381][T12111] IPVS: using max 27 ests per chain, 64800 per kthread
[  170.325273][ T6053] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  170.487208][ T6053] usb 8-1: Using ep0 maxpacket: 8
[  170.490561][ T6053] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  170.493201][ T6053] usb 8-1: config 0 has no interface number 0
[  170.495548][ T6053] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  170.498969][ T6053] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  170.502406][ T6053] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.506460][ T6053] usb 8-1: config 0 descriptor??
[  170.517081][ T6053] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  170.586709][T12135] FAULT_INJECTION: forcing a failure.
[  170.586709][T12135] name failslab, interval 1, probability 0, space 0, times 0
[  170.592626][T12135] CPU: 2 UID: 0 PID: 12135 Comm: syz.5.1877 Not tainted syzkaller #0 PREEMPT(full) 
[  170.592651][T12135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.592662][T12135] Call Trace:
[  170.592669][T12135]  <TASK>
[  170.592675][T12135]  dump_stack_lvl+0x16c/0x1f0
[  170.592724][T12135]  should_fail_ex+0x512/0x640
[  170.592757][T12135]  should_failslab+0xc2/0x120
[  170.592779][T12135]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  170.592800][T12135]  ? skb_clone+0x190/0x3f0
[  170.592827][T12135]  skb_clone+0x190/0x3f0
[  170.592850][T12135]  netlink_deliver_tap+0xabd/0xd30
[  170.592879][T12135]  netlink_unicast+0x71f/0x870
[  170.592907][T12135]  ? __pfx_netlink_unicast+0x10/0x10
[  170.592932][T12135]  ? genl_rcv_msg+0x4bb/0x800
[  170.592965][T12135]  netlink_ack+0x696/0xb80
[  170.592996][T12135]  netlink_rcv_skb+0x332/0x420
[  170.593019][T12135]  ? __pfx_genl_rcv_msg+0x10/0x10
[  170.593047][T12135]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  170.593082][T12135]  ? netlink_deliver_tap+0x1ae/0xd30
[  170.593109][T12135]  genl_rcv+0x28/0x40
[  170.593131][T12135]  netlink_unicast+0x5a7/0x870
[  170.593159][T12135]  ? __pfx_netlink_unicast+0x10/0x10
[  170.593183][T12135]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  170.593215][T12135]  netlink_sendmsg+0x8d1/0xdd0
[  170.593244][T12135]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.593278][T12135]  ____sys_sendmsg+0xa95/0xc70
[  170.593306][T12135]  ? copy_msghdr_from_user+0x10a/0x160
[  170.593328][T12135]  ? __pfx_____sys_sendmsg+0x10/0x10
[  170.593373][T12135]  ___sys_sendmsg+0x134/0x1d0
[  170.593397][T12135]  ? __pfx____sys_sendmsg+0x10/0x10
[  170.593454][T12135]  __sys_sendmsg+0x16d/0x220
[  170.593477][T12135]  ? __pfx___sys_sendmsg+0x10/0x10
[  170.593518][T12135]  do_syscall_64+0xcd/0x4e0
[  170.593550][T12135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.593568][T12135] RIP: 0033:0x7f1000d8ec29
[  170.593584][T12135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.593600][T12135] RSP: 002b:00007f1001c5b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.593626][T12135] RAX: ffffffffffffffda RBX: 00007f1000fd5fa0 RCX: 00007f1000d8ec29
[  170.593637][T12135] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000006
[  170.593648][T12135] RBP: 00007f1001c5b090 R08: 0000000000000000 R09: 0000000000000000
[  170.593658][T12135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  170.593669][T12135] R13: 00007f1000fd6038 R14: 00007f1000fd5fa0 R15: 00007ffcc0712238
[  170.593694][T12135]  </TASK>
[  170.724065][ T6053] usb 8-1: USB disconnect, device number 15
[  170.779150][T12146] netlink: 'syz.4.1880': attribute type 10 has an invalid length.
[  170.788501][T12146] batman_adv: batadv0: Adding interface: team0
[  170.790676][T12146] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.799068][T12146] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  170.937241][T12154] FAULT_INJECTION: forcing a failure.
[  170.937241][T12154] name failslab, interval 1, probability 0, space 0, times 0
[  170.942104][T12154] CPU: 0 UID: 0 PID: 12154 Comm: syz.4.1882 Not tainted syzkaller #0 PREEMPT(full) 
[  170.942127][T12154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.942137][T12154] Call Trace:
[  170.942144][T12154]  <TASK>
[  170.942151][T12154]  dump_stack_lvl+0x16c/0x1f0
[  170.942177][T12154]  should_fail_ex+0x512/0x640
[  170.942197][T12154]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  170.942217][T12154]  should_failslab+0xc2/0x120
[  170.942236][T12154]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  170.942251][T12154]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  170.942275][T12154]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  170.942296][T12154]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  170.942338][T12154]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  170.942369][T12154]  mmu_topup_memory_caches+0x25/0x170
[  170.942387][T12154]  kvm_mmu_load+0xd6/0x23c0
[  170.942404][T12154]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  170.942422][T12154]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  170.942441][T12154]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  170.942463][T12154]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  170.942483][T12154]  ? __pfx_kvm_mmu_load+0x10/0x10
[  170.942498][T12154]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  170.942523][T12154]  ? kvm_check_and_inject_events+0x71c/0x1310
[  170.942550][T12154]  vcpu_run+0x35a3/0x55a0
[  170.942573][T12154]  ? __lock_acquire+0xb97/0x1ce0
[  170.942605][T12154]  ? __pfx_vcpu_run+0x10/0x10
[  170.942631][T12154]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  170.942651][T12154]  ? __local_bh_enable_ip+0xa4/0x120
[  170.942676][T12154]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  170.942702][T12154]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  170.942731][T12154]  kvm_vcpu_ioctl+0x5eb/0x1690
[  170.942755][T12154]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  170.942776][T12154]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  170.942797][T12154]  ? do_vfs_ioctl+0x128/0x14f0
[  170.942822][T12154]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  170.942850][T12154]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  170.942882][T12154]  ? hook_file_ioctl_common+0x145/0x410
[  170.942908][T12154]  ? selinux_file_ioctl+0x180/0x270
[  170.942928][T12154]  ? selinux_file_ioctl+0xb4/0x270
[  170.942978][T12154]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  170.943000][T12154]  __x64_sys_ioctl+0x18e/0x210
[  170.943025][T12154]  do_syscall_64+0xcd/0x4e0
[  170.943049][T12154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.943065][T12154] RIP: 0033:0x7ff9b058ec29
[  170.943079][T12154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.943094][T12154] RSP: 002b:00007ff9b13b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  170.943110][T12154] RAX: ffffffffffffffda RBX: 00007ff9b07d5fa0 RCX: 00007ff9b058ec29
[  170.943121][T12154] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  170.943130][T12154] RBP: 00007ff9b13b0090 R08: 0000000000000000 R09: 0000000000000000
[  170.943140][T12154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.943149][T12154] R13: 00007ff9b07d6038 R14: 00007ff9b07d5fa0 R15: 00007ffc578b0e48
[  170.943173][T12154]  </TASK>
[  171.433178][T12167] FAULT_INJECTION: forcing a failure.
[  171.433178][T12167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.440266][T12167] CPU: 2 UID: 0 PID: 12167 Comm: syz.4.1887 Not tainted syzkaller #0 PREEMPT(full) 
[  171.440292][T12167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.440302][T12167] Call Trace:
[  171.440310][T12167]  <TASK>
[  171.440317][T12167]  dump_stack_lvl+0x16c/0x1f0
[  171.440344][T12167]  should_fail_ex+0x512/0x640
[  171.440373][T12167]  _copy_to_user+0x32/0xd0
[  171.440403][T12167]  simple_read_from_buffer+0xcb/0x170
[  171.440424][T12167]  proc_fail_nth_read+0x197/0x240
[  171.440449][T12167]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  171.440474][T12167]  ? rw_verify_area+0xcf/0x6c0
[  171.440502][T12167]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  171.440524][T12167]  vfs_read+0x1e1/0xcf0
[  171.440547][T12167]  ? __pfx___mutex_lock+0x10/0x10
[  171.440572][T12167]  ? __pfx_vfs_read+0x10/0x10
[  171.440596][T12167]  ? __fget_files+0x20e/0x3c0
[  171.440625][T12167]  ksys_read+0x12a/0x250
[  171.440643][T12167]  ? __pfx_ksys_read+0x10/0x10
[  171.440674][T12167]  do_syscall_64+0xcd/0x4e0
[  171.440701][T12167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.440719][T12167] RIP: 0033:0x7ff9b058d63c
[  171.440734][T12167] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  171.440752][T12167] RSP: 002b:00007ff9b13b0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  171.440770][T12167] RAX: ffffffffffffffda RBX: 00007ff9b07d5fa0 RCX: 00007ff9b058d63c
[  171.440783][T12167] RDX: 000000000000000f RSI: 00007ff9b13b00a0 RDI: 0000000000000007
[  171.440793][T12167] RBP: 00007ff9b13b0090 R08: 0000000000000000 R09: 0000000000000000
[  171.440805][T12167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  171.440814][T12167] R13: 00007ff9b07d6038 R14: 00007ff9b07d5fa0 R15: 00007ffc578b0e48
[  171.440839][T12167]  </TASK>
[  171.640046][   T40] kauditd_printk_skb: 888 callbacks suppressed
[  171.640057][   T40] audit: type=1400 audit(1758375971.645:1604): avc:  denied  { append } for  pid=12171 comm="syz.4.1889" name="usbmon5" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  171.709222][T12177] FAULT_INJECTION: forcing a failure.
[  171.709222][T12177] name failslab, interval 1, probability 0, space 0, times 0
[  171.714496][T12177] CPU: 3 UID: 0 PID: 12177 Comm: syz.5.1891 Not tainted syzkaller #0 PREEMPT(full) 
[  171.714533][T12177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.714544][T12177] Call Trace:
[  171.714550][T12177]  <TASK>
[  171.714557][T12177]  dump_stack_lvl+0x16c/0x1f0
[  171.714584][T12177]  should_fail_ex+0x512/0x640
[  171.714613][T12177]  ? __kmalloc_node_noprof+0xc5/0x500
[  171.714635][T12177]  should_failslab+0xc2/0x120
[  171.714655][T12177]  __kmalloc_node_noprof+0xd8/0x500
[  171.714674][T12177]  ? __vmalloc_node_range_noprof+0x3e5/0x14b0
[  171.714704][T12177]  __vmalloc_node_range_noprof+0x3e5/0x14b0
[  171.714728][T12177]  ? local_lock_release+0x99/0x140
[  171.714755][T12177]  ? vhost_task_create+0x1d2/0x2e0
[  171.714771][T12177]  ? rcu_read_unlock+0x17/0x60
[  171.714793][T12177]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  171.714827][T12177]  ? vhost_task_create+0x1d2/0x2e0
[  171.714843][T12177]  __vmalloc_node_noprof+0xad/0xf0
[  171.714866][T12177]  ? vhost_task_create+0x1d2/0x2e0
[  171.714884][T12177]  copy_process+0x2c70/0x7690
[  171.714920][T12177]  ? __pfx_copy_process+0x10/0x10
[  171.714970][T12177]  ? lockdep_init_map_type+0x5c/0x280
[  171.714989][T12177]  ? lockdep_init_map_type+0x5c/0x280
[  171.715005][T12177]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  171.715027][T12177]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  171.715052][T12177]  vhost_task_create+0x1d2/0x2e0
[  171.715069][T12177]  ? __pfx_vhost_task_create+0x10/0x10
[  171.715110][T12177]  ? __pfx_vhost_task_fn+0x10/0x10
[  171.715139][T12177]  kvm_mmu_post_init_vm+0x1b7/0x380
[  171.715174][T12177]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  171.715196][T12177]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  171.715224][T12177]  kvm_vcpu_ioctl+0x5eb/0x1690
[  171.715249][T12177]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  171.715272][T12177]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  171.715294][T12177]  ? do_vfs_ioctl+0x128/0x14f0
[  171.715321][T12177]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  171.715347][T12177]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  171.715381][T12177]  ? hook_file_ioctl_common+0x145/0x410
[  171.715406][T12177]  ? selinux_file_ioctl+0x180/0x270
[  171.715429][T12177]  ? selinux_file_ioctl+0xb4/0x270
[  171.715455][T12177]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  171.715478][T12177]  __x64_sys_ioctl+0x18e/0x210
[  171.715504][T12177]  do_syscall_64+0xcd/0x4e0
[  171.715528][T12177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.715545][T12177] RIP: 0033:0x7f1000d8ec29
[  171.715560][T12177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.715577][T12177] RSP: 002b:00007f1001c5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  171.715595][T12177] RAX: ffffffffffffffda RBX: 00007f1000fd5fa0 RCX: 00007f1000d8ec29
[  171.715612][T12177] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  171.715622][T12177] RBP: 00007f1001c5b090 R08: 0000000000000000 R09: 0000000000000000
[  171.715633][T12177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.715643][T12177] R13: 00007f1000fd6038 R14: 00007f1000fd5fa0 R15: 00007ffcc0712238
[  171.715669][T12177]  </TASK>
[  171.837295][T12177] syz.5.1891: vmalloc error: size 32768, failed to allocated page array size 64, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  171.844204][T12177] CPU: 3 UID: 0 PID: 12177 Comm: syz.5.1891 Not tainted syzkaller #0 PREEMPT(full) 
[  171.844237][T12177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.844247][T12177] Call Trace:
[  171.844263][T12177]  <TASK>
[  171.844271][T12177]  dump_stack_lvl+0x16c/0x1f0
[  171.844296][T12177]  warn_alloc+0x248/0x3a0
[  171.844313][T12177]  ? __pfx_warn_alloc+0x10/0x10
[  171.844326][T12177]  ? dump_stack_lvl+0x1a1/0x1f0
[  171.844351][T12177]  ? rcu_is_watching+0x12/0xc0
[  171.844376][T12177]  ? __kmalloc_node_noprof+0x23b/0x500
[  171.844399][T12177]  __vmalloc_node_range_noprof+0x101b/0x14b0
[  171.844421][T12177]  ? local_lock_release+0x99/0x140
[  171.844445][T12177]  ? vhost_task_create+0x1d2/0x2e0
[  171.844466][T12177]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  171.844495][T12177]  ? vhost_task_create+0x1d2/0x2e0
[  171.844509][T12177]  __vmalloc_node_noprof+0xad/0xf0
[  171.844530][T12177]  ? vhost_task_create+0x1d2/0x2e0
[  171.844548][T12177]  copy_process+0x2c70/0x7690
[  171.844579][T12177]  ? __pfx_copy_process+0x10/0x10
[  171.844602][T12177]  ? lockdep_init_map_type+0x5c/0x280
[  171.844619][T12177]  ? lockdep_init_map_type+0x5c/0x280
[  171.844633][T12177]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  171.844654][T12177]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  171.844678][T12177]  vhost_task_create+0x1d2/0x2e0
[  171.844692][T12177]  ? __pfx_vhost_task_create+0x10/0x10
[  171.844713][T12177]  ? __pfx_vhost_task_fn+0x10/0x10
[  171.844738][T12177]  kvm_mmu_post_init_vm+0x1b7/0x380
[  171.844757][T12177]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  171.844779][T12177]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  171.844802][T12177]  kvm_vcpu_ioctl+0x5eb/0x1690
[  171.844824][T12177]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  171.844844][T12177]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  171.844864][T12177]  ? do_vfs_ioctl+0x128/0x14f0
[  171.844889][T12177]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  171.844911][T12177]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  171.844941][T12177]  ? hook_file_ioctl_common+0x145/0x410
[  171.844962][T12177]  ? selinux_file_ioctl+0x180/0x270
[  171.844982][T12177]  ? selinux_file_ioctl+0xb4/0x270
[  171.845005][T12177]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  171.845025][T12177]  __x64_sys_ioctl+0x18e/0x210
[  171.845048][T12177]  do_syscall_64+0xcd/0x4e0
[  171.845069][T12177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.845104][T12177] RIP: 0033:0x7f1000d8ec29
[  171.845117][T12177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.845132][T12177] RSP: 002b:00007f1001c5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  171.845146][T12177] RAX: ffffffffffffffda RBX: 00007f1000fd5fa0 RCX: 00007f1000d8ec29
[  171.845155][T12177] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  171.845164][T12177] RBP: 00007f1001c5b090 R08: 0000000000000000 R09: 0000000000000000
[  171.845173][T12177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.845181][T12177] R13: 00007f1000fd6038 R14: 00007f1000fd5fa0 R15: 00007ffcc0712238
[  171.845201][T12177]  </TASK>
[  171.846163][T12183] mac80211_hwsim hwsim12 wlan1: entered allmulticast mode
[  171.849286][T12177] Mem-Info:
[  171.861288][T12184] netlink: 'syz.4.1893': attribute type 10 has an invalid length.
[  171.863485][T12183] batman_adv: batadv0: Removing interface: team0
[  171.864085][T12177] active_anon:13902 inactive_anon:74 isolated_anon:0
[  171.864085][T12177]  active_file:2170 inactive_file:56558 isolated_file:0
[  171.864085][T12177]  unevictable:18148 dirty:644 writeback:0
[  171.864085][T12177]  slab_reclaimable:8036 slab_unreclaimable:75161
[  171.864085][T12177]  mapped:26304 shmem:2397 pagetables:1517
[  171.864085][T12177]  sec_pagetables:314 bounce:0
[  171.864085][T12177]  kernel_misc_reclaimable:0
[  171.864085][T12177]  free:417335 free_pcp:22839 free_cma:0
[  171.864129][T12177] Node 0 active_anon:54452kB inactive_anon:296kB active_file:7132kB inactive_file:225972kB unevictable:69056kB isolated(anon):0kB isolated(file):0kB mapped:88764kB dirty:2428kB writeback:0kB shmem:6048kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:8192kB kernel_stack:14352kB pagetables:5692kB sec_pagetables:1256kB all_unreclaimable? yes Balloon:0kB
[  171.864171][T12177] Node 1 active_anon:1156kB inactive_anon:0kB active_file:1548kB inactive_file:260kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16452kB dirty:148kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:112kB pagetables:376kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  171.864210][T12177] Node 0 DMA free:6288kB boost:2048kB min:2388kB low:2472kB high:2556kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:124kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:252kB local_pcp:60kB free_cma:0kB
[  172.021689][T12177] lowmem_reserve[]: 0 1233 1233 1233 1233
[  172.023831][T12177] Node 0 DMA32 free:100492kB boost:26624kB min:54140kB low:61016kB high:67892kB reserved_highatomic:0KB free_highatomic:0KB active_anon:54672kB inactive_anon:296kB active_file:7132kB inactive_file:225972kB unevictable:68932kB writepending:2428kB present:2080628kB managed:1263420kB mlocked:0kB bounce:0kB free_pcp:68104kB local_pcp:21896kB free_cma:0kB
[  172.026329][T12183] bridge_slave_0: left allmulticast mode
[  172.036047][T12177] lowmem_reserve[]: 0 0 0 0 0
[  172.036412][T12183] bridge_slave_0: left promiscuous mode
[  172.038018][T12177] Node 1 Normal free:1562560kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1156kB inactive_anon:0kB active_file:1548kB inactive_file:260kB unevictable:3536kB writepending:148kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:23108kB local_pcp:0kB free_cma:0kB
[  172.040445][T12183] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.052172][T12177] lowmem_reserve[]: 0 0 0 0 0
[  172.056505][T12177] Node 0 DMA: 22*4kB (UM) 9*8kB (UM) 17*16kB (UM) 5*32kB (UM) 5*64kB (M) 6*128kB (M) 4*256kB (M) 1*512kB (M) 1*1024kB (M) 1*2048kB (U) 0*4096kB = 6288kB
[  172.062233][T12177] Node 0 DMA32: 1230*4kB (UME) 317*8kB (UME) 165*16kB (UME) 288*32kB (UME) 119*64kB (UME) 61*128kB (UME) 70*256kB (UME) 29*512kB (UM) 20*1024kB (UM) 0*2048kB 3*4096kB (M) = 100272kB
[  172.069030][T12177] Node 1 Normal: 100*4kB (UME) 72*8kB (UME) 45*16kB (UME) 112*32kB (UME) 49*64kB (UME) 16*128kB (UME) 13*256kB (UME) 7*512kB (UM) 3*1024kB (M) 1*2048kB (E) 376*4096kB (UM) = 1562592kB
[  172.071635][T12183] bridge_slave_1: left allmulticast mode
[  172.075818][T12177] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  172.075831][T12177] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  172.075840][T12177] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  172.075872][T12177] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  172.075882][T12177] 77501 total pagecache pages
[  172.075887][T12177] 0 pages in swap cache
[  172.075911][T12177] Free swap  = 124996kB
[  172.075917][T12177] Total swap = 124996kB
[  172.075921][T12177] 1048443 pages RAM
[  172.075925][T12177] 0 pages HighMem/MovableOnly
[  172.075930][T12177] 283275 pages reserved
[  172.075934][T12177] 0 pages cma reserved
[  172.109227][T12183] bridge_slave_1: left promiscuous mode
[  172.113072][T12183] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.122372][T12183] bond0: (slave bond_slave_0): Releasing backup interface
[  172.129303][T12183] bond0: (slave bond_slave_1): Releasing backup interface
[  172.139302][T12183] team0: Port device team_slave_0 removed
[  172.147331][T12183] team0: Port device team_slave_1 removed
[  172.149551][T12183] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.151946][T12183] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.157622][T12183] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.161360][T12183] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.172499][T12184] mac80211_hwsim hwsim12 wlan1: left allmulticast mode
[  172.178613][T12184] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  172.186282][T12190] MTD: Couldn't look up './cgroup': -15
[  172.188706][T12190] ./cgroup: Can't lookup blockdev
[  172.280489][   T63] Bluetooth: hci4: Malformed Event: 0x13
[  173.466840][T12230] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  173.469517][T12230] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  173.472598][T12230] vhci_hcd vhci_hcd.0: Device attached
[  173.477507][T12231] vhci_hcd: cannot find the pending unlink 1023
[  173.546384][T12231] vhci_hcd: connection closed
[  173.552328][ T1144] vhci_hcd: stop threads
[  173.559549][ T1144] vhci_hcd: release socket
[  173.561432][ T1144] vhci_hcd: disconnect device
[  173.699056][T12249] input: syz0 as /devices/virtual/input/input26
[  173.752616][T12251] FAULT_INJECTION: forcing a failure.
[  173.752616][T12251] name failslab, interval 1, probability 0, space 0, times 0
[  173.759949][T12251] CPU: 1 UID: 0 PID: 12251 Comm: syz.0.1914 Not tainted syzkaller #0 PREEMPT(full) 
[  173.759974][T12251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  173.759986][T12251] Call Trace:
[  173.759992][T12251]  <TASK>
[  173.759999][T12251]  dump_stack_lvl+0x16c/0x1f0
[  173.760028][T12251]  should_fail_ex+0x512/0x640
[  173.760052][T12251]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  173.760074][T12251]  should_failslab+0xc2/0x120
[  173.760098][T12251]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  173.760115][T12251]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  173.760143][T12251]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  173.760168][T12251]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  173.760201][T12251]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  173.760236][T12251]  mmu_topup_memory_caches+0x25/0x170
[  173.760258][T12251]  kvm_mmu_load+0xd6/0x23c0
[  173.760276][T12251]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  173.760297][T12251]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  173.760319][T12251]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  173.760345][T12251]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  173.760373][T12251]  ? __pfx_kvm_mmu_load+0x10/0x10
[  173.760391][T12251]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  173.760419][T12251]  ? kvm_check_and_inject_events+0x71c/0x1310
[  173.760450][T12251]  vcpu_run+0x35a3/0x55a0
[  173.760476][T12251]  ? __lock_acquire+0xb97/0x1ce0
[  173.760512][T12251]  ? __pfx_vcpu_run+0x10/0x10
[  173.760541][T12251]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  173.760565][T12251]  ? __local_bh_enable_ip+0xa4/0x120
[  173.760593][T12251]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  173.760617][T12251]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  173.760650][T12251]  kvm_vcpu_ioctl+0x5eb/0x1690
[  173.760679][T12251]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  173.760705][T12251]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  173.760729][T12251]  ? do_vfs_ioctl+0x128/0x14f0
[  173.760758][T12251]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  173.760785][T12251]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  173.760823][T12251]  ? hook_file_ioctl_common+0x145/0x410
[  173.760850][T12251]  ? selinux_file_ioctl+0x180/0x270
[  173.760875][T12251]  ? selinux_file_ioctl+0xb4/0x270
[  173.760903][T12251]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  173.760929][T12251]  __x64_sys_ioctl+0x18e/0x210
[  173.760958][T12251]  do_syscall_64+0xcd/0x4e0
[  173.760986][T12251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.761004][T12251] RIP: 0033:0x7f8c48b8ec29
[  173.761020][T12251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.761037][T12251] RSP: 002b:00007f8c49a58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  173.761055][T12251] RAX: ffffffffffffffda RBX: 00007f8c48dd5fa0 RCX: 00007f8c48b8ec29
[  173.761066][T12251] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  173.761078][T12251] RBP: 00007f8c49a58090 R08: 0000000000000000 R09: 0000000000000000
[  173.761087][T12251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  173.761098][T12251] R13: 00007f8c48dd6038 R14: 00007f8c48dd5fa0 R15: 00007ffde397d7d8
[  173.761124][T12251]  </TASK>
[  173.769166][T12248] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1913'.
[  173.987229][T12256] dvmrp1: entered allmulticast mode
[  174.041555][   T40] audit: type=1400 audit(1758375974.045:1605): avc:  denied  { map } for  pid=12258 comm="syz.0.1916" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  174.050960][   T40] audit: type=1400 audit(1758375974.045:1606): avc:  denied  { execute } for  pid=12258 comm="syz.0.1916" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  174.055471][ T6016] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  174.141420][T12266] binder: binder_mmap: 12265 200000ffc000-200001000000 bad vm_flags failed -1
[  174.187099][ T6016] usb 10-1: device descriptor read/64, error -71
[  174.425571][ T6016] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  174.445250][ T6065] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  174.483714][T12284] FAULT_INJECTION: forcing a failure.
[  174.483714][T12284] name failslab, interval 1, probability 0, space 0, times 0
[  174.489913][T12284] CPU: 3 UID: 0 PID: 12284 Comm: syz.0.1924 Not tainted syzkaller #0 PREEMPT(full) 
[  174.489936][T12284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  174.489947][T12284] Call Trace:
[  174.489952][T12284]  <TASK>
[  174.489959][T12284]  dump_stack_lvl+0x16c/0x1f0
[  174.489987][T12284]  should_fail_ex+0x512/0x640
[  174.490009][T12284]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  174.490031][T12284]  should_failslab+0xc2/0x120
[  174.490051][T12284]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  174.490067][T12284]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  174.490094][T12284]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  174.490117][T12284]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  174.490147][T12284]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  174.490181][T12284]  mmu_topup_memory_caches+0x25/0x170
[  174.490201][T12284]  kvm_mmu_load+0xd6/0x23c0
[  174.490219][T12284]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  174.490239][T12284]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  174.490260][T12284]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  174.490286][T12284]  ? __pfx_kvm_mmu_load+0x10/0x10
[  174.490303][T12284]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  174.490329][T12284]  ? kvm_check_and_inject_events+0x71c/0x1310
[  174.490358][T12284]  vcpu_run+0x35a3/0x55a0
[  174.490383][T12284]  ? __lock_acquire+0xb97/0x1ce0
[  174.490424][T12284]  ? __pfx_vcpu_run+0x10/0x10
[  174.490452][T12284]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  174.490474][T12284]  ? __local_bh_enable_ip+0xa4/0x120
[  174.490500][T12284]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  174.490524][T12284]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  174.490555][T12284]  kvm_vcpu_ioctl+0x5eb/0x1690
[  174.490581][T12284]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  174.490604][T12284]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  174.490626][T12284]  ? do_vfs_ioctl+0x128/0x14f0
[  174.490651][T12284]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  174.490676][T12284]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  174.490709][T12284]  ? hook_file_ioctl_common+0x145/0x410
[  174.490735][T12284]  ? selinux_file_ioctl+0x180/0x270
[  174.490759][T12284]  ? selinux_file_ioctl+0xb4/0x270
[  174.490784][T12284]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  174.490807][T12284]  __x64_sys_ioctl+0x18e/0x210
[  174.490836][T12284]  do_syscall_64+0xcd/0x4e0
[  174.490860][T12284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.490878][T12284] RIP: 0033:0x7f8c48b8ec29
[  174.490893][T12284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.490932][T12284] RSP: 002b:00007f8c49a58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  174.490949][T12284] RAX: ffffffffffffffda RBX: 00007f8c48dd5fa0 RCX: 00007f8c48b8ec29
[  174.490960][T12284] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  174.490972][T12284] RBP: 00007f8c49a58090 R08: 0000000000000000 R09: 0000000000000000
[  174.490981][T12284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  174.490990][T12284] R13: 00007f8c48dd6038 R14: 00007f8c48dd5fa0 R15: 00007ffde397d7d8
[  174.491015][T12284]  </TASK>
[  174.555188][ T6016] usb 10-1: device descriptor read/64, error -71
[  174.615210][ T6065] usb 8-1: Using ep0 maxpacket: 8
[  174.618983][ T6065] usb 8-1: unable to get BOS descriptor or descriptor too short
[  174.622255][ T6065] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  174.626210][ T6065] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  174.629680][ T6065] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  174.632750][ T6065] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1
[  174.635909][ T6065] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  174.638987][ T6065] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 29
[  174.643677][ T6065] usb 8-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  174.646659][ T6065] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.649241][ T6065] usb 8-1: Product: syz
[  174.650828][ T6065] usb 8-1: Manufacturer: syz
[  174.652669][ T6065] usb 8-1: SerialNumber: syz
[  174.655743][ T6065] usb 8-1: config 0 descriptor??
[  174.658178][T12264] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  174.660622][T12264] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  174.666645][ T6065] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  174.726006][ T6016] usb usb10-port1: attempt power cycle
[  174.850535][T12288] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=12288 comm=syz.0.1925
[  174.870480][T12264] netlink: 'syz.3.1918': attribute type 30 has an invalid length.
[  174.873855][T12264] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  174.877834][T12264] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  174.900682][T12293] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1926'.
[  175.017277][T12301] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1927'.
[  175.022167][   T40] audit: type=1326 audit(1758375975.025:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12294 comm="syz.4.1927" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff9b058ec29 code=0x0
[  175.067164][ T6016] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  175.088741][ T6016] usb 10-1: device descriptor read/8, error -71
[  175.276496][T12295] netlink: 'syz.4.1927': attribute type 2 has an invalid length.
[  175.327439][ T6016] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  175.345974][ T6016] usb 10-1: device descriptor read/8, error -71
[  175.455413][ T6016] usb usb10-port1: unable to enumerate USB device
[  175.533752][   T40] audit: type=1326 audit(1758375975.535:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12286 comm="syz.0.1925" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c48b8ec29 code=0x7fc00000
[  175.543968][   T40] audit: type=1326 audit(1758375975.535:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12286 comm="syz.0.1925" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8c48b8ec29 code=0x7fc00000
[  175.554229][   T40] audit: type=1326 audit(1758375975.535:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12286 comm="syz.0.1925" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c48b8ec29 code=0x7fc00000
[  175.563113][   T40] audit: type=1326 audit(1758375975.535:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12286 comm="syz.0.1925" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c48b8ec29 code=0x7fc00000
[  175.574140][   T40] audit: type=1400 audit(1758375975.555:1612): avc:  denied  { recv } for  pid=5882 comm="syz-executor" saddr=127.0.0.1 src=56368 daddr=127.0.0.1 dest=30000 netif=lo scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  175.595660][   T40] audit: type=1400 audit(1758375975.605:1613): avc:  denied  { recv } for  pid=0 comm="swapper/3" saddr=127.0.0.1 src=30000 daddr=127.0.0.1 dest=56368 netif=lo scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  175.785800][T12313] misc userio: The device must be registered before sending interrupts
[  176.028122][T12324] FAULT_INJECTION: forcing a failure.
[  176.028122][T12324] name failslab, interval 1, probability 0, space 0, times 0
[  176.033079][T12324] CPU: 3 UID: 0 PID: 12324 Comm: syz.0.1934 Not tainted syzkaller #0 PREEMPT(full) 
[  176.033093][T12324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  176.033100][T12324] Call Trace:
[  176.033105][T12324]  <TASK>
[  176.033110][T12324]  dump_stack_lvl+0x16c/0x1f0
[  176.033127][T12324]  should_fail_ex+0x512/0x640
[  176.033141][T12324]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  176.033155][T12324]  should_failslab+0xc2/0x120
[  176.033168][T12324]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  176.033178][T12324]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  176.033195][T12324]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  176.033211][T12324]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  176.033230][T12324]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  176.033251][T12324]  mmu_topup_memory_caches+0x25/0x170
[  176.033264][T12324]  kvm_mmu_load+0xd6/0x23c0
[  176.033275][T12324]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  176.033293][T12324]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  176.033306][T12324]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  176.033322][T12324]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  176.033336][T12324]  ? __pfx_kvm_mmu_load+0x10/0x10
[  176.033347][T12324]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  176.033364][T12324]  ? kvm_check_and_inject_events+0x71c/0x1310
[  176.033383][T12324]  vcpu_run+0x35a3/0x55a0
[  176.033398][T12324]  ? __lock_acquire+0xb97/0x1ce0
[  176.033419][T12324]  ? __pfx_vcpu_run+0x10/0x10
[  176.033437][T12324]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  176.033451][T12324]  ? __local_bh_enable_ip+0xa4/0x120
[  176.033468][T12324]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  176.033483][T12324]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  176.033502][T12324]  kvm_vcpu_ioctl+0x5eb/0x1690
[  176.033518][T12324]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  176.033535][T12324]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  176.033549][T12324]  ? do_vfs_ioctl+0x128/0x14f0
[  176.033567][T12324]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  176.033584][T12324]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  176.033605][T12324]  ? hook_file_ioctl_common+0x145/0x410
[  176.033621][T12324]  ? selinux_file_ioctl+0x180/0x270
[  176.033636][T12324]  ? selinux_file_ioctl+0xb4/0x270
[  176.033652][T12324]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  176.033667][T12324]  __x64_sys_ioctl+0x18e/0x210
[  176.033685][T12324]  do_syscall_64+0xcd/0x4e0
[  176.033701][T12324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.033712][T12324] RIP: 0033:0x7f8c48b8ec29
[  176.033722][T12324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.033732][T12324] RSP: 002b:00007f8c49a58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  176.033743][T12324] RAX: ffffffffffffffda RBX: 00007f8c48dd5fa0 RCX: 00007f8c48b8ec29
[  176.033750][T12324] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  176.033756][T12324] RBP: 00007f8c49a58090 R08: 0000000000000000 R09: 0000000000000000
[  176.033762][T12324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  176.033768][T12324] R13: 00007f8c48dd6038 R14: 00007f8c48dd5fa0 R15: 00007ffde397d7d8
[  176.033782][T12324]  </TASK>
[  176.229275][T12327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1935'.
[  176.383583][T12336] netfs: Couldn't get user pages (rc=-14)
[  176.466822][T12343] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1939'.
[  176.552678][T12352] dvmrp1: left allmulticast mode
[  176.699297][   T63] Bluetooth: hci4: Malformed Event: 0x13
[  176.825373][T12386] netlink: 'syz.4.1952': attribute type 21 has an invalid length.
[  176.828922][T12386] netlink: 'syz.4.1952': attribute type 6 has an invalid length.
[  176.832187][T12386] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1952'.
[  176.867461][T12386] CUSE: info not properly terminated
[  176.908147][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  176.908163][   T40] audit: type=1400 audit(1758375976.915:1623): avc:  denied  { egress } for  pid=28 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=wpan1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  176.922126][   T40] audit: type=1400 audit(1758375976.915:1624): avc:  denied  { sendto } for  pid=28 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=wpan1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  177.086972][ T6016] usb 8-1: USB disconnect, device number 16
[  177.489383][T12412] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1956'.
[  177.493643][   T40] audit: type=1326 audit(1758375977.495:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12411 comm="syz.3.1956" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17cb18ec29 code=0x0
[  177.597478][T12413] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1956'.
[  177.728074][   T63] Bluetooth: hci4: Malformed Event: 0x13
[  177.754005][T12428] netlink: 6032 bytes leftover after parsing attributes in process `syz.5.1961'.
[  177.852223][T12445] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1967'.
[  177.931977][T12451] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1969'.
[  177.971749][   T40] audit: type=1400 audit(1758375977.975:1626): avc:  denied  { allowed } for  pid=12452 comm="syz.0.1970" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  177.985804][   T63] Bluetooth: hci4: Malformed Event: 0x13
[  178.079407][   T63] Bluetooth: hci1: unexpected event for opcode 0x1003
[  178.117648][T12470] input: syz1 as /devices/virtual/input/input27
[  178.288590][T12483] FAULT_INJECTION: forcing a failure.
[  178.288590][T12483] name failslab, interval 1, probability 0, space 0, times 0
[  178.293847][T12483] CPU: 0 UID: 0 PID: 12483 Comm: syz.3.1981 Not tainted syzkaller #0 PREEMPT(full) 
[  178.293870][T12483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.293881][T12483] Call Trace:
[  178.293886][T12483]  <TASK>
[  178.293892][T12483]  dump_stack_lvl+0x16c/0x1f0
[  178.293919][T12483]  should_fail_ex+0x512/0x640
[  178.293942][T12483]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  178.293965][T12483]  should_failslab+0xc2/0x120
[  178.293988][T12483]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  178.294004][T12483]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  178.294031][T12483]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  178.294056][T12483]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  178.294085][T12483]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  178.294119][T12483]  mmu_topup_memory_caches+0x25/0x170
[  178.294135][T12483]  kvm_mmu_load+0xd6/0x23c0
[  178.294149][T12483]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  178.294169][T12483]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  178.294190][T12483]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  178.294210][T12483]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  178.294231][T12483]  ? __pfx_kvm_mmu_load+0x10/0x10
[  178.294248][T12483]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  178.294279][T12483]  ? kvm_check_and_inject_events+0x71c/0x1310
[  178.294309][T12483]  vcpu_run+0x35a3/0x55a0
[  178.294334][T12483]  ? __lock_acquire+0xb97/0x1ce0
[  178.294368][T12483]  ? __pfx_vcpu_run+0x10/0x10
[  178.294397][T12483]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  178.294421][T12483]  ? __local_bh_enable_ip+0xa4/0x120
[  178.294448][T12483]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  178.294474][T12483]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  178.294506][T12483]  kvm_vcpu_ioctl+0x5eb/0x1690
[  178.294533][T12483]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  178.294558][T12483]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  178.294580][T12483]  ? do_vfs_ioctl+0x128/0x14f0
[  178.294608][T12483]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  178.294635][T12483]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  178.294671][T12483]  ? hook_file_ioctl_common+0x145/0x410
[  178.294698][T12483]  ? selinux_file_ioctl+0x180/0x270
[  178.294722][T12483]  ? selinux_file_ioctl+0xb4/0x270
[  178.294749][T12483]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  178.294774][T12483]  __x64_sys_ioctl+0x18e/0x210
[  178.294803][T12483]  do_syscall_64+0xcd/0x4e0
[  178.294829][T12483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.294846][T12483] RIP: 0033:0x7f17cb18ec29
[  178.294862][T12483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.294898][T12483] RSP: 002b:00007f17cc0fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  178.294915][T12483] RAX: ffffffffffffffda RBX: 00007f17cb3d5fa0 RCX: 00007f17cb18ec29
[  178.294927][T12483] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  178.294937][T12483] RBP: 00007f17cc0fa090 R08: 0000000000000000 R09: 0000000000000000
[  178.294946][T12483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  178.294954][T12483] R13: 00007f17cb3d6038 R14: 00007f17cb3d5fa0 R15: 00007ffcdb239658
[  178.294979][T12483]  </TASK>
[  178.494620][T12493] No control pipe specified
[  178.717065][T12497] overlay: Bad value for 'workdir'
[  178.785238][   T40] audit: type=1400 audit(1758375978.785:1627): avc:  denied  { node_bind } for  pid=12517 comm="syz.0.1990" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  178.899152][   T63] Bluetooth: hci1: unexpected event for opcode 0x1003
[  178.909486][T12538] No control pipe specified
[  179.254034][T12546] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  179.387941][T12551] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20002
[  180.303013][   T40] audit: type=1400 audit(1758375980.305:1628): avc:  denied  { write } for  pid=12565 comm="syz.5.2004" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  181.516316][T12497] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  181.571984][T12583] evm: overlay not supported
[  181.639572][T12595] __nla_validate_parse: 2 callbacks suppressed
[  181.639585][T12595] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2012'.
[  181.713301][T12604] PKCS7: Unknown OID: [4] 5.25.43183(bad)
[  181.716662][T12604] PKCS7: Only support pkcs7_signedData type
[  181.778745][T12608] block device autoloading is deprecated and will be removed.
[  182.000144][T12613] netlink: 'syz.4.2016': attribute type 20 has an invalid length.
[  182.044218][T12615] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  182.053166][T12615] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2017'.
[  182.057123][T12615] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2017'.
[  182.060692][T12615] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2017'.
[  182.105210][   T63] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  182.108160][   T63] Bluetooth: hci1: Injecting HCI hardware error event
[  182.111984][   T63] Bluetooth: hci1: hardware error 0x00
[  182.310357][T12623] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2020'.
[  182.382940][   T91] Bluetooth: hci3: Frame reassembly failed (-84)
[  182.764203][   T40] audit: type=1400 audit(1758375982.765:1629): avc:  denied  { accept } for  pid=12646 comm="syz.3.2028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  182.854469][T12652] "syz.0.2030" (12652) uses obsolete ecb(arc4) skcipher
[  182.909169][T12656] netlink: 'syz.0.2030': attribute type 21 has an invalid length.
[  183.354033][T12664] delete_channel: no stack
[  183.464156][   T40] audit: type=1400 audit(1758375983.465:1630): avc:  denied  { getopt } for  pid=12670 comm="syz.4.2035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  183.568476][T12676] vlan2: entered promiscuous mode
[  183.721810][   T40] audit: type=1400 audit(1758375983.725:1631): avc:  denied  { remove_name } for  pid=12684 comm="syz.4.2038" name="file0" dev="9p" ino=71827815 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  183.730193][   T40] audit: type=1400 audit(1758375983.725:1632): avc:  denied  { unlink } for  pid=12684 comm="syz.4.2038" name="file0" dev="9p" ino=71827815 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  183.817273][   T40] audit: type=1400 audit(1758375983.825:1633): avc:  denied  { read } for  pid=12690 comm="syz.3.2044" path="socket:[49621]" dev="sockfs" ino=49621 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  183.848901][T12694] netlink: 'syz.3.2045': attribute type 2 has an invalid length.
[  183.851409][T12694] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2045'.
[  183.854346][T12694] nbd: must specify a device to reconfigure
[  183.943930][T12702] netlink: 'syz.3.2048': attribute type 62 has an invalid length.
[  184.186860][   T63] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  184.268282][   T40] audit: type=1400 audit(1758375984.275:1634): avc:  denied  { ioctl } for  pid=12712 comm="syz.0.2052" path="socket:[51635]" dev="sockfs" ino=51635 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  184.379984][   T40] audit: type=1400 audit(1758375984.385:1635): avc:  denied  { setattr } for  pid=12712 comm="syz.0.2052" name="file1" dev="9p" ino=71827821 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  184.415213][   T63] Bluetooth: hci3: command 0x1003 tx timeout
[  184.419184][ T5974] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  184.432847][   T40] audit: type=1800 audit(1758375984.435:1636): pid=12713 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.0.2052" name="/file1" dev="9p" ino=71827821 res=0 errno=0
[  184.508118][T12727] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  184.520105][T12730] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  184.532646][   T40] audit: type=1400 audit(1758375984.535:1637): avc:  denied  { create } for  pid=12729 comm="syz.3.2058" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  184.551793][T12736] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2059'.
[  184.759119][    C2] IPv4: Oversized IP packet from 172.20.20.24
[  184.774518][   T40] audit: type=1400 audit(1758375984.775:1638): avc:  denied  { accept } for  pid=12754 comm="syz.5.2067" path="socket:[48833]" dev="sockfs" ino=48833 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  184.779171][T12750] vxlan0: entered promiscuous mode
[  184.785404][T12750] vxlan0: entered allmulticast mode
[  184.787989][ T7937] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  184.790746][T12759] comedi comedi3: bad chanlist[0]=0x80000092 chan=146 range length=1
[  184.791606][ T7937] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  184.799113][ T7937] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  184.802992][ T7937] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  184.811786][T12757] netlink: 'syz.5.2067': attribute type 10 has an invalid length.
[  184.814574][T12756] netlink: 'syz.5.2067': attribute type 10 has an invalid length.
[  184.817014][T12757] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2067'.
[  184.821540][T12756] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2067'.
[  184.821566][T12757] dummy0: entered promiscuous mode
[  184.830146][T12757] bridge0: port 3(dummy0) entered blocking state
[  184.833803][T12757] bridge0: port 3(dummy0) entered disabled state
[  184.837169][T12757] dummy0: entered allmulticast mode
[  184.841791][T12757] bridge0: port 3(dummy0) entered blocking state
[  184.844574][T12757] bridge0: port 3(dummy0) entered forwarding state
[  184.848288][T12757] netlink: 'syz.5.2067': attribute type 10 has an invalid length.
[  184.849141][T12756] netlink: 'syz.5.2067': attribute type 10 has an invalid length.
[  184.851347][T12757] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2067'.
[  184.854095][T12756] netlink: 'syz.5.2067': attribute type 10 has an invalid length.
[  184.858474][T12757] netlink: 'syz.5.2067': attribute type 10 has an invalid length.
[  185.097065][T12780] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) !
[  185.103455][T12781] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) !
[  185.145905][T12788] cgroup: noprefix used incorrectly
[  185.280450][T12808] can0: slcan on ttyprintk.
[  185.385524][T12807] can0 (unregistered): slcan off ttyprintk.
[  185.497546][T12829] 9pnet_virtio: no channels available for device 127.0.0.1
[  185.630590][T12835] kvm: kvm [12833]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0
[  185.775239][ T5974] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  185.778974][ T5974] Bluetooth: hci4: Injecting HCI hardware error event
[  185.783683][   T63] Bluetooth: hci4: hardware error 0x00
[  185.944979][T12877] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  186.333752][T12898] bond0: option mode: unable to set because the bond device has slaves
[  186.586394][T12905] ------------[ cut here ]------------
[  186.588192][T12905] WARNING: CPU: 3 PID: 12905 at fs/buffer.c:1125 __getblk_slow+0x4cc/0x560
[  186.590894][T12905] Modules linked in:
[  186.592415][T12905] CPU: 3 UID: 0 PID: 12905 Comm: syz.5.2105 Not tainted syzkaller #0 PREEMPT(full) 
[  186.596838][T12905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.600268][T12905] RIP: 0010:__getblk_slow+0x4cc/0x560
[  186.602013][T12905] Code: c0 8b 48 89 df e8 c4 bd bb ff 90 0f 0b e8 7c 0c 73 ff 48 c7 c6 20 65 c0 8b 48 89 df e8 ad bd bb ff 90 0f 0b e8 65 0c 73 ff 90 <0f> 0b 90 8b 74 24 0c 89 ea 48 c7 c7 80 66 c0 8b 31 db e8 bd bb 51
[  186.608116][T12905] RSP: 0018:ffffc900060177f0 EFLAGS: 00010283
[  186.609970][T12905] RAX: 000000000000257a RBX: 0000000000000200 RCX: ffffc9000cac1000
[  186.612388][T12905] RDX: 0000000000080000 RSI: ffffffff8248911b RDI: 0000000000000005
[  186.614831][T12905] RBP: 0000000000000400 R08: 0000000000000005 R09: 0000000000000000
[  186.617402][T12905] R10: 0000000000000200 R11: 0000000000000000 R12: ffff888027d88b80
[  186.619838][T12905] R13: 0000000000000100 R14: 0000000000000200 R15: ffff888027d88b80
[  186.622296][T12905] FS:  00007f1001c3a6c0(0000) GS:ffff8880d69b2000(0000) knlGS:0000000000000000
[  186.625177][T12905] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  186.627251][T12905] CR2: 0000000000000000 CR3: 000000006488a000 CR4: 0000000000352ef0
[  186.629698][T12905] Call Trace:
[  186.630758][T12905]  <TASK>
[  186.631713][T12905]  ? __pfx___might_resched+0x10/0x10
[  186.633362][T12905]  bdev_getblk+0xd4/0xe0
[  186.634711][T12905]  __bread_gfp+0x86/0x3c0
[  186.636224][T12905]  udf_read_tagged+0xae/0x740
[  186.637724][T12905]  udf_check_anchor_block+0x89/0x4b0
[  186.639405][T12905]  ? udf_get_last_block+0x1ce/0x2a0
[  186.641021][T12905]  ? __pfx_udf_check_anchor_block+0x10/0x10
[  186.642901][T12905]  udf_load_vrs+0x3b8/0x1070
[  186.644450][T12905]  ? __pfx_udf_load_vrs+0x10/0x10
[  186.646191][T12905]  ? __pfx_udf_get_last_session+0x10/0x10
[  186.648001][T12905]  ? lockdep_init_map_type+0x5c/0x280
[  186.649682][T12905]  udf_fill_super+0x791/0x1df0
[  186.651221][T12905]  ? __pfx_udf_fill_super+0x10/0x10
[  186.652879][T12905]  ? do_raw_spin_lock+0x12c/0x2b0
[  186.654512][T12905]  ? find_held_lock+0x2b/0x80
[  186.656299][T12905]  ? sb_set_blocksize+0x176/0x1d0
[  186.657879][T12905]  ? setup_bdev_super+0x369/0x730
[  186.659466][T12905]  get_tree_bdev_flags+0x389/0x620
[  186.661055][T12905]  ? __pfx_udf_fill_super+0x10/0x10
[  186.662941][T12905]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  186.664609][T12905]  ? bpf_lsm_capable+0x9/0x10
[  186.666437][T12905]  ? security_capable+0x7e/0x260
[  186.668232][T12905]  vfs_get_tree+0x8e/0x340
[  186.670174][T12905]  path_mount+0x1513/0x2000
[  186.672137][T12905]  ? __pfx_path_mount+0x10/0x10
[  186.673969][T12905]  ? kmem_cache_free+0x2d1/0x4d0
[  186.675656][T12905]  ? putname+0x154/0x1a0
[  186.676991][T12905]  ? putname+0x154/0x1a0
[  186.678368][T12905]  ? __x64_sys_mount+0x28d/0x310
[  186.679957][T12905]  __x64_sys_mount+0x28d/0x310
[  186.681424][T12905]  ? __pfx___x64_sys_mount+0x10/0x10
[  186.683086][T12905]  do_syscall_64+0xcd/0x4e0
[  186.684585][T12905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.686529][T12905] RIP: 0033:0x7f1000d8ec29
[  186.687795][T12905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.693711][T12905] RSP: 002b:00007f1001c3a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  186.696417][T12905] RAX: ffffffffffffffda RBX: 00007f1000fd6090 RCX: 00007f1000d8ec29
[  186.698974][T12905] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000200000000040
[  186.701612][T12905] RBP: 00007f1000e11e41 R08: 0000000000000000 R09: 0000000000000000
[  186.704040][T12905] R10: 000000000020001b R11: 0000000000000246 R12: 0000000000000000
[  186.706852][T12905] R13: 00007f1000fd6128 R14: 00007f1000fd6090 R15: 00007ffcc0712238
[  186.709484][T12905]  </TASK>
[  186.710471][T12905] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  186.712704][T12905] CPU: 3 UID: 0 PID: 12905 Comm: syz.5.2105 Not tainted syzkaller #0 PREEMPT(full) 
[  186.715615][T12905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.718883][T12905] Call Trace:
[  186.719915][T12905]  <TASK>
[  186.720830][T12905]  dump_stack_lvl+0x3d/0x1f0
[  186.722252][T12905]  vpanic+0x6e8/0x7a0
[  186.723512][T12905]  ? __pfx_vpanic+0x10/0x10
[  186.724923][T12905]  ? __getblk_slow+0x4cc/0x560
[  186.726398][T12905]  panic+0xca/0xd0
[  186.727563][T12905]  ? __pfx_panic+0x10/0x10
[  186.728940][T12905]  check_panic_on_warn+0xab/0xb0
[  186.730505][T12905]  __warn+0xf6/0x3c0
[  186.731760][T12905]  ? __getblk_slow+0x4cc/0x560
[  186.733304][T12905]  report_bug+0x3c3/0x580
[  186.734679][T12905]  ? __getblk_slow+0x4cc/0x560
[  186.736201][T12905]  handle_bug+0x184/0x210
[  186.737634][T12905]  exc_invalid_op+0x17/0x50
[  186.739172][T12905]  asm_exc_invalid_op+0x1a/0x20
[  186.740771][T12905] RIP: 0010:__getblk_slow+0x4cc/0x560
[  186.742504][T12905] Code: c0 8b 48 89 df e8 c4 bd bb ff 90 0f 0b e8 7c 0c 73 ff 48 c7 c6 20 65 c0 8b 48 89 df e8 ad bd bb ff 90 0f 0b e8 65 0c 73 ff 90 <0f> 0b 90 8b 74 24 0c 89 ea 48 c7 c7 80 66 c0 8b 31 db e8 bd bb 51
[  186.748533][T12905] RSP: 0018:ffffc900060177f0 EFLAGS: 00010283
[  186.750440][T12905] RAX: 000000000000257a RBX: 0000000000000200 RCX: ffffc9000cac1000
[  186.752920][T12905] RDX: 0000000000080000 RSI: ffffffff8248911b RDI: 0000000000000005
[  186.755453][T12905] RBP: 0000000000000400 R08: 0000000000000005 R09: 0000000000000000
[  186.757808][T12905] R10: 0000000000000200 R11: 0000000000000000 R12: ffff888027d88b80
[  186.760226][T12905] R13: 0000000000000100 R14: 0000000000000200 R15: ffff888027d88b80
[  186.762665][T12905]  ? __getblk_slow+0x4cb/0x560
[  186.764165][T12905]  ? __pfx___might_resched+0x10/0x10
[  186.765802][T12905]  bdev_getblk+0xd4/0xe0
[  186.767114][T12905]  __bread_gfp+0x86/0x3c0
[  186.768496][T12905]  udf_read_tagged+0xae/0x740
[  186.769940][T12905]  udf_check_anchor_block+0x89/0x4b0
[  186.771657][T12905]  ? udf_get_last_block+0x1ce/0x2a0
[  186.773213][T12905]  ? __pfx_udf_check_anchor_block+0x10/0x10
[  186.775050][T12905]  udf_load_vrs+0x3b8/0x1070
[  186.776462][T12905]  ? __pfx_udf_load_vrs+0x10/0x10
[  186.778001][T12905]  ? __pfx_udf_get_last_session+0x10/0x10
[  186.779707][T12905]  ? lockdep_init_map_type+0x5c/0x280
[  186.781529][T12905]  udf_fill_super+0x791/0x1df0
[  186.783140][T12905]  ? __pfx_udf_fill_super+0x10/0x10
[  186.784702][T12905]  ? do_raw_spin_lock+0x12c/0x2b0
[  186.786270][T12905]  ? find_held_lock+0x2b/0x80
[  186.787834][T12905]  ? sb_set_blocksize+0x176/0x1d0
[  186.789364][T12905]  ? setup_bdev_super+0x369/0x730
[  186.790943][T12905]  get_tree_bdev_flags+0x389/0x620
[  186.792508][T12905]  ? __pfx_udf_fill_super+0x10/0x10
[  186.794107][T12905]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  186.795899][T12905]  ? bpf_lsm_capable+0x9/0x10
[  186.797399][T12905]  ? security_capable+0x7e/0x260
[  186.799270][T12905]  vfs_get_tree+0x8e/0x340
[  186.800789][T12905]  path_mount+0x1513/0x2000
[  186.802513][T12905]  ? __pfx_path_mount+0x10/0x10
[  186.804023][T12905]  ? kmem_cache_free+0x2d1/0x4d0
[  186.805542][T12905]  ? putname+0x154/0x1a0
[  186.806913][T12905]  ? putname+0x154/0x1a0
[  186.808234][T12905]  ? __x64_sys_mount+0x28d/0x310
[  186.809822][T12905]  __x64_sys_mount+0x28d/0x310
[  186.811327][T12905]  ? __pfx___x64_sys_mount+0x10/0x10
[  186.812950][T12905]  do_syscall_64+0xcd/0x4e0
[  186.814383][T12905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.816161][T12905] RIP: 0033:0x7f1000d8ec29
[  186.817412][T12905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.823228][T12905] RSP: 002b:00007f1001c3a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  186.825813][T12905] RAX: ffffffffffffffda RBX: 00007f1000fd6090 RCX: 00007f1000d8ec29
[  186.828016][T12905] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000200000000040
[  186.830147][T12905] RBP: 00007f1000e11e41 R08: 0000000000000000 R09: 0000000000000000
[  186.832471][T12905] R10: 000000000020001b R11: 0000000000000246 R12: 0000000000000000
[  186.834917][T12905] R13: 00007f1000fd6128 R14: 00007f1000fd6090 R15: 00007ffcc0712238
[  186.837318][T12905]  </TASK>
[  186.838962][T12905] Kernel Offset: disabled
[  186.840277][T12905] Rebooting in 86400 seconds..

VM DIAGNOSIS:
13:46:26  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000183c01 RBX=0000000000000000 RCX=ffffffff8b94cb49 RDX=0000000000000000
RSI=ffffffff8de52d29 RDI=ffffffff8c163380 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed100d486655 R10=ffff88806a4332ab R11=ffffffff9b089e50
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab7590 R15=0000000000000000
RIP=ffffffff8b94b68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
GS =0000 ffff8880d66b2000 ffffffff 00c09300 DPL=0 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000033113000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000014 000000000003bf12
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557adf8bd0 000055557adef990
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557add09b7 000055557add0800
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000a040601880338 0800018003018004 06800306800407a0 030008000790030f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 020001a00304ddfe effc080001980307 85f4d60800019003 020400018c030000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c080601b0030604 0001ac0310040001 a80300040001a403 00020001a20301f2
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080007e003001000 07d00300100007c0 0302100007b00338 1000069003000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010fffffffffffff 04028080b6100002 800400040180040a 0142a40066647501
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff f708028003007075 6f7267632f2e01ff ffffffffffffffed
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800030002000192 0360208080808200 01900364626e2f76 65642f01ffffffff
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffef080180 0308100007800401 000000080606015d fa08080007e00300
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000007 RCX=0000000000000003 RDX=0000000000000006
RSI=0000000000000002 RDI=0000000080000000 RBP=0000000000000000 RSP=ffffc900027df968
R8 =0000000000000000 R9 =1000000100800001 R10=0000000000000000 R11=0000000000000000
R12=0000000000002000 R13=0000000000000004 R14=0000000000000000 R15=0000000000000005
RIP=ffffffff8b9471f0 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
FS =0000 00007f8c49a586c0 ffffffff 00c09300 DPL=0 DS   [-WA]
GS =0000 ffff8880d67b2000 ffffffff 00c09300 DPL=0 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000ffff
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000055597000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc0712746
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc0712746 00007ffcc071274c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1000e12e6e
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1000e12e7b
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1000e12e75
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1000e12e89
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1000e12f0f
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1000e12fed
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000010eea1 RBX=0000000000000002 RCX=ffffffff8b94cb49 RDX=0000000000000000
RSI=ffffffff8de52d29 RDI=ffffffff8c163380 RBP=ffffed1003bd8910 RSP=ffffc90000187df8
R8 =0000000000000001 R9 =ffffed100d4c6655 R10=ffff88806a6332ab R11=0000000000000000
R12=0000000000000002 R13=ffff88801dec4880 R14=ffffffff90ab7590 R15=0000000000000000
RIP=ffffffff8b94b68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d68b2000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3b6e4b CR3=000000010e26c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000060000010 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=00000000f8000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde397db60 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde397dce6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde397dce6 00007ffde397dcec
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12e6e
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12e7b
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12e75
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12e89
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12f0f
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12fed
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8564c0d5 RDI=ffffffff9b118120 RBP=ffffffff9b1180e0 RSP=ffffc90006017160
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000002e R14=ffffffff9b1180e0 R15=ffffffff8564c070
RIP=ffffffff8564c0ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
FS =0000 00007f1001c3a6c0 ffffffff 00c09300 DPL=0 DS   [-WA]
GS =0000 ffff8880d69b2000 ffffffff 00c09300 DPL=0 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000006488a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde397dce6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde397dce6 00007ffde397dcec
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12e6e
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12e7b
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12e75
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12e89
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12f0f
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48c12fed
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48da74a8 00007f8c48da74a0 00007f8c48da7498 00007f8c48da7470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c4990d100 00007f8c48da7460 00007f8c48da0004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c48da74b8 00007f8c48da74b0 00007f8c48da74a8 00007f8c48da74a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000