last executing test programs:

2.479153796s ago: executing program 1 (id=623):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', <r2=>0x0})
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000300)={@ipv4={'\x00', '\xff\xff', @broadcast}, r2}, 0x14)
syz_emit_ethernet(0xfffffffffffffeba, &(0x7f0000000500)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd308", 0x14, 0x6, 0x1, @ipv4={'\x00', '\xff\xff', @remote}, @local, {[@fragment={0x88, 0x0, 0x33, 0x0, 0x0, 0x5, 0x66}], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000100850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = accept4$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000200)=0x14, 0x80800)
recvfrom$packet(r4, &(0x7f0000000240)=""/18, 0x12, 0x2000, &(0x7f0000000280)={0x11, 0x8, r2, 0x1, 0xfe, 0x6, @link_local}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r3}, 0x90)
prctl$PR_SET_THP_DISABLE(0x29, 0x7)
read$midi(0xffffffffffffffff, &(0x7f0000000040)=""/12, 0xc)

2.400152349s ago: executing program 1 (id=624):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000003c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f00000003c0)={0x1})

2.399885145s ago: executing program 1 (id=625):
r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0xa4142, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x57ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x34, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a910e13ada87a16c1ca43f80026d1a8530e04d52853964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}})

2.39968773s ago: executing program 1 (id=626):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x5)
r1 = syz_io_uring_setup(0x2d64, &(0x7f0000000100)={0x0, 0x100577, 0x2, 0x0, 0x42}, &(0x7f0000013000), &(0x7f0000011000))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x2, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0}, 0x20)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000080)=""/237, 0xed, 0x5)
getsockopt$IP_SET_OP_GET_BYINDEX(r0, 0x1, 0x53, &(0x7f0000000000)={0x7, 0x7, 0x1}, &(0x7f00000000c0)=0x28)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000240)="558d7acda0b2", 0x0, 0x0, 0x0, 0x4, 0x0})
ioctl$SG_GET_KEEP_ORPHAN(r3, 0x2288, &(0x7f0000000100))
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
recvmmsg(r4, &(0x7f0000002840), 0x0, 0x2, &(0x7f0000002940)={0x0, 0x989680})
r5 = syz_open_procfs(0x0, &(0x7f0000000340)='net/wireless\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x5}, {0x6}]})
setsockopt$inet_tcp_int(r5, 0x6, 0x8, &(0x7f00000001c0)=0xfa, 0x4)
r6 = syz_open_dev$sg(&(0x7f0000000200), 0x7, 0x406c2)
ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f0000000380)={0x3a, 0x8, 0xdb0b, "9597ae19ad64dec2c90e95b0dbf6592582697bf02b0de2adfe67eefc332b6552256369d9ccfe500894510d9ace247cca7fb632a774a47bdb441d"})
preadv(r5, &(0x7f0000000080)=[{&(0x7f0000000140)=""/115, 0x73}], 0x1, 0x10000, 0x4000004)
r7 = socket$inet6(0xa, 0x806, 0x0)
getsockopt$inet6_int(r7, 0x29, 0xb, 0x0, &(0x7f0000000040))
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0)

1.509970831s ago: executing program 1 (id=632):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000004c0)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x2, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
recvmsg(r0, &(0x7f0000000a40)={0x0, 0x0, 0x0}, 0x102)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffeab, 0x0, 0x0}, &(0x7f0000000000)=0x40)

1.139916332s ago: executing program 0 (id=639):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r3=>r1, {0x5}}, './file0\x00'})
bind$tipc(r3, &(0x7f0000000280)=@id={0x1e, 0x3, 0x1, {0x4e24, 0x3}}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vxcan1\x00'})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

999.862457ms ago: executing program 2 (id=642):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
statx(0xffffffffffffffff, &(0x7f0000000680)='./file1\x00', 0x0, 0x1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000480)={{{@in6=@mcast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@dev}, 0x0, @in=@private}}, &(0x7f00000002c0)=0xe8)
r3 = getgid()
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000580)={{{@in6=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000700)=0xe8)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
fstat(r5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setresuid(0xffffffffffffffff, r6, 0xffffffffffffffff)
getgroups(0x3, &(0x7f00000006c0)=[0xee01, 0xee01, <r7=>0x0])
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000240)={0x0, <r9=>0x0}, &(0x7f0000000280)=0x5)
setuid(r9)
mount$bpf(0x0, &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x4608c, &(0x7f0000000800)=ANY=[@ANYBLOB='mode=00000000000000000000000,gid=', @ANYRESHEX=r1, @ANYBLOB=',uid=', @ANYRESHEX=r2, @ANYBLOB=',gid=', @ANYRESHEX=r3, @ANYBLOB=',uid=', @ANYRESHEX=r4, @ANYBLOB="0412d73f909ac196f4388b1af01dcd2c7569643d", @ANYRESHEX=r6, @ANYBLOB=',gid=', @ANYRESHEX=r7, @ANYBLOB=',audit,measure,fscontext=system_u,fowner<', @ANYRESDEC=r9, @ANYBLOB=',\x00'])
chdir(&(0x7f0000000280)='./file1\x00')
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
sendmmsg$unix(r12, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}}, {{&(0x7f0000000280)=@abs={0x0, 0x0, 0x4e24}, 0x6e, 0x0, 0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="1400000000001100a95ea9040a41968d", @ANYRES32=r11, @ANYBLOB='\x00\x00\x00\x00'], 0x18, 0x20008880}}], 0x2, 0x4c054)
quotactl_fd$Q_SETQUOTA(r10, 0xffffffff80000800, 0xee01, &(0x7f00000000c0)={0x0, 0x1, 0x2000000000a962, 0x2, 0x201, 0x7fff, 0x48cd, 0xfffffffffffffffc, 0x80000001})
r13 = openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.log\x00', 0x1812c1, 0x0)
write$binfmt_script(r13, &(0x7f0000000140)={'#! ', './file1'}, 0xb)
pipe2(&(0x7f0000000200)={0x0, <r14=>0x0}, 0x0)
pipe2(&(0x7f0000000000)={<r15=>0x0, <r16=>0x0}, 0x0)
write$FUSE_INIT(r16, &(0x7f0000003100)={0x50, 0x0, 0x0, {0x7, 0x29, 0x0, 0x24152, 0x0, 0x0, 0x800000, 0x5, 0x0, 0x0, 0x20, 0x1}}, 0x50)
tee(r15, r14, 0x8, 0x4)
fchown(r13, 0xee01, 0x0)
r17 = syz_open_dev$video(&(0x7f0000000040), 0x100000001, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r17, 0xc034564b, &(0x7f0000000140)={0x0, 0x30314752, 0x140, 0xb4})
ioctl$SIOCX25SENDCALLACCPT(r0, 0x89e9)

999.729682ms ago: executing program 2 (id=643):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
creat(0x0, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x36, 0x0, 0x0)
r0 = socket(0x10, 0x2, 0x0)
write(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r5}]}, 0x20}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x64, 0x10, 0x437, 0x1000000, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x30, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x64}}, 0x0)

599.922783ms ago: executing program 1 (id=647):
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_usb_connect$cdc_ecm(0x3, 0x4d, &(0x7f0000001240)=ANY=[@ANYBLOB="12010000020000102505a1a44000010203010902"], 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00')
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000800), 0x20801)
userfaultfd(0x801)
syz_open_dev$sndctrl(&(0x7f0000000240), 0x0, 0x2a8600)
openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000380), 0x2, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x40000012})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x103)
open$dir(&(0x7f0000000100)='./file0\x00', 0x8802, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x201, 0x1, &(0x7f0000000540)=[r2], &(0x7f0000000500)=[0x1], &(0x7f0000000200), &(0x7f0000000580), 0x0, 0x7f})

449.213464ms ago: executing program 2 (id=649):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r3=>r1, {0x5}}, './file0\x00'})
bind$tipc(r3, &(0x7f0000000280)=@id={0x1e, 0x3, 0x1, {0x4e24, 0x3}}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006680)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001600)=@deltfilter={0x24, 0x2d, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x10, 0xf}, {0xd, 0xffe0}, {0xffe0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000814}, 0x8000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

389.71534ms ago: executing program 3 (id=651):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r1, &(0x7f0000001380)=[{0x6, 0x8, 0x0, 0x0, @tick=0x8000000, {0x8}, {}, @note={0x8, 0x8, 0x8, 0xd, 0x5}}, {0x0, 0x0, 0x0, 0x0, @time={0xffff, 0xa5}, {}, {}, @connect={{0x2, 0x3}, {0x3}}}, {0x1, 0x0, 0x0, 0x0, @time={0x2, 0x2}, {0x0, 0x8}, {}, @raw8={"fabb191b2b6f3217a1a86970"}}, {0x0, 0xff, 0x0, 0x0, @time, {}, {}, @connect={{}, {0x0, 0x5}}}], 0x70)
ioctl$CDROMEJECT(r0, 0x5309)

389.090832ms ago: executing program 2 (id=652):
r0 = syz_open_dev$evdev(&(0x7f00000003c0), 0x1, 0x200)
ioctl$EVIOCSABS20(r0, 0x401845e0, 0x0)

319.120556ms ago: executing program 2 (id=653):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000003c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000340))
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, 0x0)

318.888099ms ago: executing program 3 (id=654):
socket(0x10, 0x3, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f0000000000)=0x3, 0x4)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000040)={&(0x7f00006c6000/0x400000)=nil, &(0x7f0000685000/0x4000)=nil, 0x400000, 0x0, 0x18100})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000140)={0x50, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x1}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0xc040}, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x18)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x4, 0x3f, 0x3202, @vifc_lcl_addr=@private=0xa010101, @private=0xa010101}, 0x10)

318.724997ms ago: executing program 2 (id=655):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000004c0)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x2, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
recvmsg(r0, &(0x7f0000000a40)={0x0, 0x0, 0x0}, 0x102)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffeab, 0x0, 0x0}, &(0x7f0000000000)=0x40)

259.678141ms ago: executing program 3 (id=656):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, 0x0)
statfs(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)=""/67)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYRESOCT=r1, @ANYRESHEX=r1, @ANYRESDEC=0x0, @ANYRES16=r1], 0x2c}}, 0x4000001)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='hugetlbfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r3 = memfd_create(&(0x7f0000000ac0)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x00\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<z\xebz\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL!\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xcf;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\xff\xff\xff\xff\xff\xff\xff\xff[M \xea\x03\xfd=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd\xa1`Yb&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"7{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02EL\xffI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\x9b{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x01\x80\x00\x00y\xd2~%\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x00\x00\x00\x00\x00\x00,\xb1|\x0f\"\x1dL\x10\x8e\x17D\xca\x8b\xe5\xca\xc1\xcf\xb2\xdc\xfc\x14+@\xdc\x9fXo\xd7\xc3\x1a\xfeA\xc2\x9a\xce\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfb{\xf5\xdby\x9d;;30\xa7\x94\xfdh)\xa0\"r\xa4\xf4\n\xf7\xb4\xder\xc8\xf2\xa5\xc0\x15\xc5E\xf6\x1dTB\xa2\xa6\xfbN\xb7\xed\xad\x9e\xb6\x87.\xf7=\xd3U\xf0\x1dH\x99\xe6\x97\x92g\xdf\ra\x82\xc7\x00\x92\xdfB\xb2\xac\xf3V\ve\xdd(\x85u\x04\xfcD[\xa4\b\xc8Bt_\x19\xb4\xd9\x97\tD\x8a\xa6\x00', 0x6)
mmap(&(0x7f000060f000/0x2000)=nil, 0x2000, 0x1000006, 0x28011, r3, 0x89894000)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x801b013, r3, 0x0)
r4 = socket$kcm(0x10, 0x0, 0x4)
close(r4)
socket(0x10, 0x3, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000780)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00800020004000200060006000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x40)
pread64(r3, &(0x7f0000019e40)=""/102384, 0x18ff0, 0xf)
ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000e40)={0x6, "d70afb30fae02616090ffe2cd97f878484fdc281c57dd83ada8c1b38b030023b1f9c973f2ebba43b1271c9b1b04008abffd68f7450bacafa3882ecd1e42fec5d5f5d1591c1d5bf515d20b7863cc815e16b8149558e4ff6d60cff9d4bb70529bd7300b32d22b782bed7d75de24040960e805b196c3eebe15fc48f157b4b50b1c46ec1a87b90ed31877a0673643141dc57dbc9c45e5484fa2a80a97df6719d2e767243d3713eb856630396990c811fbf54352f5aae7e0adb78e651717b333c542c6b574af9c57c7eef1a9947798f3408fd03ed7d7979f5848344f5e0c25be91dfd4b37589f66ddc3c84ff2c365483745fd3c592e5fce6b970c6c62876a7131954fb68641dbfa633976370019584e4899de17c89db1260ebfe6a0c3b5d1873152a573de23830f5b71a3975e71d56a9b7d8e7728deffe6ceda27f35f3689628d664009c0fa772a9139e790e9fd9859b3cabad33d4df471d71f5f39385dc623990f19fedc7022a10239c8330adbc841ad8cb9b885579999ee80f3c28de525a9e9ed34fdb333d0bb23a8b2e507b8609ccd5ef3471b28263638a0c7341d1efa72c0e83cbf9090f47fb6e6db52020016285cbe9d2c23f89a0a7f42c9a4f6185045dd3c3cb755a083397f73b4f536d41be8d4b168cb3e843c53c02d906f870e5aa92bbedcc22327d66a62cb51fc7e08a6f76d00f5c655e8dff78b5d3fcb31124434750998"})
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000300)="d85edcc2f8a904f239e700b51848d9b2fe0bac71004be8d1f6c0da374c50", &(0x7f0000000340)="40f1f0b8575c98bab61f1d3c93e88307567bcb6d25a564807fabafe88a5be2eca6ba010bb84347c77b3664fee4536c5328133da2e2ea9154f97653fd4d79400eb3392826a087927a73615e73a3ffa6bc2fc9e20cad98811ee076b0a8ee1b585b4405ccd2996722d8dff8bfadd560339b6a37cdcaf1f99540d1a4a29e8ac0e9cfce5e307d62d929efe93ae4730305b6aaa360a1ffa04ba94ae774fa1c52c05e9dc3e9"}}, &(0x7f0000bbdffc))
ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000080)=r5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket(0x2b, 0x1, 0x1)
setsockopt$inet6_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_LOG_FD(r8, 0x8008af26, &(0x7f0000000240))
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x4e21, 0x561, @remote, 0xd}, 0x1c)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x1)

259.547929ms ago: executing program 3 (id=657):
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x8, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xe861}]}, 0x1c}, 0x1, 0x0, 0x0, 0x820}, 0x4444)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x40)
sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, 0x0, 0x8011)
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x16)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
open(&(0x7f00000008c0)='./file0\x00', 0x60880, 0x80)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r1, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x28, 0xc, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x9000000, 0x0, 0x20000010}, 0x4000)
munmap(&(0x7f0000ff9000/0x2000)=nil, 0x2000)

198.350542ms ago: executing program 0 (id=658):
r0 = fsopen(&(0x7f00000003c0)='tracefs\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000003c0), 0x40, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000100)='./file0\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x0)
close_range(r0, 0xffffffffffffffff, 0x2000000)

149.905292ms ago: executing program 0 (id=659):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"}) (async)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x10000, 0x0, 0x0, 0xeffffdff, 0x0, [{0x2, 0x0, 0xfc, '\x00', 0xff}, {0x0, 0x9, 0x80, '\x00', 0x7c}, {0xfc, 0x12, 0x4, '\x00', 0xb9}, {0x11, 0xb}, {}, {0x0, 0x0, 0x4, '\x00', 0x2}, {0xfd, 0x0, 0x6}, {}, {0x0, 0x8f, 0xf7, '\x00', 0xfc}, {0xa8, 0x6, 0x0, '\x00', 0x7}, {0xb}, {0x5, 0x99, 0x2, '\x00', 0xff}, {0x0, 0x0, 0x2, '\x00', 0x3}, {0x2, 0x0, 0x6}, {0xc3, 0x0, 0x0, '\x00', 0x49}, {0x0, 0x21, 0x80, '\x00', 0x5}, {0x3}, {0x0, 0x2, 0x6, '\x00', 0x10}, {0x48, 0x0, 0xd}, {0x0, 0x80}, {0x0, 0x2, 0x0, '\x00', 0x37}, {0xfd, 0x9, 0x0, '\x00', 0x5}, {0x0, 0x2, 0x9}, {0x80, 0xff, 0x3, '\x00', 0x7}]}})

149.748021ms ago: executing program 3 (id=660):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0xa4142, 0x0)
r1 = syz_open_dev$loop(0x0, 0x57ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x34, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a910e13ada87a16c1ca43f80026d1a8530e04d52853964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}})

149.595078ms ago: executing program 3 (id=661):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYRES8], 0x30}, 0x1, 0x0, 0x0, 0x2000c045}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x7, 0x20, 0x7f, '\x00', 0x8001})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

141.491µs ago: executing program 0 (id=662):
r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000380)={0x0, 0x6, 0x0, 0x4})

62.572µs ago: executing program 0 (id=663):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00655810008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x80)

0s ago: executing program 0 (id=664):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000003c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000340))
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, 0x0)

kernel console output (not intermixed with test programs):

e B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.745463][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.747506][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.775710][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.798738][ T5943] veth0_vlan: entered promiscuous mode
[   47.804937][ T5943] veth1_vlan: entered promiscuous mode
[   47.819050][ T5943] veth0_macvtap: entered promiscuous mode
[   47.822616][ T5943] veth1_macvtap: entered promiscuous mode
[   47.839476][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.845463][ T5956] Bluetooth: hci0: command tx timeout
[   47.845486][   T67] Bluetooth: hci3: command tx timeout
[   47.847262][ T5956] Bluetooth: hci1: command tx timeout
[   47.847943][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.850952][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.858753][ T5943] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.861252][ T5943] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.863762][ T5943] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.866351][ T5943] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.904885][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.910733][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.919256][ T5942] veth0_vlan: entered promiscuous mode
[   47.927864][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.930253][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.933895][ T5956] Bluetooth: hci2: command tx timeout
[   47.948740][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.950057][ T5942] veth1_vlan: entered promiscuous mode
[   47.950949][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.988132][ T5942] veth0_macvtap: entered promiscuous mode
[   47.995304][ T5945] veth0_vlan: entered promiscuous mode
[   47.998411][ T5942] veth1_macvtap: entered promiscuous mode
[   48.001951][ T5944] veth0_vlan: entered promiscuous mode
[   48.002976][ T5943] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.009945][ T5945] veth1_vlan: entered promiscuous mode
[   48.020274][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.025016][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.028223][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.030282][ T5944] veth1_vlan: entered promiscuous mode
[   48.040174][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.042718][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.046419][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.058440][ T5942] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.060929][ T5942] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.063358][ T5942] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.066610][ T5942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.070038][ T5945] veth0_macvtap: entered promiscuous mode
[   48.077553][ T5944] veth0_macvtap: entered promiscuous mode
[   48.080163][ T5945] veth1_macvtap: entered promiscuous mode
[   48.088038][ T5944] veth1_macvtap: entered promiscuous mode
[   48.098542][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.101303][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.104465][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.107067][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.110327][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.116442][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.119518][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.122230][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.127106][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.129825][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.132685][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.136372][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.138768][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.141360][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.143818][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.146428][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.150382][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.157041][ T5945] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.159599][ T5945] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.161990][ T5945] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.164782][ T5945] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.173260][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.176275][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.178692][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.181403][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.184138][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.186761][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.190215][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.200867][ T5944] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.203066][ T5944] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.205558][ T5944] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.207716][ T5944] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.211680][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.214028][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.217525][ T6008] kvm: kvm [6007]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   48.221282][ T6008] kvm: kvm [6007]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   48.240413][ T6008] kvm: kvm [6007]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[   48.246065][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.248473][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.260313][ T6008] kvm: kvm [6007]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[   48.263440][ T6008] kvm: kvm [6007]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[   48.265750][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.270069][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.286976][ T1156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.289187][ T1156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.313971][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.316310][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.323028][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.327839][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.399548][ T6021] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3'.
[   48.401907][ T6021] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3'.
[   48.512732][ T6027] netlink: 'syz.2.5': attribute type 39 has an invalid length.
[   48.850408][ T6034] kvm: kvm [6033]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   48.872253][ T6034] kvm: kvm [6033]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[   49.361648][ T6048] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   49.924479][ T5956] Bluetooth: hci1: command tx timeout
[   49.924514][ T5957] Bluetooth: hci3: command tx timeout
[   49.924586][   T67] Bluetooth: hci0: command tx timeout
[   50.003866][ T5957] Bluetooth: hci2: command tx timeout
[   50.353605][ T6012] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   50.503559][ T6012] usb 7-1: Using ep0 maxpacket: 16
[   50.509568][ T6012] usb 7-1: config 0 has no interfaces?
[   50.512831][ T6012] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   50.515810][ T6012] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   50.518128][ T6012] usb 7-1: Product: syz
[   50.519384][ T6012] usb 7-1: Manufacturer: syz
[   50.520740][ T6012] usb 7-1: SerialNumber: syz
[   50.525866][ T6012] usb 7-1: config 0 descriptor??
[   50.636658][   T40] kauditd_printk_skb: 53 callbacks suppressed
[   50.636668][   T40] audit: type=1400 audit(1743499802.649:168): avc:  denied  { read } for  pid=6069 comm="syz.0.16" dev="nsfs" ino=4026532973 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   50.644104][   T40] audit: type=1400 audit(1743499802.649:169): avc:  denied  { open } for  pid=6069 comm="syz.0.16" path="net:[4026532973]" dev="nsfs" ino=4026532973 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   50.645301][ T6072] Zero length message leads to an empty skb
[   50.653362][   T40] audit: type=1400 audit(1743499802.659:170): avc:  denied  { ioctl } for  pid=6071 comm="syz.1.17" path="socket:[7968]" dev="sockfs" ino=7968 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   50.731058][   T40] audit: type=1400 audit(1743499802.739:171): avc:  denied  { read write } for  pid=6059 comm="syz.2.13" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   50.737896][   T40] audit: type=1400 audit(1743499802.739:172): avc:  denied  { open } for  pid=6059 comm="syz.2.13" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   50.739300][ T1466] usb 7-1: USB disconnect, device number 2
[   50.744115][   T40] audit: type=1400 audit(1743499802.739:173): avc:  denied  { create } for  pid=6059 comm="syz.2.13" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   50.751152][   T40] audit: type=1400 audit(1743499802.739:174): avc:  denied  { read } for  pid=6059 comm="syz.2.13" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   50.757106][   T40] audit: type=1400 audit(1743499802.739:175): avc:  denied  { open } for  pid=6059 comm="syz.2.13" path="/dev/dri/card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   50.763055][   T40] audit: type=1400 audit(1743499802.739:176): avc:  denied  { ioctl } for  pid=6059 comm="syz.2.13" path="/dev/dri/card2" dev="devtmpfs" ino=639 ioctlcmd=0x640d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   50.873592][ T6012] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   51.009786][   T40] audit: type=1400 audit(1743499803.019:177): avc:  denied  { mounton } for  pid=6078 comm="syz.1.19" path="/6/bus" dev="tmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   51.010454][ T6079] No source specified
[   51.022108][ T6079] NILFS (nbd1): device size too small
[   51.024126][ T6012] usb 5-1: Using ep0 maxpacket: 8
[   51.026543][ T6079] trusted_key: encrypted_key: insufficient parameters specified
[   51.029911][ T6012] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   51.032966][ T6012] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   51.035508][ T6012] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.038666][ T6012] usb 5-1: config 0 descriptor??
[   51.448768][ T6012] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   51.454051][ T6012] usb 5-1: USB disconnect, device number 2
[   51.863251][ T6108] No source specified
[   51.865952][ T6108] NILFS (nbd2): device size too small
[   51.867993][ T6108] trusted_key: encrypted_key: insufficient parameters specified
[   52.004369][ T5957] Bluetooth: hci3: command tx timeout
[   52.005554][ T5956] Bluetooth: hci0: command tx timeout
[   52.005591][   T67] Bluetooth: hci1: command tx timeout
[   52.093725][ T5956] Bluetooth: hci2: command tx timeout
[   52.207517][ T6114] kvm: kvm [6113]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   52.227634][ T6114] kvm: kvm [6113]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[   52.433613][ T1466] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   52.593588][ T1466] usb 5-1: Using ep0 maxpacket: 16
[   52.596666][ T1466] usb 5-1: config 0 has no interfaces?
[   52.599664][ T1466] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   52.602124][ T1466] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   52.604636][ T1466] usb 5-1: Product: syz
[   52.606048][ T1466] usb 5-1: Manufacturer: syz
[   52.607521][ T1466] usb 5-1: SerialNumber: syz
[   52.611051][ T1466] usb 5-1: config 0 descriptor??
[   52.821335][ T1466] usb 5-1: USB disconnect, device number 3
[   52.904859][ T6142] No source specified
[   52.909361][ T6142] NILFS (nbd2): device size too small
[   52.914997][ T6142] trusted_key: encrypted_key: insufficient parameters specified
[   53.401484][ T6164] netlink: 'syz.3.43': attribute type 39 has an invalid length.
[   53.798459][ T6172] No source specified
[   53.801285][ T6172] NILFS (nbd0): device size too small
[   53.805983][ T6172] trusted_key: encrypted_key: insufficient parameters specified
[   54.084124][ T5956] Bluetooth: hci3: command tx timeout
[   54.084472][ T5957] Bluetooth: hci1: command tx timeout
[   54.085321][   T67] Bluetooth: hci0: command tx timeout
[   54.099104][ T6189] netlink: 8 bytes leftover after parsing attributes in process `syz.1.52'.
[   54.101540][ T6189] netlink: 20 bytes leftover after parsing attributes in process `syz.1.52'.
[   54.173723][ T5957] Bluetooth: hci2: command tx timeout
[   54.205360][ T6198] No source specified
[   54.208684][ T6198] NILFS (nbd3): device size too small
[   54.221305][ T6198] trusted_key: encrypted_key: insufficient parameters specified
[   54.353801][ T6012] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   54.523597][ T6012] usb 7-1: Using ep0 maxpacket: 16
[   54.527054][ T6012] usb 7-1: config 0 has no interfaces?
[   54.530120][ T6012] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   54.532530][ T6012] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   54.535023][ T6012] usb 7-1: Product: syz
[   54.536195][ T6012] usb 7-1: Manufacturer: syz
[   54.537459][ T6012] usb 7-1: SerialNumber: syz
[   54.540473][ T6012] usb 7-1: config 0 descriptor??
[   54.749734][ T6012] usb 7-1: USB disconnect, device number 3
[   55.166770][ T6226] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.233627][ T6230] No source specified
[   55.236367][ T6230] NILFS (nbd1): device size too small
[   55.238608][ T6230] trusted_key: encrypted_key: insufficient parameters specified
[   55.269425][ T6232] FAULT_INJECTION: forcing a failure.
[   55.269425][ T6232] name failslab, interval 1, probability 0, space 0, times 1
[   55.270681][ T6226] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.273111][ T6232] CPU: 2 UID: 0 PID: 6232 Comm: syz.1.66 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   55.273125][ T6232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   55.273131][ T6232] Call Trace:
[   55.273135][ T6232]  <TASK>
[   55.273139][ T6232]  dump_stack_lvl+0x16c/0x1f0
[   55.273169][ T6232]  should_fail_ex+0x512/0x640
[   55.273189][ T6232]  ? fs_reclaim_acquire+0xae/0x150
[   55.273202][ T6232]  ? bio_kmalloc+0x41/0x70
[   55.273217][ T6232]  should_failslab+0xc2/0x120
[   55.273226][ T6232]  __kmalloc_noprof+0xd2/0x510
[   55.273240][ T6232]  ? __pfx___debug_object_init+0x10/0x10
[   55.273252][ T6232]  ? __pfx_blk_mq_alloc_request+0x10/0x10
[   55.273265][ T6232]  bio_kmalloc+0x41/0x70
[   55.273279][ T6232]  blk_rq_map_kern+0x39a/0x710
[   55.273292][ T6232]  scsi_execute_cmd+0xc14/0xf40
[   55.273310][ T6232]  ? __pfx_scsi_execute_cmd+0x10/0x10
[   55.273321][ T6232]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.273335][ T6232]  sr_check_events+0x1f1/0xad0
[   55.273347][ T6232]  ? find_held_lock+0x2b/0x80
[   55.273360][ T6232]  ? __pfx_sr_check_events+0x10/0x10
[   55.273369][ T6232]  ? avc_has_extended_perms+0x33a/0x1090
[   55.273389][ T6232]  ? __lock_acquire+0xaa4/0x1ba0
[   55.273401][ T6232]  cdrom_ioctl_media_changed+0x2ab/0x480
[   55.273413][ T6232]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   55.273425][ T6232]  cdrom_ioctl+0x307/0x3190
[   55.273436][ T6232]  ? __pfx_cdrom_ioctl+0x10/0x10
[   55.273446][ T6232]  ? rpm_resume+0x80c/0x1310
[   55.273456][ T6232]  ? rcu_is_watching+0x12/0xc0
[   55.273468][ T6232]  ? rpm_resume+0x80c/0x1310
[   55.273477][ T6232]  ? trace_rpm_return_int+0x196/0x220
[   55.273501][ T6232]  ? rpm_resume+0x811/0x1310
[   55.273514][ T6232]  ? __pfx_rpm_resume+0x10/0x10
[   55.273522][ T6232]  ? do_raw_spin_lock+0x12c/0x2b0
[   55.273534][ T6232]  ? find_held_lock+0x2b/0x80
[   55.273547][ T6232]  ? mark_held_locks+0x49/0x80
[   55.273556][ T6232]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   55.273571][ T6232]  ? lockdep_hardirqs_on+0x7c/0x110
[   55.273586][ T6232]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[   55.273601][ T6232]  ? __pm_runtime_resume+0xc3/0x170
[   55.273613][ T6232]  sr_block_ioctl+0x1b0/0x250
[   55.273623][ T6232]  ? __pfx_sr_block_ioctl+0x10/0x10
[   55.273634][ T6232]  blkdev_ioctl+0x274/0x6d0
[   55.273645][ T6232]  ? __pfx_blkdev_ioctl+0x10/0x10
[   55.273655][ T6232]  ? selinux_file_ioctl+0x180/0x270
[   55.273667][ T6232]  ? selinux_file_ioctl+0xb4/0x270
[   55.273679][ T6232]  ? __pfx_blkdev_ioctl+0x10/0x10
[   55.273691][ T6232]  __x64_sys_ioctl+0x190/0x200
[   55.273704][ T6232]  do_syscall_64+0xcd/0x260
[   55.273714][ T6232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.273724][ T6232] RIP: 0033:0x7faab218d169
[   55.273732][ T6232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.273741][ T6232] RSP: 002b:00007faab2f36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   55.273751][ T6232] RAX: ffffffffffffffda RBX: 00007faab23a5fa0 RCX: 00007faab218d169
[   55.273757][ T6232] RDX: 0000200000000000 RSI: 0000000000005396 RDI: 0000000000000003
[   55.273763][ T6232] RBP: 00007faab2f36090 R08: 0000000000000000 R09: 0000000000000000
[   55.273768][ T6232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.273774][ T6232] R13: 0000000000000000 R14: 00007faab23a5fa0 R15: 00007ffe1afcee78
[   55.273786][ T6232]  </TASK>
[   55.379573][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.407048][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.429539][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.446019][ T6226] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.456797][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.480007][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.506351][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.530894][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.535254][ T6226] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.554588][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.578750][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.609615][ T6233] kvm: kvm [6227]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   55.629138][ T6226] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.636545][ T6226] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.643074][ T6226] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.653292][ T6226] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.966802][ T6259] No source specified
[   55.969120][ T6259] NILFS (nbd2): device size too small
[   55.981718][   T40] kauditd_printk_skb: 11 callbacks suppressed
[   55.981727][   T40] audit: type=1400 audit(1743499807.989:189): avc:  denied  { create } for  pid=6256 comm="syz.0.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   55.989154][   T40] audit: type=1400 audit(1743499807.999:190): avc:  denied  { setopt } for  pid=6256 comm="syz.0.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   56.006839][ T6257] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   56.011270][ T6259] trusted_key: encrypted_key: insufficient parameters specified
[   56.063630][   T40] audit: type=1400 audit(1743499808.069:191): avc:  denied  { ioctl } for  pid=6256 comm="syz.0.73" path="socket:[10734]" dev="sockfs" ino=10734 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   56.073434][   T40] audit: type=1400 audit(1743499808.079:192): avc:  denied  { bind } for  pid=6256 comm="syz.0.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   56.313569][ T5952] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   56.433575][   T29] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   56.494926][ T5952] usb 5-1: Using ep0 maxpacket: 8
[   56.497784][ T5952] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   56.500540][ T5952] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   56.503108][ T5952] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   56.506044][ T5952] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   56.509779][ T5952] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   56.512292][ T5952] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.603542][   T29] usb 8-1: Using ep0 maxpacket: 16
[   56.607122][   T29] usb 8-1: config 0 has no interfaces?
[   56.610258][   T29] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   56.612864][   T29] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   56.615299][   T29] usb 8-1: Product: syz
[   56.616540][   T29] usb 8-1: Manufacturer: syz
[   56.617904][   T29] usb 8-1: SerialNumber: syz
[   56.621149][   T29] usb 8-1: config 0 descriptor??
[   56.717664][ T5952] usb 5-1: GET_CAPABILITIES returned 0
[   56.719638][ T5952] usbtmc 5-1:16.0: can't read capabilities
[   56.831824][ T5952] usb 8-1: USB disconnect, device number 2
[   56.919403][   T40] audit: type=1400 audit(1743499808.929:193): avc:  denied  { write } for  pid=6256 comm="syz.0.73" name="usbtmc0" dev="devtmpfs" ino=2793 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   56.920952][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.932807][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.935997][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.938733][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.941160][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.943560][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.945988][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.950077][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.953262][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.956329][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.959404][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.962634][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.966778][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.970002][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.972478][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.975094][    C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   56.982472][   T40] audit: type=1400 audit(1743499808.989:194): avc:  denied  { ioctl } for  pid=6256 comm="syz.0.73" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=13626 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   57.400447][ T6293] No source specified
[   57.404721][ T6293] NILFS (nbd3): device size too small
[   57.408714][ T6293] trusted_key: encrypted_key: insufficient parameters specified
[   58.020879][   T40] audit: type=1400 audit(1743499810.029:195): avc:  denied  { create } for  pid=6314 comm="syz.2.89" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   58.027557][   T40] audit: type=1400 audit(1743499810.029:196): avc:  denied  { ioctl } for  pid=6314 comm="syz.2.89" path="socket:[13659]" dev="sockfs" ino=13659 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   58.028128][ T6316] process 'syz.2.89' launched '/dev/fd/12' with NULL argv: empty string added
[   58.035852][   T40] audit: type=1400 audit(1743499810.029:197): avc:  denied  { write } for  pid=6314 comm="syz.2.89" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   58.043401][   T40] audit: type=1400 audit(1743499810.029:198): avc:  denied  { map_read map_write } for  pid=6314 comm="syz.2.89" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   58.378475][ T6324] No source specified
[   58.382135][ T6324] NILFS (nbd3): device size too small
[   58.385538][ T6324] trusted_key: encrypted_key: insufficient parameters specified
[   58.473762][ T5983] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   58.623558][ T5983] usb 7-1: Using ep0 maxpacket: 16
[   58.626321][ T5983] usb 7-1: config 0 has no interfaces?
[   58.630360][ T5983] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   58.634138][ T5983] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   58.636533][ T5983] usb 7-1: Product: syz
[   58.637722][ T5983] usb 7-1: Manufacturer: syz
[   58.639040][ T5983] usb 7-1: SerialNumber: syz
[   58.641493][ T5983] usb 7-1: config 0 descriptor??
[   58.852850][ T5992] usb 7-1: USB disconnect, device number 4
[   58.977618][ T5983] usb 5-1: USB disconnect, device number 4
[   59.045253][ T6352] No source specified
[   59.047827][ T6352] NILFS (nbd0): device size too small
[   59.050724][ T6352] trusted_key: encrypted_key: insufficient parameters specified
[   59.965394][ T6385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.110'.
[   60.002409][ T6391] No source specified
[   60.006428][ T6391] NILFS (nbd1): device size too small
[   60.013160][ T6391] trusted_key: encrypted_key: insufficient parameters specified
[   60.157014][ T6402] FAULT_INJECTION: forcing a failure.
[   60.157014][ T6402] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   60.161932][ T6402] CPU: 0 UID: 0 PID: 6402 Comm: syz.1.116 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   60.161954][ T6402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   60.161964][ T6402] Call Trace:
[   60.161970][ T6402]  <TASK>
[   60.161977][ T6402]  dump_stack_lvl+0x16c/0x1f0
[   60.162037][ T6402]  should_fail_ex+0x512/0x640
[   60.162077][ T6402]  _copy_from_user+0x2e/0xd0
[   60.162103][ T6402]  copy_msghdr_from_user+0x98/0x160
[   60.162130][ T6402]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   60.162169][ T6402]  ___sys_sendmsg+0xfe/0x1d0
[   60.162192][ T6402]  ? __pfx____sys_sendmsg+0x10/0x10
[   60.162242][ T6402]  __sys_sendmsg+0x16d/0x220
[   60.162265][ T6402]  ? __pfx___sys_sendmsg+0x10/0x10
[   60.162295][ T6402]  ? rcu_is_watching+0x12/0xc0
[   60.162322][ T6402]  do_syscall_64+0xcd/0x260
[   60.162341][ T6402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.162356][ T6402] RIP: 0033:0x7faab218d169
[   60.162370][ T6402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.162385][ T6402] RSP: 002b:00007faab2f36038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.162401][ T6402] RAX: ffffffffffffffda RBX: 00007faab23a5fa0 RCX: 00007faab218d169
[   60.162410][ T6402] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000003
[   60.162420][ T6402] RBP: 00007faab2f36090 R08: 0000000000000000 R09: 0000000000000000
[   60.162429][ T6402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.162437][ T6402] R13: 0000000000000000 R14: 00007faab23a5fa0 R15: 00007ffe1afcee78
[   60.162459][ T6402]  </TASK>
[   60.293631][   T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   60.473570][   T10] usb 8-1: Using ep0 maxpacket: 16
[   60.476962][   T10] usb 8-1: config 0 has no interfaces?
[   60.481145][   T10] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   60.486343][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   60.489471][   T10] usb 8-1: Product: syz
[   60.491030][   T10] usb 8-1: Manufacturer: syz
[   60.492829][   T10] usb 8-1: SerialNumber: syz
[   60.500423][   T10] usb 8-1: config 0 descriptor??
[   60.711823][ T5992] usb 8-1: USB disconnect, device number 3
[   60.985905][ T6425] No source specified
[   60.989279][ T6425] NILFS (nbd0): device size too small
[   60.991897][ T6425] trusted_key: encrypted_key: insufficient parameters specified
[   61.028407][ T6429] netlink: 8 bytes leftover after parsing attributes in process `syz.0.125'.
[   61.055990][ T6432] trusted_key: syz.1.126 sent an empty control message without MSG_MORE.
[   61.303531][   T40] kauditd_printk_skb: 9 callbacks suppressed
[   61.303542][   T40] audit: type=1400 audit(1743499813.309:208): avc:  denied  { name_bind } for  pid=6449 comm="syz.1.132" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   61.311245][   T40] audit: type=1400 audit(1743499813.309:209): avc:  denied  { node_bind } for  pid=6449 comm="syz.1.132" saddr=172.20.20.170 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   61.476947][ T6459] No source specified
[   61.479539][ T6459] NILFS (nbd2): device size too small
[   61.481562][ T6459] trusted_key: encrypted_key: insufficient parameters specified
[   62.413581][ T1327] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   62.470203][ T6488] No source specified
[   62.472491][ T6488] NILFS (nbd3): device size too small
[   62.506502][ T6488] trusted_key: encrypted_key: insufficient parameters specified
[   62.573632][ T1327] usb 6-1: Using ep0 maxpacket: 16
[   62.576482][ T1327] usb 6-1: config 0 has no interfaces?
[   62.580128][ T1327] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   62.582521][ T1327] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   62.585549][ T1327] usb 6-1: Product: syz
[   62.586656][ T1327] usb 6-1: Manufacturer: syz
[   62.587930][ T1327] usb 6-1: SerialNumber: syz
[   62.590432][ T1327] usb 6-1: config 0 descriptor??
[   62.798407][ T5992] usb 6-1: USB disconnect, device number 2
[   62.845715][ T6507] x_tables: duplicate underflow at hook 2
[   62.900659][   T40] audit: type=1400 audit(1743499814.909:210): avc:  denied  { allowed } for  pid=6505 comm="syz.3.148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   62.907065][   T40] audit: type=1400 audit(1743499814.919:211): avc:  denied  { map } for  pid=6505 comm="syz.3.148" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=17410 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   62.914723][   T40] audit: type=1400 audit(1743499814.919:212): avc:  denied  { read write } for  pid=6505 comm="syz.3.148" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=17410 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   63.614913][ T6524] No source specified
[   63.617804][ T6524] NILFS (nbd1): device size too small
[   63.621450][ T6524] trusted_key: encrypted_key: insufficient parameters specified
[   64.080834][ T6543] kvm_pr_unimpl_wrmsr: 94 callbacks suppressed
[   64.080849][ T6543] kvm: kvm [6542]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x82
[   64.085728][ T6543] kvm: kvm [6542]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4082
[   64.088478][ T6543] kvm: kvm [6542]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   64.107569][ T6543] kvm: kvm [6542]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x80004000
[   64.110172][ T6543] kvm: kvm [6542]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x80000000
[   64.130658][ T6543] kvm: kvm [6542]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[   64.133671][ T6543] kvm: kvm [6542]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[   64.233618][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   64.329744][ T6553] netlink: 696 bytes leftover after parsing attributes in process `syz.2.162'.
[   64.345115][   T40] audit: type=1400 audit(1743499816.359:213): avc:  denied  { unmount } for  pid=5944 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   64.366777][ T6556] No source specified
[   64.369264][ T6556] NILFS (nbd2): device size too small
[   64.371688][ T6556] trusted_key: encrypted_key: insufficient parameters specified
[   64.383681][   T10] usb 5-1: Using ep0 maxpacket: 16
[   64.386778][   T10] usb 5-1: config 0 has no interfaces?
[   64.390392][   T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   64.402926][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   64.405465][   T10] usb 5-1: Product: syz
[   64.406703][   T10] usb 5-1: Manufacturer: syz
[   64.408061][   T10] usb 5-1: SerialNumber: syz
[   64.410841][   T10] usb 5-1: config 0 descriptor??
[   64.626116][  T835] usb 5-1: USB disconnect, device number 5
[   65.365804][ T6584] netlink: 'syz.0.172': attribute type 1 has an invalid length.
[   65.368887][ T6584] netlink: 224 bytes leftover after parsing attributes in process `syz.0.172'.
[   65.398468][ T6586] No source specified
[   65.401104][ T6586] NILFS (nbd0): device size too small
[   65.403054][ T6586] trusted_key: encrypted_key: insufficient parameters specified
[   66.003587][   T10] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   66.153609][   T10] usb 6-1: Using ep0 maxpacket: 16
[   66.159826][   T10] usb 6-1: config 0 has no interfaces?
[   66.163059][   T10] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   66.166259][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   66.169054][   T10] usb 6-1: Product: syz
[   66.170519][   T10] usb 6-1: Manufacturer: syz
[   66.175652][   T10] usb 6-1: SerialNumber: syz
[   66.180227][   T10] usb 6-1: config 0 descriptor??
[   66.392265][   T10] usb 6-1: USB disconnect, device number 3
[   66.653678][ T6617] No source specified
[   66.656530][ T6617] NILFS (nbd2): device size too small
[   66.658879][ T6617] trusted_key: encrypted_key: insufficient parameters specified
[   66.664489][   T40] audit: type=1400 audit(1743499818.679:214): avc:  denied  { rename } for  pid=5335 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   66.670715][   T40] audit: type=1400 audit(1743499818.679:215): avc:  denied  { unlink } for  pid=5335 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   66.677470][   T40] audit: type=1400 audit(1743499818.679:216): avc:  denied  { create } for  pid=5335 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   66.737900][   T40] audit: type=1400 audit(1743499818.749:217): avc:  denied  { read } for  pid=6624 comm="syz.3.187" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   66.744721][ T6626] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[   66.745392][   T40] audit: type=1400 audit(1743499818.749:218): avc:  denied  { open } for  pid=6624 comm="syz.3.187" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   66.746696][ T6626] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   66.757014][ T6626] vhci_hcd vhci_hcd.0: Device attached
[   66.761991][   T40] audit: type=1400 audit(1743499818.769:219): avc:  denied  { create } for  pid=6624 comm="syz.3.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   66.767630][   T40] audit: type=1400 audit(1743499818.769:220): avc:  denied  { getopt } for  pid=6624 comm="syz.3.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   66.773218][   T40] audit: type=1400 audit(1743499818.769:221): avc:  denied  { create } for  pid=6624 comm="syz.3.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   66.775761][ T6627] vhci_hcd: connection closed
[   66.780705][   T13] vhci_hcd: stop threads
[   66.783938][   T13] vhci_hcd: release socket
[   66.785519][   T13] vhci_hcd: disconnect device
[   66.921580][   T40] audit: type=1400 audit(1743499818.929:222): avc:  denied  { read } for  pid=6636 comm="syz.1.190" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   66.928258][   T40] audit: type=1400 audit(1743499818.929:223): avc:  denied  { open } for  pid=6636 comm="syz.1.190" path="/dev/ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   66.985797][ T6645] FAULT_INJECTION: forcing a failure.
[   66.985797][ T6645] name failslab, interval 1, probability 0, space 0, times 0
[   66.989166][ T6645] CPU: 1 UID: 0 PID: 6645 Comm: syz.2.193 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   66.989180][ T6645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   66.989186][ T6645] Call Trace:
[   66.989190][ T6645]  <TASK>
[   66.989194][ T6645]  dump_stack_lvl+0x16c/0x1f0
[   66.989223][ T6645]  should_fail_ex+0x512/0x640
[   66.989242][ T6645]  ? fs_reclaim_acquire+0xae/0x150
[   66.989255][ T6645]  ? tomoyo_encode2+0x100/0x3e0
[   66.989266][ T6645]  should_failslab+0xc2/0x120
[   66.989276][ T6645]  __kmalloc_noprof+0xd2/0x510
[   66.989290][ T6645]  ? d_absolute_path+0x136/0x1a0
[   66.989303][ T6645]  tomoyo_encode2+0x100/0x3e0
[   66.989315][ T6645]  tomoyo_encode+0x29/0x50
[   66.989325][ T6645]  tomoyo_realpath_from_path+0x18f/0x6e0
[   66.989339][ T6645]  tomoyo_path_number_perm+0x245/0x580
[   66.989354][ T6645]  ? tomoyo_path_number_perm+0x237/0x580
[   66.989371][ T6645]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   66.989387][ T6645]  ? find_held_lock+0x2b/0x80
[   66.989410][ T6645]  ? find_held_lock+0x2b/0x80
[   66.989422][ T6645]  ? hook_file_ioctl_common+0x145/0x410
[   66.989438][ T6645]  ? __fget_files+0x20e/0x3c0
[   66.989454][ T6645]  security_file_ioctl+0x9b/0x240
[   66.989466][ T6645]  __x64_sys_ioctl+0xb7/0x200
[   66.989478][ T6645]  do_syscall_64+0xcd/0x260
[   66.989489][ T6645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.989499][ T6645] RIP: 0033:0x7f4a7138d169
[   66.989507][ T6645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.989516][ T6645] RSP: 002b:00007f4a7210d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   66.989526][ T6645] RAX: ffffffffffffffda RBX: 00007f4a715a5fa0 RCX: 00007f4a7138d169
[   66.989532][ T6645] RDX: 00002000000000c0 RSI: 0000000043403d05 RDI: 0000000000000004
[   66.989538][ T6645] RBP: 00007f4a7210d090 R08: 0000000000000000 R09: 0000000000000000
[   66.989543][ T6645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.989549][ T6645] R13: 0000000000000000 R14: 00007f4a715a5fa0 R15: 00007ffc1d5695c8
[   66.989561][ T6645]  </TASK>
[   66.989570][ T6645] ERROR: Out of memory at tomoyo_realpath_from_path.
[   67.091117][ T6650] No source specified
[   67.093909][ T6650] NILFS (nbd2): device size too small
[   67.098274][ T6650] trusted_key: encrypted_key: insufficient parameters specified
[   67.134810][ T6652] FAULT_INJECTION: forcing a failure.
[   67.134810][ T6652] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   67.138885][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.2.195 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   67.138900][ T6652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.138906][ T6652] Call Trace:
[   67.138911][ T6652]  <TASK>
[   67.138915][ T6652]  dump_stack_lvl+0x16c/0x1f0
[   67.138929][ T6652]  should_fail_ex+0x512/0x640
[   67.138946][ T6652]  should_fail_alloc_page+0xe7/0x130
[   67.138965][ T6652]  prepare_alloc_pages+0x3c2/0x610
[   67.138978][ T6652]  ? rcu_is_watching+0x12/0xc0
[   67.138993][ T6652]  __alloc_frozen_pages_noprof+0x18f/0x2370
[   67.139010][ T6652]  ? kasan_save_stack+0x33/0x60
[   67.139025][ T6652]  ? kasan_save_track+0x14/0x30
[   67.139039][ T6652]  ? __kasan_kmalloc+0xaa/0xb0
[   67.139053][ T6652]  ? __kvmalloc_node_noprof+0x279/0x600
[   67.139067][ T6652]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[   67.139079][ T6652]  ? mmu_topup_memory_caches+0xbc/0x170
[   67.139089][ T6652]  ? kvm_mmu_load+0xd9/0x22a0
[   67.139104][ T6652]  ? vcpu_run+0x33d9/0x52d0
[   67.139118][ T6652]  ? kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[   67.139134][ T6652]  ? kvm_vcpu_ioctl+0x5e9/0x1680
[   67.139143][ T6652]  ? __x64_sys_ioctl+0x190/0x200
[   67.139154][ T6652]  ? do_syscall_64+0xcd/0x260
[   67.139164][ T6652]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.139176][ T6652]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   67.139200][ T6652]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   67.139213][ T6652]  ? policy_nodemask+0xea/0x4e0
[   67.139224][ T6652]  alloc_pages_mpol+0x1fb/0x550
[   67.139235][ T6652]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   67.139244][ T6652]  ? rcu_is_watching+0x12/0xc0
[   67.139257][ T6652]  ? trace_kmalloc+0x2b/0xd0
[   67.139267][ T6652]  ? __kvmalloc_node_noprof+0x296/0x600
[   67.139281][ T6652]  ? trace_kmem_cache_alloc+0x28/0xc0
[   67.139294][ T6652]  alloc_pages_noprof+0x131/0x390
[   67.139304][ T6652]  get_free_pages_noprof+0xc/0x40
[   67.139315][ T6652]  __kvm_mmu_topup_memory_cache+0x278/0x600
[   67.139330][ T6652]  mmu_topup_memory_caches+0xbc/0x170
[   67.139341][ T6652]  kvm_mmu_load+0xd9/0x22a0
[   67.139358][ T6652]  ? kvm_apic_has_interrupt+0xb5/0x190
[   67.139372][ T6652]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   67.139386][ T6652]  ? vmx_get_rflags+0x100/0x420
[   67.139401][ T6652]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[   67.139411][ T6652]  ? __pfx_kvm_mmu_load+0x10/0x10
[   67.139427][ T6652]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   67.139439][ T6652]  ? kvm_check_and_inject_events+0x71c/0x1310
[   67.139458][ T6652]  vcpu_run+0x33d9/0x52d0
[   67.139473][ T6652]  ? kvm_mmu_post_init_vm+0x269/0x370
[   67.139485][ T6652]  ? __lock_acquire+0xaa4/0x1ba0
[   67.139498][ T6652]  ? __pfx_vcpu_run+0x10/0x10
[   67.139516][ T6652]  ? fpu_swap_kvm_fpstate+0x235/0x4a0
[   67.139531][ T6652]  ? __local_bh_enable_ip+0xa4/0x120
[   67.139548][ T6652]  ? kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[   67.139564][ T6652]  kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[   67.139584][ T6652]  kvm_vcpu_ioctl+0x5e9/0x1680
[   67.139595][ T6652]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   67.139608][ T6652]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[   67.139623][ T6652]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   67.139640][ T6652]  ? hook_file_ioctl_common+0x145/0x410
[   67.139657][ T6652]  ? selinux_file_ioctl+0x180/0x270
[   67.139668][ T6652]  ? selinux_file_ioctl+0xb4/0x270
[   67.139680][ T6652]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   67.139689][ T6652]  __x64_sys_ioctl+0x190/0x200
[   67.139703][ T6652]  do_syscall_64+0xcd/0x260
[   67.139714][ T6652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.139723][ T6652] RIP: 0033:0x7f4a7138d169
[   67.139731][ T6652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.139741][ T6652] RSP: 002b:00007f4a7210d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   67.139751][ T6652] RAX: ffffffffffffffda RBX: 00007f4a715a5fa0 RCX: 00007f4a7138d169
[   67.139757][ T6652] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   67.139762][ T6652] RBP: 00007f4a7210d090 R08: 0000000000000000 R09: 0000000000000000
[   67.139768][ T6652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   67.139773][ T6652] R13: 0000000000000000 R14: 00007f4a715a5fa0 R15: 00007ffc1d5695c8
[   67.139785][ T6652]  </TASK>
[   67.311171][ T6657] input: syz0 as /devices/virtual/input/input5
[   67.520424][ T6671] netlink: 16 bytes leftover after parsing attributes in process `syz.3.202'.
[   67.567907][ T6673] FAULT_INJECTION: forcing a failure.
[   67.567907][ T6673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.571689][ T6673] CPU: 1 UID: 0 PID: 6673 Comm: syz.1.203 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   67.571704][ T6673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.571710][ T6673] Call Trace:
[   67.571714][ T6673]  <TASK>
[   67.571718][ T6673]  dump_stack_lvl+0x16c/0x1f0
[   67.571732][ T6673]  should_fail_ex+0x512/0x640
[   67.571748][ T6673]  _copy_from_user+0x2e/0xd0
[   67.571764][ T6673]  kvm_arch_vcpu_ioctl+0x1e4a/0x4f00
[   67.571780][ T6673]  ? stack_trace_save+0x8e/0xc0
[   67.571795][ T6673]  ? stack_depot_save_flags+0x28/0xa50
[   67.571809][ T6673]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[   67.571822][ T6673]  ? __lock_acquire+0xaa4/0x1ba0
[   67.571834][ T6673]  ? kasan_save_stack+0x42/0x60
[   67.571848][ T6673]  ? kasan_save_stack+0x33/0x60
[   67.571861][ T6673]  ? kasan_save_track+0x14/0x30
[   67.571874][ T6673]  ? kasan_save_free_info+0x3b/0x60
[   67.571885][ T6673]  ? __kasan_slab_free+0x51/0x70
[   67.571899][ T6673]  ? kfree+0x2b6/0x4d0
[   67.571910][ T6673]  ? tomoyo_path_number_perm+0x470/0x580
[   67.571926][ T6673]  ? security_file_ioctl+0x9b/0x240
[   67.571936][ T6673]  ? __x64_sys_ioctl+0xb7/0x200
[   67.571948][ T6673]  ? __lock_acquire+0xaa4/0x1ba0
[   67.571962][ T6673]  ? __mutex_trylock_common+0xe9/0x250
[   67.571974][ T6673]  ? __pfx___might_resched+0x10/0x10
[   67.571992][ T6673]  ? rcu_is_watching+0x12/0xc0
[   67.572005][ T6673]  ? trace_contention_end+0xdd/0x130
[   67.572015][ T6673]  ? __mutex_lock+0x1ca/0xb90
[   67.572026][ T6673]  ? kvm_vcpu_ioctl+0x27e/0x1680
[   67.572036][ T6673]  ? __pfx___mutex_lock+0x10/0x10
[   67.572050][ T6673]  ? tomoyo_path_number_perm+0x18d/0x580
[   67.572067][ T6673]  ? kvm_vcpu_ioctl+0x1232/0x1680
[   67.572075][ T6673]  kvm_vcpu_ioctl+0x1232/0x1680
[   67.572085][ T6673]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   67.572098][ T6673]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[   67.572111][ T6673]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   67.572127][ T6673]  ? hook_file_ioctl_common+0x145/0x410
[   67.572144][ T6673]  ? selinux_file_ioctl+0x180/0x270
[   67.572155][ T6673]  ? selinux_file_ioctl+0xb4/0x270
[   67.572167][ T6673]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   67.572176][ T6673]  __x64_sys_ioctl+0x190/0x200
[   67.572188][ T6673]  do_syscall_64+0xcd/0x260
[   67.572199][ T6673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.572209][ T6673] RIP: 0033:0x7faab218d169
[   67.572217][ T6673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.572226][ T6673] RSP: 002b:00007faab2f36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   67.572236][ T6673] RAX: ffffffffffffffda RBX: 00007faab23a5fa0 RCX: 00007faab218d169
[   67.572242][ T6673] RDX: 0000200000000200 RSI: 00000000c048aeca RDI: 000000000000000b
[   67.572248][ T6673] RBP: 00007faab2f36090 R08: 0000000000000000 R09: 0000000000000000
[   67.572254][ T6673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.572259][ T6673] R13: 0000000000000000 R14: 00007faab23a5fa0 R15: 00007ffe1afcee78
[   67.572271][ T6673]  </TASK>
[   67.725041][ T6682] netlink: 28 bytes leftover after parsing attributes in process `syz.0.205'.
[   67.727591][ T6682] netlink: 8 bytes leftover after parsing attributes in process `syz.0.205'.
[   67.911997][ T6701] autofs: Unknown parameter 'û:4'
[   68.243580][  T834] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   68.299028][ T6720] macvlan0: entered promiscuous mode
[   68.301307][ T6720] batadv_slave_1: entered promiscuous mode
[   68.318153][ T6725] FAULT_INJECTION: forcing a failure.
[   68.318153][ T6725] name failslab, interval 1, probability 0, space 0, times 0
[   68.321816][ T6725] CPU: 1 UID: 0 PID: 6725 Comm: syz.1.216 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   68.321831][ T6725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.321837][ T6725] Call Trace:
[   68.321840][ T6725]  <TASK>
[   68.321844][ T6725]  dump_stack_lvl+0x16c/0x1f0
[   68.321857][ T6725]  should_fail_ex+0x512/0x640
[   68.321871][ T6725]  ? fs_reclaim_acquire+0xae/0x150
[   68.321884][ T6725]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[   68.321896][ T6725]  should_failslab+0xc2/0x120
[   68.321921][ T6725]  __kmalloc_noprof+0xd2/0x510
[   68.321940][ T6725]  tomoyo_realpath_from_path+0xc2/0x6e0
[   68.321953][ T6725]  ? tomoyo_profile+0x47/0x60
[   68.321967][ T6725]  tomoyo_path_number_perm+0x245/0x580
[   68.321982][ T6725]  ? tomoyo_path_number_perm+0x237/0x580
[   68.321998][ T6725]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   68.322015][ T6725]  ? find_held_lock+0x2b/0x80
[   68.322039][ T6725]  ? find_held_lock+0x2b/0x80
[   68.322052][ T6725]  ? hook_file_ioctl_common+0x145/0x410
[   68.322068][ T6725]  ? __fget_files+0x20e/0x3c0
[   68.322084][ T6725]  security_file_ioctl+0x9b/0x240
[   68.322095][ T6725]  __x64_sys_ioctl+0xb7/0x200
[   68.322108][ T6725]  do_syscall_64+0xcd/0x260
[   68.322119][ T6725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.322129][ T6725] RIP: 0033:0x7faab218d169
[   68.322137][ T6725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.322146][ T6725] RSP: 002b:00007faab2f36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   68.322156][ T6725] RAX: ffffffffffffffda RBX: 00007faab23a5fa0 RCX: 00007faab218d169
[   68.322162][ T6725] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[   68.322168][ T6725] RBP: 00007faab2f36090 R08: 0000000000000000 R09: 0000000000000000
[   68.322173][ T6725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.322178][ T6725] R13: 0000000000000000 R14: 00007faab23a5fa0 R15: 00007ffe1afcee78
[   68.322191][ T6725]  </TASK>
[   68.322194][ T6725] ERROR: Out of memory at tomoyo_realpath_from_path.
[   68.395605][  T834] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   68.400115][  T834] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   68.402876][  T834] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   68.405409][  T834] usb 7-1: SerialNumber: syz
[   68.803018][ T6743] set match dimension is over the limit!
[   69.041682][  T834] cdc_ether 7-1:1.0 eth2: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42
[   69.346910][ T6781] netlink: 32 bytes leftover after parsing attributes in process `syz.0.226'.
[   69.437829][ T5988] usb 7-1: USB disconnect, device number 5
[   69.440174][ T5988] cdc_ether 7-1:1.0 eth2: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device
[   69.673003][ T6816] FAULT_INJECTION: forcing a failure.
[   69.673003][ T6816] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.676817][ T6816] CPU: 2 UID: 0 PID: 6816 Comm: syz.0.233 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   69.676832][ T6816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.676838][ T6816] Call Trace:
[   69.676841][ T6816]  <TASK>
[   69.676845][ T6816]  dump_stack_lvl+0x16c/0x1f0
[   69.676875][ T6816]  should_fail_ex+0x512/0x640
[   69.676897][ T6816]  _copy_from_user+0x2e/0xd0
[   69.676914][ T6816]  __sys_bpf+0x21d/0x4d80
[   69.676929][ T6816]  ? __pfx___sys_bpf+0x10/0x10
[   69.676942][ T6816]  ? ksys_write+0x190/0x240
[   69.676958][ T6816]  ? __mutex_unlock_slowpath+0x161/0x6a0
[   69.676975][ T6816]  ? fput+0x70/0xf0
[   69.676984][ T6816]  ? ksys_write+0x1b9/0x240
[   69.676996][ T6816]  ? __pfx_ksys_write+0x10/0x10
[   69.677008][ T6816]  ? rcu_is_watching+0x12/0xc0
[   69.677023][ T6816]  __x64_sys_bpf+0x78/0xc0
[   69.677036][ T6816]  ? lockdep_hardirqs_on+0x7c/0x110
[   69.677051][ T6816]  do_syscall_64+0xcd/0x260
[   69.677062][ T6816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.677072][ T6816] RIP: 0033:0x7f08e458d169
[   69.677080][ T6816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.677089][ T6816] RSP: 002b:00007f08e53d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   69.677099][ T6816] RAX: ffffffffffffffda RBX: 00007f08e47a5fa0 RCX: 00007f08e458d169
[   69.677105][ T6816] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   69.677110][ T6816] RBP: 00007f08e53d5090 R08: 0000000000000000 R09: 0000000000000000
[   69.677116][ T6816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.677122][ T6816] R13: 0000000000000000 R14: 00007f08e47a5fa0 R15: 00007ffeed4d3d68
[   69.677144][ T6816]  </TASK>
[   69.757332][ T6825] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[   69.759551][ T6825] UDF-fs: Scanning with blocksize 2048 failed
[   69.762406][ T6825] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[   69.765263][ T6825] UDF-fs: Scanning with blocksize 4096 failed
[   70.080824][ T6858] FAULT_INJECTION: forcing a failure.
[   70.080824][ T6858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.084753][ T6858] CPU: 3 UID: 0 PID: 6858 Comm: syz.3.244 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   70.084767][ T6858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.084773][ T6858] Call Trace:
[   70.084777][ T6858]  <TASK>
[   70.084781][ T6858]  dump_stack_lvl+0x16c/0x1f0
[   70.084795][ T6858]  should_fail_ex+0x512/0x640
[   70.084811][ T6858]  _copy_from_user+0x2e/0xd0
[   70.084827][ T6858]  do_sock_getsockopt+0x5f4/0x800
[   70.084840][ T6858]  ? __pfx_do_sock_getsockopt+0x10/0x10
[   70.084850][ T6858]  ? __fget_files+0x204/0x3c0
[   70.084870][ T6858]  __sys_getsockopt+0x12f/0x260
[   70.084887][ T6858]  __x64_sys_getsockopt+0xbd/0x160
[   70.084901][ T6858]  ? do_syscall_64+0x91/0x260
[   70.084915][ T6858]  ? lockdep_hardirqs_on+0x7c/0x110
[   70.084931][ T6858]  do_syscall_64+0xcd/0x260
[   70.084942][ T6858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.084952][ T6858] RIP: 0033:0x7f1a4f18d169
[   70.084960][ T6858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.084970][ T6858] RSP: 002b:00007f1a500b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   70.084980][ T6858] RAX: ffffffffffffffda RBX: 00007f1a4f3a5fa0 RCX: 00007f1a4f18d169
[   70.084986][ T6858] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[   70.084991][ T6858] RBP: 00007f1a500b3090 R08: 0000200000000080 R09: 0000000000000000
[   70.084997][ T6858] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[   70.085002][ T6858] R13: 0000000000000000 R14: 00007f1a4f3a5fa0 R15: 00007ffd4059e948
[   70.085014][ T6858]  </TASK>
[   70.140911][    C3] vkms_vblank_simulate: vblank timer overrun
[   70.573655][ T6897] No source specified
[   70.576444][ T6897] NILFS (nbd0): device size too small
[   70.586197][ T6897] trusted_key: encrypted_key: insufficient parameters specified
[   71.047200][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[   71.049383][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[   71.397264][ T6928] block nbd3: not configured, cannot reconfigure
[   71.440080][ T6930] can: request_module (can-proto-4) failed.
[   71.473625][ T6935] random: crng reseeded on system resumption
[   71.726907][   T40] kauditd_printk_skb: 63 callbacks suppressed
[   71.726917][   T40] audit: type=1400 audit(1743499823.739:287): avc:  denied  { create } for  pid=6942 comm="syz.0.273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[   71.734779][   T40] audit: type=1400 audit(1743499823.739:288): avc:  denied  { bind } for  pid=6942 comm="syz.0.273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   71.862517][   T40] audit: type=1400 audit(1743499823.869:289): avc:  denied  { mount } for  pid=6956 comm="syz.2.277" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   71.869182][   T40] audit: type=1400 audit(1743499823.869:290): avc:  denied  { create } for  pid=6956 comm="syz.2.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   71.875381][   T40] audit: type=1400 audit(1743499823.879:291): avc:  denied  { ioctl } for  pid=6956 comm="syz.2.277" path="socket:[18977]" dev="sockfs" ino=18977 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   71.876236][ T1327] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   71.897204][   T40] audit: type=1400 audit(1743499823.909:292): avc:  denied  { unmount } for  pid=5944 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   71.929051][   T40] audit: type=1400 audit(1743499823.939:293): avc:  denied  { create } for  pid=6962 comm="syz.2.279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   71.935829][   T40] audit: type=1400 audit(1743499823.949:294): avc:  denied  { unlink } for  pid=6962 comm="syz.2.279" name="#1" dev="tmpfs" ino=478 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   71.942757][   T40] audit: type=1400 audit(1743499823.949:295): avc:  denied  { mount } for  pid=6962 comm="syz.2.279" name="/" dev="overlay" ino=474 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   71.958952][ T6963] evm: overlay not supported
[   71.962482][   T40] audit: type=1400 audit(1743499823.969:296): avc:  denied  { bind } for  pid=6962 comm="syz.2.279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   72.043604][ T1327] usb 6-1: Using ep0 maxpacket: 16
[   72.047663][ T1327] usb 6-1: config 0 has no interfaces?
[   72.051550][ T1327] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   72.054742][ T1327] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.057042][ T1327] usb 6-1: Product: syz
[   72.058283][ T1327] usb 6-1: Manufacturer: syz
[   72.059557][ T1327] usb 6-1: SerialNumber: syz
[   72.062207][ T1327] usb 6-1: config 0 descriptor??
[   72.116536][ T6970] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.185964][ T6970] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.274646][ T5983] usb 6-1: USB disconnect, device number 4
[   72.274712][ T6970] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.346705][ T6970] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.422227][ T6970] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.428617][ T6970] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.435201][ T6970] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.441174][ T6970] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.473662][ T6974] No source specified
[   72.476221][ T6974] NILFS (nbd2): device size too small
[   72.479274][ T6974] trusted_key: encrypted_key: insufficient parameters specified
[   72.851616][ T6988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.287'.
[   72.879154][ T6990] FAULT_INJECTION: forcing a failure.
[   72.879154][ T6990] name failslab, interval 1, probability 0, space 0, times 0
[   72.884302][ T6990] CPU: 3 UID: 0 PID: 6990 Comm: syz.0.288 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   72.884324][ T6990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.884334][ T6990] Call Trace:
[   72.884340][ T6990]  <TASK>
[   72.884346][ T6990]  dump_stack_lvl+0x16c/0x1f0
[   72.884388][ T6990]  should_fail_ex+0x512/0x640
[   72.884416][ T6990]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   72.884443][ T6990]  should_failslab+0xc2/0x120
[   72.884460][ T6990]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   72.884482][ T6990]  ? __alloc_skb+0x2b2/0x380
[   72.884509][ T6990]  __alloc_skb+0x2b2/0x380
[   72.884532][ T6990]  ? __pfx___alloc_skb+0x10/0x10
[   72.884559][ T6990]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   72.884582][ T6990]  netlink_alloc_large_skb+0x69/0x130
[   72.884601][ T6990]  netlink_sendmsg+0x6a1/0xdd0
[   72.884622][ T6990]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.884649][ T6990]  ____sys_sendmsg+0xa95/0xc70
[   72.884671][ T6990]  ? copy_msghdr_from_user+0x10a/0x160
[   72.884692][ T6990]  ? __pfx_____sys_sendmsg+0x10/0x10
[   72.884721][ T6990]  ___sys_sendmsg+0x134/0x1d0
[   72.884743][ T6990]  ? __pfx____sys_sendmsg+0x10/0x10
[   72.884826][ T6990]  __sys_sendmsg+0x16d/0x220
[   72.884850][ T6990]  ? __pfx___sys_sendmsg+0x10/0x10
[   72.884876][ T6990]  ? rcu_is_watching+0x12/0xc0
[   72.884901][ T6990]  do_syscall_64+0xcd/0x260
[   72.884920][ T6990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.884944][ T6990] RIP: 0033:0x7f08e458d169
[   72.884958][ T6990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.884972][ T6990] RSP: 002b:00007f08e53d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.884988][ T6990] RAX: ffffffffffffffda RBX: 00007f08e47a5fa0 RCX: 00007f08e458d169
[   72.884998][ T6990] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000003
[   72.885008][ T6990] RBP: 00007f08e53d5090 R08: 0000000000000000 R09: 0000000000000000
[   72.885017][ T6990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.885027][ T6990] R13: 0000000000000000 R14: 00007f08e47a5fa0 R15: 00007ffeed4d3d68
[   72.885049][ T6990]  </TASK>
[   73.063950][ T5952] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   73.223579][ T5952] usb 6-1: Using ep0 maxpacket: 8
[   73.227422][ T5952] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[   73.229846][ T5952] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   73.232827][ T5952] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   73.235789][ T5952] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   73.238698][ T5952] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   73.242241][ T5952] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   73.244974][ T5952] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.421629][ T7026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.295'.
[   73.425728][ T7026] netlink: 12 bytes leftover after parsing attributes in process `syz.3.295'.
[   73.449740][ T5952] usb 6-1: usb_control_msg returned -32
[   73.451413][ T5952] usbtmc 6-1:16.0: can't read capabilities
[   73.531083][ T7036] netlink: 'syz.3.295': attribute type 13 has an invalid length.
[   73.598767][ T7041] No source specified
[   73.601475][ T7041] NILFS (nbd2): device size too small
[   73.605688][ T7041] trusted_key: encrypted_key: insufficient parameters specified
[   73.803701][ T7050] usbtmc 6-1:16.0: INITIATE_ABORT_BULK_OUT returned 0
[   74.005474][ T5952] usb 6-1: USB disconnect, device number 5
[   74.530283][ T7064] =======================================================
[   74.530283][ T7064] WARNING: The mand mount option has been deprecated and
[   74.530283][ T7064]          and is ignored by this kernel. Remove the mand
[   74.530283][ T7064]          option from the mount to silence this warning.
[   74.530283][ T7064] =======================================================
[   74.592952][ T7066] syz.2.304: attempt to access beyond end of device
[   74.592952][ T7066] nbd2: rw=6144, sector=128, nr_sectors = 8 limit=0
[   74.598818][ T7066] gfs2: error -5 reading superblock
[   74.644520][ T7069] No source specified
[   74.647813][ T7069] NILFS (nbd2): device size too small
[   74.656042][ T7069] trusted_key: encrypted_key: insufficient parameters specified
[   74.868033][ T7091] random: crng reseeded on system resumption
[   74.943209][ T7094] fuse: Bad value for 'fd'
[   74.986256][ T7097] netlink: 8 bytes leftover after parsing attributes in process `syz.1.316'.
[   74.988537][ T7097] netlink: 12 bytes leftover after parsing attributes in process `syz.1.316'.
[   75.027245][ T7100] No source specified
[   75.029972][ T7100] NILFS (nbd0): device size too small
[   75.032073][ T7100] trusted_key: encrypted_key: insufficient parameters specified
[   75.053872][ T5992] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   75.105826][ T7097] netlink: 8 bytes leftover after parsing attributes in process `syz.1.316'.
[   75.215518][ T5992] usb 7-1: Using ep0 maxpacket: 16
[   75.218797][ T5992] usb 7-1: config 0 has no interfaces?
[   75.222908][ T5992] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   75.226543][ T5992] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   75.229349][ T5992] usb 7-1: Product: syz
[   75.230818][ T5992] usb 7-1: Manufacturer: syz
[   75.232474][ T5992] usb 7-1: SerialNumber: syz
[   75.244032][ T5992] usb 7-1: config 0 descriptor??
[   75.456370][ T5988] usb 7-1: USB disconnect, device number 6
[   75.558107][ T7118] netlink: 8 bytes leftover after parsing attributes in process `syz.1.324'.
[   75.667583][ T7127] block device autoloading is deprecated and will be removed.
[   75.989241][ T7129] No source specified
[   75.994059][ T7129] NILFS (nbd2): device size too small
[   75.996281][ T7129] trusted_key: encrypted_key: insufficient parameters specified
[   76.036313][ T7131] Trying to write to read-only block-device nullb0
[   76.683658][   T57] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   76.833609][   T57] usb 6-1: Using ep0 maxpacket: 16
[   76.836864][   T57] usb 6-1: config 0 has no interfaces?
[   76.840136][   T57] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   76.842657][   T57] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.845310][   T57] usb 6-1: Product: syz
[   76.846505][   T57] usb 6-1: Manufacturer: syz
[   76.847797][   T57] usb 6-1: SerialNumber: syz
[   76.850094][   T57] usb 6-1: config 0 descriptor??
[   77.060810][   T57] usb 6-1: USB disconnect, device number 6
[   77.478973][   T40] kauditd_printk_skb: 18 callbacks suppressed
[   77.478983][   T40] audit: type=1400 audit(1743499829.489:315): avc:  denied  { map } for  pid=7194 comm="syz.3.347" path="socket:[23821]" dev="sockfs" ino=23821 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[   77.561978][ T7199] netlink: 24 bytes leftover after parsing attributes in process `syz.0.348'.
[   77.567767][   T40] audit: type=1400 audit(1743499829.579:316): avc:  denied  { mounton } for  pid=7198 comm="syz.0.348" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   78.658289][ T7244] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   78.663051][ T7245] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   78.666988][ T7244] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   78.728535][ T7252] FAULT_INJECTION: forcing a failure.
[   78.728535][ T7252] name failslab, interval 1, probability 0, space 0, times 0
[   78.732051][ T7252] CPU: 2 UID: 0 PID: 7252 Comm: syz.2.363 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   78.732065][ T7252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.732071][ T7252] Call Trace:
[   78.732081][ T7252]  <TASK>
[   78.732085][ T7252]  dump_stack_lvl+0x16c/0x1f0
[   78.732113][ T7252]  should_fail_ex+0x512/0x640
[   78.732133][ T7252]  ? __kmalloc_noprof+0xbf/0x510
[   78.732149][ T7252]  ? bpf_test_init.isra.0+0x9e/0x140
[   78.732164][ T7252]  should_failslab+0xc2/0x120
[   78.732173][ T7252]  __kmalloc_noprof+0xd2/0x510
[   78.732188][ T7252]  ? __lock_acquire+0x5ca/0x1ba0
[   78.732200][ T7252]  bpf_test_init.isra.0+0x9e/0x140
[   78.732216][ T7252]  bpf_prog_test_run_xdp+0x4f0/0x1540
[   78.732230][ T7252]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   78.732240][ T7252]  ? __might_fault+0x90/0x190
[   78.732252][ T7252]  ? fput+0x70/0xf0
[   78.732261][ T7252]  ? __bpf_prog_get+0xa0/0x290
[   78.732271][ T7252]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   78.732281][ T7252]  __sys_bpf+0x1485/0x4d80
[   78.732295][ T7252]  ? __pfx___sys_bpf+0x10/0x10
[   78.732309][ T7252]  ? ksys_write+0x190/0x240
[   78.732323][ T7252]  ? __mutex_unlock_slowpath+0x161/0x6a0
[   78.732340][ T7252]  ? fput+0x70/0xf0
[   78.732349][ T7252]  ? ksys_write+0x1b9/0x240
[   78.732361][ T7252]  ? __pfx_ksys_write+0x10/0x10
[   78.732373][ T7252]  ? rcu_is_watching+0x12/0xc0
[   78.732388][ T7252]  __x64_sys_bpf+0x78/0xc0
[   78.732401][ T7252]  ? lockdep_hardirqs_on+0x7c/0x110
[   78.732417][ T7252]  do_syscall_64+0xcd/0x260
[   78.732427][ T7252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.732438][ T7252] RIP: 0033:0x7f4a7138d169
[   78.732446][ T7252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.732455][ T7252] RSP: 002b:00007f4a7210d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   78.732475][ T7252] RAX: ffffffffffffffda RBX: 00007f4a715a5fa0 RCX: 00007f4a7138d169
[   78.732482][ T7252] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   78.732487][ T7252] RBP: 00007f4a7210d090 R08: 0000000000000000 R09: 0000000000000000
[   78.732493][ T7252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.732498][ T7252] R13: 0000000000000000 R14: 00007f4a715a5fa0 R15: 00007ffc1d5695c8
[   78.732511][ T7252]  </TASK>
[   79.065889][ T7280] FAULT_INJECTION: forcing a failure.
[   79.065889][ T7280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.071727][ T7280] CPU: 3 UID: 0 PID: 7280 Comm: syz.0.374 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   79.071748][ T7280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.071756][ T7280] Call Trace:
[   79.071763][ T7280]  <TASK>
[   79.071769][ T7280]  dump_stack_lvl+0x16c/0x1f0
[   79.071791][ T7280]  should_fail_ex+0x512/0x640
[   79.071816][ T7280]  _copy_from_user+0x2e/0xd0
[   79.071839][ T7280]  sctp_getsockopt+0x29db/0x6b90
[   79.071858][ T7280]  ? avc_has_perm_noaudit+0x117/0x3b0
[   79.071882][ T7280]  ? __pfx_sctp_getsockopt+0x10/0x10
[   79.071904][ T7280]  ? avc_has_perm+0x11a/0x1c0
[   79.071923][ T7280]  ? __pfx_avc_has_perm+0x10/0x10
[   79.071950][ T7280]  ? sock_has_perm+0x259/0x2f0
[   79.071975][ T7280]  ? find_held_lock+0x2b/0x80
[   79.071993][ T7280]  ? __might_fault+0xe3/0x190
[   79.072008][ T7280]  ? __might_fault+0xe3/0x190
[   79.072021][ T7280]  ? __might_fault+0x13b/0x190
[   79.072039][ T7280]  ? sock_common_getsockopt+0x21/0xb0
[   79.072057][ T7280]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   79.072075][ T7280]  do_sock_getsockopt+0x3fc/0x800
[   79.072095][ T7280]  ? __pfx_do_sock_getsockopt+0x10/0x10
[   79.072111][ T7280]  ? __fget_files+0x204/0x3c0
[   79.072141][ T7280]  __sys_getsockopt+0x12f/0x260
[   79.072167][ T7280]  __x64_sys_getsockopt+0xbd/0x160
[   79.072187][ T7280]  ? do_syscall_64+0x91/0x260
[   79.072202][ T7280]  ? lockdep_hardirqs_on+0x7c/0x110
[   79.072224][ T7280]  do_syscall_64+0xcd/0x260
[   79.072238][ T7280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.072253][ T7280] RIP: 0033:0x7f08e458d169
[   79.072267][ T7280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.072279][ T7280] RSP: 002b:00007f08e53d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   79.072294][ T7280] RAX: ffffffffffffffda RBX: 00007f08e47a5fa0 RCX: 00007f08e458d169
[   79.072303][ T7280] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[   79.072311][ T7280] RBP: 00007f08e53d5090 R08: 0000200000000080 R09: 0000000000000000
[   79.072320][ T7280] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[   79.072328][ T7280] R13: 0000000000000000 R14: 00007f08e47a5fa0 R15: 00007ffeed4d3d68
[   79.072346][ T7280]  </TASK>
[   79.199779][ T7276] kvm: kvm [7272]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   79.203204][ T7276] kvm: kvm [7272]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   79.228765][ T7276] kvm: kvm [7272]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[   79.249218][ T7276] kvm: kvm [7272]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[   79.252132][ T7276] kvm: kvm [7272]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[   79.372996][ T7290] netlink: 104 bytes leftover after parsing attributes in process `syz.1.377'.
[   79.437027][   T40] audit: type=1400 audit(1743499831.449:317): avc:  denied  { create } for  pid=7291 comm="syz.1.378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[   79.567042][ T7297] lo speed is unknown, defaulting to 1000
[   79.570091][ T7297] lo speed is unknown, defaulting to 1000
[   79.572781][ T7297] lo speed is unknown, defaulting to 1000
[   79.634976][ T5988] lo speed is unknown, defaulting to 1000
[   79.637043][ T7297] infiniband syz2: set active
[   79.638549][ T7297] infiniband syz2: added lo
[   79.655672][   T40] audit: type=1400 audit(1743499831.669:318): avc:  denied  { getattr } for  pid=7296 comm="syz.1.380" name="/" dev="9p" ino=37879824 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   79.656690][ T7298] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   79.678380][ T7297] RDS/IB: syz2: added
[   79.681262][ T7297] smc: adding ib device syz2 with port count 1
[   79.683141][ T7297] smc:    ib device syz2 port 1 has pnetid 
[   79.685967][ T5988] lo speed is unknown, defaulting to 1000
[   79.689712][ T7297] lo speed is unknown, defaulting to 1000
[   79.761591][ T7297] lo speed is unknown, defaulting to 1000
[   79.859802][ T7297] lo speed is unknown, defaulting to 1000
[   79.926304][ T7297] lo speed is unknown, defaulting to 1000
[   80.349413][   T40] audit: type=1400 audit(1743499832.359:319): avc:  denied  { wake_alarm } for  pid=7329 comm="syz.0.390" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   80.384307][   T40] audit: type=1400 audit(1743499832.399:320): avc:  denied  { setattr } for  pid=7331 comm="syz.0.391" name="/" dev="9p" ino=37879824 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.439632][ T7327] kvm: kvm [7326]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   80.442584][ T7327] kvm: kvm [7326]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   80.462512][ T7327] kvm: kvm [7326]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[   80.484048][ T7327] kvm: kvm [7326]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[   80.487092][ T7327] kvm: kvm [7326]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[   80.513101][ T7342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.393'.
[   80.820926][ T7352] capability: warning: `syz.1.397' uses 32-bit capabilities (legacy support in use)
[   81.084224][ T5988] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   81.235980][ T5988] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   81.239358][ T5988] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   81.242077][ T5988] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   81.245222][ T5988] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.250670][ T7352] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   81.255252][ T5988] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[   81.304380][   T24] cfg80211: failed to load regulatory.db
[   81.459415][ T5992] usb 6-1: USB disconnect, device number 7
[   81.526659][ T7395] FAULT_INJECTION: forcing a failure.
[   81.526659][ T7395] name failslab, interval 1, probability 0, space 0, times 0
[   81.530883][ T7395] CPU: 3 UID: 0 PID: 7395 Comm: syz.2.409 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   81.530898][ T7395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.530904][ T7395] Call Trace:
[   81.530908][ T7395]  <TASK>
[   81.530913][ T7395]  dump_stack_lvl+0x16c/0x1f0
[   81.530944][ T7395]  should_fail_ex+0x512/0x640
[   81.530963][ T7395]  ? fs_reclaim_acquire+0xae/0x150
[   81.530976][ T7395]  ? tomoyo_encode2+0x100/0x3e0
[   81.530987][ T7395]  should_failslab+0xc2/0x120
[   81.530996][ T7395]  __kmalloc_noprof+0xd2/0x510
[   81.531015][ T7395]  ? d_absolute_path+0x136/0x1a0
[   81.531028][ T7395]  tomoyo_encode2+0x100/0x3e0
[   81.531041][ T7395]  tomoyo_encode+0x29/0x50
[   81.531054][ T7395]  tomoyo_realpath_from_path+0x18f/0x6e0
[   81.531072][ T7395]  tomoyo_path_number_perm+0x245/0x580
[   81.531087][ T7395]  ? tomoyo_path_number_perm+0x237/0x580
[   81.531104][ T7395]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   81.531121][ T7395]  ? __pfx__kstrtoull+0x10/0x10
[   81.531135][ T7395]  ? find_held_lock+0x2b/0x80
[   81.531160][ T7395]  ? from_kuid+0x8d/0xd0
[   81.531171][ T7395]  ? __pfx_from_kuid+0x10/0x10
[   81.531184][ T7395]  tomoyo_path_chown+0x173/0x1b0
[   81.531197][ T7395]  ? __pfx_tomoyo_path_chown+0x10/0x10
[   81.531211][ T7395]  ? from_vfsuid+0xea/0x140
[   81.531221][ T7395]  ? __pfx_from_vfsuid+0x10/0x10
[   81.531231][ T7395]  ? __lock_acquire+0x5ca/0x1ba0
[   81.531242][ T7395]  security_path_chown+0x12a/0x2e0
[   81.531253][ T7395]  chown_common+0x3bb/0x670
[   81.531265][ T7395]  ? __pfx_chown_common+0x10/0x10
[   81.531285][ T7395]  ksys_fchown+0x11f/0x170
[   81.531296][ T7395]  __x64_sys_fchown+0x72/0xb0
[   81.531307][ T7395]  ? lockdep_hardirqs_on+0x7c/0x110
[   81.531328][ T7395]  do_syscall_64+0xcd/0x260
[   81.531339][ T7395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.531349][ T7395] RIP: 0033:0x7f4a7138d169
[   81.531358][ T7395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.531370][ T7395] RSP: 002b:00007f4a7210d038 EFLAGS: 00000246 ORIG_RAX: 000000000000005d
[   81.531380][ T7395] RAX: ffffffffffffffda RBX: 00007f4a715a5fa0 RCX: 00007f4a7138d169
[   81.531387][ T7395] RDX: 0000000000000000 RSI: 000000000000ee01 RDI: 0000000000000004
[   81.531395][ T7395] RBP: 00007f4a7210d090 R08: 0000000000000000 R09: 0000000000000000
[   81.531403][ T7395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.531409][ T7395] R13: 0000000000000000 R14: 00007f4a715a5fa0 R15: 00007ffc1d5695c8
[   81.531429][ T7395]  </TASK>
[   81.531440][ T7395] ERROR: Out of memory at tomoyo_realpath_from_path.
[   82.001009][ T7405] ahci 0000:00:1f.2: Using 39-bit DMA addresses
[   82.338517][ T7413] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.343631][  T834] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[   82.404670][ T7413] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.489350][ T7413] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.495694][  T834] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   82.498455][  T834] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   82.501990][  T834] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   82.504569][  T834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.583219][   T40] audit: type=1400 audit(1743499834.589:321): avc:  denied  { write } for  pid=7417 comm="syz.3.418" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   82.584598][ T7418] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (8), value rounded to 0 ms
[   82.608436][ T7413] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.617168][ T7421] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (8), value rounded to 0 ms
[   82.709814][ T7413] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.711950][  T834] usb 5-1: GET_CAPABILITIES returned 0
[   82.713859][  T834] usbtmc 5-1:16.0: can't read capabilities
[   82.716691][ T7413] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.726647][ T7413] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.734307][ T7413] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.915880][ T7407] usbtmc 5-1:16.0: usbtmc488_ioctl_trigger returned -90
[   82.918760][  T834] usb 5-1: USB disconnect, device number 6
[   82.973440][ T7447] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7447 comm=syz.3.427
[   83.066635][ T7451] FAULT_INJECTION: forcing a failure.
[   83.066635][ T7451] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.071371][ T7451] CPU: 1 UID: 0 PID: 7451 Comm: syz.1.428 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   83.071387][ T7451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   83.071394][ T7451] Call Trace:
[   83.071398][ T7451]  <TASK>
[   83.071402][ T7451]  dump_stack_lvl+0x16c/0x1f0
[   83.071433][ T7451]  should_fail_ex+0x512/0x640
[   83.071455][ T7451]  _copy_from_iter+0x2a4/0x15b0
[   83.071471][ T7451]  ? __alloc_skb+0x200/0x380
[   83.071487][ T7451]  ? __pfx__copy_from_iter+0x10/0x10
[   83.071503][ T7451]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   83.071517][ T7451]  netlink_sendmsg+0x829/0xdd0
[   83.071529][ T7451]  ? __pfx_netlink_sendmsg+0x10/0x10
[   83.071544][ T7451]  __sys_sendto+0x495/0x510
[   83.071558][ T7451]  ? __pfx___sys_sendto+0x10/0x10
[   83.071576][ T7451]  ? reacquire_held_locks+0xcd/0x1f0
[   83.071586][ T7451]  ? do_user_addr_fault+0xde3/0x1430
[   83.071620][ T7451]  __x64_sys_sendto+0xe0/0x1c0
[   83.071636][ T7451]  ? do_syscall_64+0x91/0x260
[   83.071646][ T7451]  ? lockdep_hardirqs_on+0x7c/0x110
[   83.071661][ T7451]  do_syscall_64+0xcd/0x260
[   83.071672][ T7451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.071682][ T7451] RIP: 0033:0x7faab218effc
[   83.071691][ T7451] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[   83.071700][ T7451] RSP: 002b:00007faab2f34ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[   83.071711][ T7451] RAX: ffffffffffffffda RBX: 00007faab2f34fc0 RCX: 00007faab218effc
[   83.071717][ T7451] RDX: 0000000000000024 RSI: 00007faab2f35010 RDI: 0000000000000009
[   83.071723][ T7451] RBP: 0000000000000000 R08: 00007faab2f34f14 R09: 000000000000000c
[   83.071729][ T7451] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000009
[   83.071735][ T7451] R13: 00007faab2f34f68 R14: 00007faab2f35010 R15: 0000000000000000
[   83.071747][ T7451]  </TASK>
[   83.131040][    C1] vkms_vblank_simulate: vblank timer overrun
[   83.503150][ T7461] netlink: 4 bytes leftover after parsing attributes in process `syz.0.431'.
[   83.510112][ T7461] erspan0: entered promiscuous mode
[   83.511812][ T7461] macvtap1: entered promiscuous mode
[   83.513445][ T7461] macvtap1: entered allmulticast mode
[   83.515785][ T7461] erspan0: entered allmulticast mode
[   83.519495][ T7461] netlink: 4 bytes leftover after parsing attributes in process `syz.0.431'.
[   83.522813][ T7461] erspan0: left allmulticast mode
[   83.524869][ T7461] erspan0: left promiscuous mode
[   83.570806][ T7466] syz.0.432(7466): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[   83.579691][   T40] audit: type=1400 audit(1743499835.589:322): avc:  denied  { create } for  pid=7464 comm="syz.0.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   83.885291][   T40] audit: type=1400 audit(1743499835.899:323): avc:  denied  { create } for  pid=7491 comm="syz.3.442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   83.892043][   T40] audit: type=1400 audit(1743499835.899:324): avc:  denied  { getopt } for  pid=7491 comm="syz.3.442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   83.930839][ T7496] No source specified
[   83.936427][ T7496] trusted_key: encrypted_key: insufficient parameters specified
[   84.129801][ T7508] random: crng reseeded on system resumption
[   84.271657][   T40] audit: type=1400 audit(1743499836.279:325): avc:  denied  { create } for  pid=7515 comm="syz.3.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   84.342121][ T7522] "syz.3.453" (7522) uses obsolete ecb(arc4) skcipher
[   84.895302][   T40] audit: type=1400 audit(1743499836.909:326): avc:  denied  { mount } for  pid=7546 comm="syz.2.460" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   84.906059][ T7547] xt_time: invalid argument - start or stop time greater than 23:59:59
[   84.952950][   T40] audit: type=1400 audit(1743499836.959:327): avc:  denied  { getopt } for  pid=7548 comm="syz.3.461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   85.026106][ T7555] FAULT_INJECTION: forcing a failure.
[   85.026106][ T7555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.029941][ T7555] CPU: 0 UID: 0 PID: 7555 Comm: syz.3.464 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   85.029958][ T7555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.029964][ T7555] Call Trace:
[   85.029969][ T7555]  <TASK>
[   85.029973][ T7555]  dump_stack_lvl+0x16c/0x1f0
[   85.030002][ T7555]  should_fail_ex+0x512/0x640
[   85.030024][ T7555]  _copy_to_user+0x32/0xd0
[   85.030044][ T7555]  simple_read_from_buffer+0xcb/0x170
[   85.030059][ T7555]  proc_fail_nth_read+0x197/0x270
[   85.030073][ T7555]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   85.030090][ T7555]  ? rw_verify_area+0xcf/0x680
[   85.030101][ T7555]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   85.030114][ T7555]  vfs_read+0x1de/0xc70
[   85.030128][ T7555]  ? __pfx___mutex_lock+0x10/0x10
[   85.030139][ T7555]  ? __pfx_vfs_read+0x10/0x10
[   85.030155][ T7555]  ? __fget_files+0x20e/0x3c0
[   85.030173][ T7555]  ksys_read+0x12a/0x240
[   85.030185][ T7555]  ? __pfx_ksys_read+0x10/0x10
[   85.030202][ T7555]  do_syscall_64+0xcd/0x260
[   85.030213][ T7555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.030224][ T7555] RIP: 0033:0x7f1a4f18bb7c
[   85.030232][ T7555] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   85.030241][ T7555] RSP: 002b:00007f1a500b3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   85.030251][ T7555] RAX: ffffffffffffffda RBX: 00007f1a4f3a5fa0 RCX: 00007f1a4f18bb7c
[   85.030257][ T7555] RDX: 000000000000000f RSI: 00007f1a500b30a0 RDI: 000000000000000c
[   85.030263][ T7555] RBP: 00007f1a500b3090 R08: 0000000000000000 R09: 0000000000000000
[   85.030269][ T7555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.030274][ T7555] R13: 0000000000000000 R14: 00007f1a4f3a5fa0 R15: 00007ffd4059e948
[   85.030287][ T7555]  </TASK>
[   85.374999][   T40] audit: type=1400 audit(1743499837.379:328): avc:  denied  { write } for  pid=7575 comm="syz.1.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   85.506470][ T7584] Cannot find set identified by id 0 to match
[   85.535957][ T7586] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16148 sclass=netlink_tcpdiag_socket pid=7586 comm=syz.1.475
[   85.716157][ T7600] netlink: 276 bytes leftover after parsing attributes in process `syz.3.479'.
[   86.032523][ T7613] netlink: 20 bytes leftover after parsing attributes in process `syz.1.483'.
[   86.038860][ T7614] netlink: 20 bytes leftover after parsing attributes in process `syz.1.483'.
[   86.081521][   T40] audit: type=1400 audit(1743499838.089:329): avc:  denied  { bind } for  pid=7620 comm="syz.3.485" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   86.088797][   T40] audit: type=1400 audit(1743499838.089:330): avc:  denied  { name_bind } for  pid=7620 comm="syz.3.485" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   86.591865][ T7651] netlink: 104 bytes leftover after parsing attributes in process `syz.2.495'.
[   86.632737][ T7649] input: syz0 as /devices/virtual/input/input6
[   86.808839][ T7657] kvm_pr_unimpl_wrmsr: 5 callbacks suppressed
[   86.808852][ T7657] kvm: kvm [7656]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   86.813896][ T7657] kvm: kvm [7656]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   86.832711][ T7657] kvm: kvm [7656]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[   86.852760][ T7657] kvm: kvm [7656]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[   86.858807][ T7657] kvm: kvm [7656]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[   87.527999][ T7680] netlink: 12 bytes leftover after parsing attributes in process `syz.0.502'.
[   87.531391][ T7680] netlink: 40 bytes leftover after parsing attributes in process `syz.0.502'.
[   87.573226][ T7682] No source specified
[   87.576344][ T7682] NILFS (nbd0): device size too small
[   87.580989][ T7682] trusted_key: encrypted_key: insufficient parameters specified
[   87.645821][   T40] kauditd_printk_skb: 6 callbacks suppressed
[   87.645831][   T40] audit: type=1400 audit(1743499839.659:337): avc:  denied  { mount } for  pid=7683 comm="syz.3.504" name="/" dev="ramfs" ino=29358 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   87.660577][ T7685] overlay: filesystem on ./bus not supported as upperdir
[   87.667231][   T40] audit: type=1400 audit(1743499839.679:338): avc:  denied  { write } for  pid=7686 comm="syz.0.505" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   87.674211][   T40] audit: type=1400 audit(1743499839.679:339): avc:  denied  { unmount } for  pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   87.697102][   T40] audit: type=1400 audit(1743499839.709:340): avc:  denied  { write } for  pid=7690 comm="syz.3.506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   87.827539][ T7697] netlink: 20 bytes leftover after parsing attributes in process `syz.2.508'.
[   87.830110][ T7697] netlink: 4 bytes leftover after parsing attributes in process `syz.2.508'.
[   87.848521][ T7697] netlink: 8 bytes leftover after parsing attributes in process `syz.2.508'.
[   87.852490][   T40] audit: type=1400 audit(1743499839.859:341): avc:  denied  { create } for  pid=7696 comm="syz.2.508" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   87.903726][   T29] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[   87.998704][ T7711] syz.3.513 uses obsolete (PF_INET,SOCK_PACKET)
[   88.004254][ T7711] syz.3.513: attempt to access beyond end of device
[   88.004254][ T7711] loop3: rw=0, sector=64, nr_sectors = 2 limit=0
[   88.008212][ T7711] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32
[   88.044087][   T29] usb 5-1: device descriptor read/64, error -71
[   88.076720][ T7715] FAULT_INJECTION: forcing a failure.
[   88.076720][ T7715] name failslab, interval 1, probability 0, space 0, times 0
[   88.080052][ T7715] CPU: 2 UID: 0 PID: 7715 Comm: syz.1.514 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   88.080067][ T7715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.080074][ T7715] Call Trace:
[   88.080079][ T7715]  <TASK>
[   88.080083][ T7715]  dump_stack_lvl+0x16c/0x1f0
[   88.080110][ T7715]  should_fail_ex+0x512/0x640
[   88.080130][ T7715]  ? fs_reclaim_acquire+0xae/0x150
[   88.080144][ T7715]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[   88.080156][ T7715]  should_failslab+0xc2/0x120
[   88.080166][ T7715]  __kmalloc_noprof+0xd2/0x510
[   88.080184][ T7715]  tomoyo_realpath_from_path+0xc2/0x6e0
[   88.080197][ T7715]  ? tomoyo_profile+0x47/0x60
[   88.080211][ T7715]  tomoyo_path_number_perm+0x245/0x580
[   88.080225][ T7715]  ? tomoyo_path_number_perm+0x237/0x580
[   88.080242][ T7715]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   88.080259][ T7715]  ? __pfx__kstrtoull+0x10/0x10
[   88.080272][ T7715]  ? find_held_lock+0x2b/0x80
[   88.080297][ T7715]  ? from_kgid+0x8f/0xd0
[   88.080308][ T7715]  ? __pfx_from_kgid+0x10/0x10
[   88.080322][ T7715]  tomoyo_path_chown+0x14b/0x1b0
[   88.080334][ T7715]  ? __pfx_tomoyo_path_chown+0x10/0x10
[   88.080348][ T7715]  ? from_vfsuid+0xea/0x140
[   88.080359][ T7715]  ? __pfx_from_vfsuid+0x10/0x10
[   88.080368][ T7715]  ? __lock_acquire+0x5ca/0x1ba0
[   88.080379][ T7715]  security_path_chown+0x12a/0x2e0
[   88.080389][ T7715]  chown_common+0x3bb/0x670
[   88.080402][ T7715]  ? __pfx_chown_common+0x10/0x10
[   88.080419][ T7715]  ksys_fchown+0x11f/0x170
[   88.080429][ T7715]  __x64_sys_fchown+0x72/0xb0
[   88.080438][ T7715]  ? lockdep_hardirqs_on+0x7c/0x110
[   88.080454][ T7715]  do_syscall_64+0xcd/0x260
[   88.080464][ T7715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.080474][ T7715] RIP: 0033:0x7faab218d169
[   88.080483][ T7715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.080493][ T7715] RSP: 002b:00007faab2f36038 EFLAGS: 00000246 ORIG_RAX: 000000000000005d
[   88.080503][ T7715] RAX: ffffffffffffffda RBX: 00007faab23a5fa0 RCX: 00007faab218d169
[   88.080509][ T7715] RDX: 0000000000000000 RSI: 000000000000ee01 RDI: 0000000000000004
[   88.080515][ T7715] RBP: 00007faab2f36090 R08: 0000000000000000 R09: 0000000000000000
[   88.080521][ T7715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.080526][ T7715] R13: 0000000000000000 R14: 00007faab23a5fa0 R15: 00007ffe1afcee78
[   88.080539][ T7715]  </TASK>
[   88.080543][ T7715] ERROR: Out of memory at tomoyo_realpath_from_path.
[   88.220145][ T7717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.515'.
[   88.251219][ T7728] No source specified
[   88.254040][ T7728] NILFS (nbd1): device size too small
[   88.257270][ T7728] trusted_key: encrypted_key: insufficient parameters specified
[   88.303607][   T29] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[   88.320407][ T7734] netlink: 'syz.1.521': attribute type 2 has an invalid length.
[   88.325634][ T7734] netlink: 'syz.1.521': attribute type 2 has an invalid length.
[   88.328736][ T7734] netlink: 'syz.1.521': attribute type 1 has an invalid length.
[   88.453647][   T29] usb 5-1: device descriptor read/64, error -71
[   88.468779][   T40] audit: type=1400 audit(1743499840.479:342): avc:  denied  { setopt } for  pid=7741 comm="syz.3.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   88.501549][   T40] audit: type=1400 audit(1743499840.509:343): avc:  denied  { create } for  pid=7741 comm="syz.3.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   88.507615][   T40] audit: type=1400 audit(1743499840.509:345): avc:  denied  { write } for  pid=7741 comm="syz.3.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   88.513189][   T40] audit: type=1400 audit(1743499840.509:344): avc:  denied  { connect } for  pid=7741 comm="syz.3.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   88.520883][   T40] audit: type=1400 audit(1743499840.509:346): avc:  denied  { getopt } for  pid=7741 comm="syz.3.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   88.549984][ T7750] FAULT_INJECTION: forcing a failure.
[   88.549984][ T7750] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.554059][ T7750] CPU: 3 UID: 0 PID: 7750 Comm: syz.2.525 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   88.554074][ T7750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.554089][ T7750] Call Trace:
[   88.554093][ T7750]  <TASK>
[   88.554098][ T7750]  dump_stack_lvl+0x16c/0x1f0
[   88.554132][ T7750]  should_fail_ex+0x512/0x640
[   88.554154][ T7750]  _copy_from_iter+0x2a4/0x15b0
[   88.554170][ T7750]  ? __alloc_skb+0x200/0x380
[   88.554186][ T7750]  ? __pfx__copy_from_iter+0x10/0x10
[   88.554202][ T7750]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   88.554216][ T7750]  netlink_sendmsg+0x829/0xdd0
[   88.554228][ T7750]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.554243][ T7750]  ____sys_sendmsg+0xa95/0xc70
[   88.554256][ T7750]  ? copy_msghdr_from_user+0x10a/0x160
[   88.554271][ T7750]  ? __pfx_____sys_sendmsg+0x10/0x10
[   88.554289][ T7750]  ___sys_sendmsg+0x134/0x1d0
[   88.554305][ T7750]  ? __pfx____sys_sendmsg+0x10/0x10
[   88.554336][ T7750]  __sys_sendmsg+0x16d/0x220
[   88.554352][ T7750]  ? __pfx___sys_sendmsg+0x10/0x10
[   88.554371][ T7750]  ? rcu_is_watching+0x12/0xc0
[   88.554389][ T7750]  do_syscall_64+0xcd/0x260
[   88.554400][ T7750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.554411][ T7750] RIP: 0033:0x7f4a7138d169
[   88.554420][ T7750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.554430][ T7750] RSP: 002b:00007f4a7210d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.554440][ T7750] RAX: ffffffffffffffda RBX: 00007f4a715a5fa0 RCX: 00007f4a7138d169
[   88.554446][ T7750] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000003
[   88.554452][ T7750] RBP: 00007f4a7210d090 R08: 0000000000000000 R09: 0000000000000000
[   88.554458][ T7750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.554463][ T7750] R13: 0000000000000000 R14: 00007f4a715a5fa0 R15: 00007ffc1d5695c8
[   88.554476][ T7750]  </TASK>
[   88.564290][   T29] usb usb5-port1: attempt power cycle
[   88.647618][ T7758] vlan2: entered promiscuous mode
[   88.649098][ T7758] bond0: entered promiscuous mode
[   88.650607][ T7758] bond_slave_0: entered promiscuous mode
[   88.652266][ T7758] bond_slave_1: entered promiscuous mode
[   88.679678][ T7761] No source specified
[   88.682324][ T7761] NILFS (nbd1): device size too small
[   88.765308][ T7768] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.817780][ T7768] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.892084][ T7768] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.955323][ T7768] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.974640][   T29] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[   88.995144][   T29] usb 5-1: device descriptor read/8, error -71
[   89.029489][ T7768] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.039596][ T7768] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.047834][ T7768] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.055618][ T7768] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.243765][   T29] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[   89.264179][   T29] usb 5-1: device descriptor read/8, error -71
[   89.373871][   T29] usb usb5-port1: unable to enumerate USB device
[   90.203564][ T6641] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   90.363718][ T6641] usb 8-1: Using ep0 maxpacket: 16
[   90.367328][ T6641] usb 8-1: config 0 has no interfaces?
[   90.370829][ T6641] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   90.374124][ T6641] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.377045][ T6641] usb 8-1: Product: syz
[   90.378649][ T6641] usb 8-1: Manufacturer: syz
[   90.380368][ T6641] usb 8-1: SerialNumber: syz
[   90.384162][ T6641] usb 8-1: config 0 descriptor??
[   90.413624][ T6012] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   90.555721][ T7821] FAULT_INJECTION: forcing a failure.
[   90.555721][ T7821] name failslab, interval 1, probability 0, space 0, times 0
[   90.559181][ T7821] CPU: 3 UID: 0 PID: 7821 Comm: syz.2.548 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   90.559196][ T7821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.559202][ T7821] Call Trace:
[   90.559206][ T7821]  <TASK>
[   90.559210][ T7821]  dump_stack_lvl+0x16c/0x1f0
[   90.559238][ T7821]  should_fail_ex+0x512/0x640
[   90.559260][ T7821]  should_failslab+0xc2/0x120
[   90.559270][ T7821]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   90.559286][ T7821]  ? skb_clone+0x190/0x3f0
[   90.559297][ T7821]  skb_clone+0x190/0x3f0
[   90.559307][ T7821]  netlink_deliver_tap+0xabd/0xd30
[   90.559326][ T7821]  netlink_unicast+0x5df/0x7f0
[   90.559338][ T7821]  ? __pfx_netlink_unicast+0x10/0x10
[   90.559351][ T7821]  netlink_sendmsg+0x8d1/0xdd0
[   90.559364][ T7821]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.559378][ T7821]  __sys_sendto+0x495/0x510
[   90.559393][ T7821]  ? __pfx___sys_sendto+0x10/0x10
[   90.559411][ T7821]  ? reacquire_held_locks+0xcd/0x1f0
[   90.559421][ T7821]  ? do_user_addr_fault+0xde3/0x1430
[   90.559442][ T7821]  __x64_sys_sendto+0xe0/0x1c0
[   90.559456][ T7821]  ? do_syscall_64+0x91/0x260
[   90.559466][ T7821]  ? lockdep_hardirqs_on+0x7c/0x110
[   90.559481][ T7821]  do_syscall_64+0xcd/0x260
[   90.559495][ T7821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.559506][ T7821] RIP: 0033:0x7f4a7138effc
[   90.559514][ T7821] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[   90.559524][ T7821] RSP: 002b:00007f4a7210bec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[   90.559534][ T7821] RAX: ffffffffffffffda RBX: 00007f4a7210bfc0 RCX: 00007f4a7138effc
[   90.559540][ T7821] RDX: 0000000000000024 RSI: 00007f4a7210c010 RDI: 0000000000000009
[   90.559546][ T7821] RBP: 0000000000000000 R08: 00007f4a7210bf14 R09: 000000000000000c
[   90.559552][ T7821] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000009
[   90.559557][ T7821] R13: 00007f4a7210bf68 R14: 00007f4a7210c010 R15: 0000000000000000
[   90.559569][ T7821]  </TASK>
[   90.593578][ T6012] usb 6-1: Using ep0 maxpacket: 16
[   90.598057][ T7807] FAULT_INJECTION: forcing a failure.
[   90.598057][ T7807] name failslab, interval 1, probability 0, space 0, times 0
[   90.600266][ T6012] usb 6-1: config 0 has no interfaces?
[   90.601041][ T7807] CPU: 1 UID: 0 PID: 7807 Comm: syz.3.543 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   90.601056][ T7807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.601062][ T7807] Call Trace:
[   90.601066][ T7807]  <TASK>
[   90.601070][ T7807]  dump_stack_lvl+0x16c/0x1f0
[   90.601084][ T7807]  should_fail_ex+0x512/0x640
[   90.601098][ T7807]  ? fs_reclaim_acquire+0xae/0x150
[   90.601111][ T7807]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[   90.601123][ T7807]  should_failslab+0xc2/0x120
[   90.601133][ T7807]  __kmalloc_noprof+0xd2/0x510
[   90.601151][ T7807]  tomoyo_realpath_from_path+0xc2/0x6e0
[   90.601164][ T7807]  ? tomoyo_profile+0x47/0x60
[   90.601177][ T7807]  tomoyo_path_number_perm+0x245/0x580
[   90.601192][ T7807]  ? tomoyo_path_number_perm+0x237/0x580
[   90.601209][ T7807]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   90.601225][ T7807]  ? find_held_lock+0x2b/0x80
[   90.601249][ T7807]  ? find_held_lock+0x2b/0x80
[   90.601261][ T7807]  ? hook_file_ioctl_common+0x145/0x410
[   90.601277][ T7807]  ? __fget_files+0x20e/0x3c0
[   90.601293][ T7807]  security_file_ioctl+0x9b/0x240
[   90.601304][ T7807]  __x64_sys_ioctl+0xb7/0x200
[   90.601317][ T7807]  do_syscall_64+0xcd/0x260
[   90.601328][ T7807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.601338][ T7807] RIP: 0033:0x7f1a4f18d169
[   90.601346][ T7807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.601356][ T7807] RSP: 002b:00007f1a500b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   90.601366][ T7807] RAX: ffffffffffffffda RBX: 00007f1a4f3a5fa0 RCX: 00007f1a4f18d169
[   90.601372][ T7807] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 000000000000000f
[   90.601378][ T7807] RBP: 00007f1a500b3090 R08: 0000000000000000 R09: 0000000000000000
[   90.601384][ T7807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.601389][ T7807] R13: 0000000000000000 R14: 00007f1a4f3a5fa0 R15: 00007ffd4059e948
[   90.601402][ T7807]  </TASK>
[   90.601406][ T7807] ERROR: Out of memory at tomoyo_realpath_from_path.
[   90.613362][ T6012] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   90.622459][   T29] usb 8-1: USB disconnect, device number 4
[   90.623232][ T6012] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.708080][ T6012] usb 6-1: Product: syz
[   90.709686][ T6012] usb 6-1: Manufacturer: syz
[   90.711434][ T6012] usb 6-1: SerialNumber: syz
[   90.715294][ T6012] usb 6-1: config 0 descriptor??
[   91.673212][ T7849] No source specified
[   91.677558][ T7849] NILFS (nbd3): device size too small
[   91.746652][ T7855] warning: `syz.3.560' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   91.750184][ T7855] vim2m vim2m.0: vidioc_s_fmt queue busy
[   91.797683][ T7863] __nla_validate_parse: 3 callbacks suppressed
[   91.797716][ T7863] netlink: 8 bytes leftover after parsing attributes in process `/dev/'.
[   91.934348][ T7870] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7870 comm=syz.3.566
[   92.010764][ T7876] No source specified
[   92.013176][ T7876] NILFS (nbd3): device size too small
[   92.085053][ T7880] FAULT_INJECTION: forcing a failure.
[   92.085053][ T7880] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   92.090333][ T7880] CPU: 2 UID: 0 PID: 7880 Comm: syz.3.571 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   92.090349][ T7880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.090356][ T7880] Call Trace:
[   92.090360][ T7880]  <TASK>
[   92.090364][ T7880]  dump_stack_lvl+0x16c/0x1f0
[   92.090379][ T7880]  should_fail_ex+0x512/0x640
[   92.090395][ T7880]  should_fail_alloc_page+0xe7/0x130
[   92.090407][ T7880]  prepare_alloc_pages+0x3c2/0x610
[   92.090419][ T7880]  ? rcu_is_watching+0x12/0xc0
[   92.090434][ T7880]  __alloc_frozen_pages_noprof+0x18f/0x2370
[   92.090450][ T7880]  ? kasan_save_stack+0x33/0x60
[   92.090464][ T7880]  ? kasan_save_track+0x14/0x30
[   92.090478][ T7880]  ? __kasan_kmalloc+0xaa/0xb0
[   92.090491][ T7880]  ? __kvmalloc_node_noprof+0x279/0x600
[   92.090504][ T7880]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[   92.090516][ T7880]  ? mmu_topup_memory_caches+0xbc/0x170
[   92.090525][ T7880]  ? kvm_mmu_load+0xd9/0x22a0
[   92.090539][ T7880]  ? vcpu_run+0x33d9/0x52d0
[   92.090553][ T7880]  ? kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[   92.090568][ T7880]  ? kvm_vcpu_ioctl+0x5e9/0x1680
[   92.090576][ T7880]  ? __x64_sys_ioctl+0x190/0x200
[   92.090587][ T7880]  ? do_syscall_64+0xcd/0x260
[   92.090596][ T7880]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.090608][ T7880]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   92.090631][ T7880]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   92.090643][ T7880]  ? policy_nodemask+0xea/0x4e0
[   92.090654][ T7880]  alloc_pages_mpol+0x1fb/0x550
[   92.090664][ T7880]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   92.090672][ T7880]  ? rcu_is_watching+0x12/0xc0
[   92.090684][ T7880]  ? trace_kmalloc+0x2b/0xd0
[   92.090694][ T7880]  ? __kvmalloc_node_noprof+0x296/0x600
[   92.090708][ T7880]  ? trace_kmem_cache_alloc+0x28/0xc0
[   92.090720][ T7880]  alloc_pages_noprof+0x131/0x390
[   92.090730][ T7880]  get_free_pages_noprof+0xc/0x40
[   92.090745][ T7880]  __kvm_mmu_topup_memory_cache+0x278/0x600
[   92.090760][ T7880]  mmu_topup_memory_caches+0xbc/0x170
[   92.090770][ T7880]  kvm_mmu_load+0xd9/0x22a0
[   92.090786][ T7880]  ? kvm_apic_has_interrupt+0xb5/0x190
[   92.090800][ T7880]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   92.090813][ T7880]  ? vmx_get_rflags+0x100/0x420
[   92.090828][ T7880]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[   92.090838][ T7880]  ? __pfx_kvm_mmu_load+0x10/0x10
[   92.090853][ T7880]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   92.090865][ T7880]  ? kvm_check_and_inject_events+0x71c/0x1310
[   92.090883][ T7880]  vcpu_run+0x33d9/0x52d0
[   92.090897][ T7880]  ? kvm_mmu_post_init_vm+0x269/0x370
[   92.090908][ T7880]  ? __lock_acquire+0xaa4/0x1ba0
[   92.090922][ T7880]  ? __pfx_vcpu_run+0x10/0x10
[   92.090938][ T7880]  ? fpu_swap_kvm_fpstate+0x235/0x4a0
[   92.090953][ T7880]  ? __local_bh_enable_ip+0xa4/0x120
[   92.090971][ T7880]  ? kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[   92.090986][ T7880]  kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[   92.091008][ T7880]  kvm_vcpu_ioctl+0x5e9/0x1680
[   92.091019][ T7880]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   92.091031][ T7880]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[   92.091046][ T7880]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   92.091062][ T7880]  ? hook_file_ioctl_common+0x145/0x410
[   92.091079][ T7880]  ? selinux_file_ioctl+0x180/0x270
[   92.091091][ T7880]  ? selinux_file_ioctl+0xb4/0x270
[   92.091103][ T7880]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   92.091112][ T7880]  __x64_sys_ioctl+0x190/0x200
[   92.091125][ T7880]  do_syscall_64+0xcd/0x260
[   92.091135][ T7880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.091145][ T7880] RIP: 0033:0x7f1a4f18d169
[   92.091166][ T7880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.091178][ T7880] RSP: 002b:00007f1a500b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   92.091191][ T7880] RAX: ffffffffffffffda RBX: 00007f1a4f3a5fa0 RCX: 00007f1a4f18d169
[   92.091198][ T7880] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   92.091203][ T7880] RBP: 00007f1a500b3090 R08: 0000000000000000 R09: 0000000000000000
[   92.091209][ T7880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   92.091215][ T7880] R13: 0000000000000000 R14: 00007f1a4f3a5fa0 R15: 00007ffd4059e948
[   92.091228][ T7880]  </TASK>
[   92.209215][    C2] vkms_vblank_simulate: vblank timer overrun
[   92.325269][ T7886] loop2: detected capacity change from 0 to 7
[   92.330361][ T7886] Dev loop2: unable to read RDB block 7
[   92.331968][ T7886]  loop2: AHDI p1 p2
[   92.333128][ T7886] loop2: partition table partially beyond EOD, truncated
[   92.333554][   T29] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   92.336546][ T7886] loop2: p1 size 4227858431 extends beyond EOD, truncated
[   92.352155][ T6124] udevd[6124]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   92.451266][ T7899] set match dimension is over the limit!
[   92.473191][ T7902] No source specified
[   92.476392][ T7902] NILFS (nbd3): device size too small
[   92.483813][   T29] usb 7-1: Using ep0 maxpacket: 8
[   92.494303][   T29] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[   92.496542][   T29] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   92.499119][   T29] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   92.501763][   T29] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 1312, setting to 1024
[   92.505583][   T29] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[   92.508370][   T29] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   92.511897][   T29] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   92.514780][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.719701][   T29] usb 7-1: usb_control_msg returned -32
[   92.721213][   T29] usbtmc 7-1:16.0: can't read capabilities
[   93.074430][ T7907] usbtmc 7-1:16.0: usb_bulk_msg returned -71
[   93.135037][   T29] usb 6-1: USB disconnect, device number 8
[   93.265333][ T7916] xt_NFQUEUE: number of total queues is 0
[   93.303784][ T5983] usb 7-1: USB disconnect, device number 7
[   93.564810][ T7932] No source specified
[   93.568015][ T7932] NILFS (nbd3): device size too small
[   94.474271][ T7968] No source specified
[   94.476721][ T7968] NILFS (nbd0): device size too small
[   94.506729][   T40] kauditd_printk_skb: 22 callbacks suppressed
[   94.506740][   T40] audit: type=1400 audit(1743499846.519:369): avc:  denied  { create } for  pid=7971 comm="syz.0.602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[   94.514404][   T40] audit: type=1400 audit(1743499846.519:370): avc:  denied  { accept } for  pid=7971 comm="syz.0.602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   94.622543][ T7981] netlink: 8 bytes leftover after parsing attributes in process `syz.2.604'.
[   94.710619][   T40] audit: type=1400 audit(1743499846.719:371): avc:  denied  { read } for  pid=7978 comm="syz.2.604" name="btrfs-control" dev="devtmpfs" ino=1337 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   94.718378][   T40] audit: type=1400 audit(1743499846.719:372): avc:  denied  { open } for  pid=7978 comm="syz.2.604" path="/dev/btrfs-control" dev="devtmpfs" ino=1337 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   94.725642][   T40] audit: type=1400 audit(1743499846.719:373): avc:  denied  { ioctl } for  pid=7978 comm="syz.2.604" path="/dev/btrfs-control" dev="devtmpfs" ino=1337 ioctlcmd=0x8924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   94.734269][   T40] audit: type=1400 audit(1743499846.719:374): avc:  denied  { mount } for  pid=7978 comm="syz.2.604" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   94.760565][ T7996] No source specified
[   94.762912][ T7996] NILFS (nbd3): device size too small
[   94.812214][ T7999] 9pnet_fd: p9_fd_create_tcp (7999): problem connecting socket to 127.0.0.1
[   94.846564][   T40] audit: type=1400 audit(1743499846.859:375): avc:  denied  { read } for  pid=8000 comm="syz.3.612" name="msr" dev="devtmpfs" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   94.854411][   T40] audit: type=1400 audit(1743499846.859:376): avc:  denied  { open } for  pid=8000 comm="syz.3.612" path="/dev/cpu/1/msr" dev="devtmpfs" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   95.300492][   T40] audit: type=1400 audit(1743499847.309:377): avc:  denied  { accept } for  pid=8013 comm="syz.3.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   95.377650][ T8014] netlink: 44 bytes leftover after parsing attributes in process `syz.3.616'.
[   95.463827][ T8024] netlink: 8 bytes leftover after parsing attributes in process `syz.3.620'.
[   95.466384][ T8024] netlink: 12 bytes leftover after parsing attributes in process `syz.3.620'.
[   95.468938][ T8024] netlink: 'syz.3.620': attribute type 15 has an invalid length.
[   95.497087][ T8026] lo speed is unknown, defaulting to 1000
[   95.528119][   T40] audit: type=1400 audit(1743499847.539:378): avc:  denied  { unmount } for  pid=5944 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   95.855669][ T8054] No source specified
[   95.859036][ T8054] NILFS (nbd0): device size too small
[   95.893607][   T24] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   95.966918][ T8057] netlink: 8 bytes leftover after parsing attributes in process `syz.0.630'.
[   96.067519][   T24] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   96.069948][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.072418][   T24] usb 8-1: Product: syz
[   96.073574][   T24] usb 8-1: Manufacturer: syz
[   96.074908][   T24] usb 8-1: SerialNumber: syz
[   96.078735][   T24] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   96.110119][   T24] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   96.313279][ T8045] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.317316][ T8045] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.501553][   T29] IPVS: starting estimator thread 0...
[   96.528813][ T8065] netlink: 8 bytes leftover after parsing attributes in process `syz.2.633'.
[   96.547127][ T5983] usb 8-1: USB disconnect, device number 5
[   96.593706][ T8063] IPVS: using max 45 ests per chain, 108000 per kthread
[   96.839502][ T8083] No source specified
[   96.842512][ T8083] NILFS (nbd0): device size too small
[   97.164390][ T8097] kvm: kvm [8096]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[   97.168311][ T8097] kvm: kvm [8096]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[   97.202153][ T8098] »»»»»»aaaaaaaaa: renamed from lo (while UP)
[   97.310277][ T8101] FAULT_INJECTION: forcing a failure.
[   97.310277][ T8101] name failslab, interval 1, probability 0, space 0, times 0
[   97.313916][ T8101] CPU: 3 UID: 0 PID: 8101 Comm: syz.3.645 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   97.313929][ T8101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.313936][ T8101] Call Trace:
[   97.313940][ T8101]  <TASK>
[   97.313944][ T8101]  dump_stack_lvl+0x16c/0x1f0
[   97.313977][ T8101]  should_fail_ex+0x512/0x640
[   97.313997][ T8101]  ? __kernel_text_address+0xd/0x40
[   97.314011][ T8101]  should_failslab+0xc2/0x120
[   97.314021][ T8101]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   97.314037][ T8101]  ? skb_clone+0x190/0x3f0
[   97.314048][ T8101]  skb_clone+0x190/0x3f0
[   97.314058][ T8101]  dev_queue_xmit_nit+0x3e7/0xca0
[   97.314077][ T8101]  dev_hard_start_xmit+0x5b6/0x740
[   97.314091][ T8101]  ? skb_clone+0x190/0x3f0
[   97.314101][ T8101]  __dev_queue_xmit+0x7eb/0x43e0
[   97.314119][ T8101]  ? __pfx___dev_queue_xmit+0x10/0x10
[   97.314141][ T8101]  ? __asan_memcpy+0x3c/0x60
[   97.314154][ T8101]  ? __asan_memcpy+0x3c/0x60
[   97.314167][ T8101]  ? __skb_clone+0x570/0x760
[   97.314183][ T8101]  netlink_deliver_tap+0xa87/0xd30
[   97.314202][ T8101]  netlink_unicast+0x5df/0x7f0
[   97.314213][ T8101]  ? __pfx_netlink_unicast+0x10/0x10
[   97.314227][ T8101]  netlink_sendmsg+0x8d1/0xdd0
[   97.314239][ T8101]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.314253][ T8101]  __sys_sendto+0x495/0x510
[   97.314267][ T8101]  ? __pfx___sys_sendto+0x10/0x10
[   97.314285][ T8101]  ? reacquire_held_locks+0xcd/0x1f0
[   97.314295][ T8101]  ? do_user_addr_fault+0xde3/0x1430
[   97.314316][ T8101]  __x64_sys_sendto+0xe0/0x1c0
[   97.314329][ T8101]  ? do_syscall_64+0x91/0x260
[   97.314339][ T8101]  ? lockdep_hardirqs_on+0x7c/0x110
[   97.314355][ T8101]  do_syscall_64+0xcd/0x260
[   97.314365][ T8101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.314375][ T8101] RIP: 0033:0x7f1a4f18effc
[   97.314384][ T8101] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[   97.314394][ T8101] RSP: 002b:00007f1a500b1ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[   97.314403][ T8101] RAX: ffffffffffffffda RBX: 00007f1a500b1fc0 RCX: 00007f1a4f18effc
[   97.314410][ T8101] RDX: 0000000000000024 RSI: 00007f1a500b2010 RDI: 0000000000000009
[   97.314416][ T8101] RBP: 0000000000000000 R08: 00007f1a500b1f14 R09: 000000000000000c
[   97.314421][ T8101] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000009
[   97.314427][ T8101] R13: 00007f1a500b1f68 R14: 00007f1a500b2010 R15: 0000000000000000
[   97.314439][ T8101]  </TASK>
[   97.363752][   T24] usb 8-1: Service connection timeout for: 256
[   97.400045][   T24] ath9k_htc 8-1:1.0: ath9k_htc: Unable to initialize HTC services
[   97.404604][   T24] ath9k_htc: Failed to initialize the device
[   97.407317][ T5983] usb 8-1: ath9k_htc: USB layer deinitialized
[   97.545859][ T8110] No source specified
[   97.548329][ T8110] NILFS (nbd3): device size too small
[   97.663776][  T834] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[   97.697755][ T8125] pimreg3: entered allmulticast mode
[   97.744945][ T8128] overlayfs: maximum fs stacking depth exceeded
[   97.825497][  T834] usb 6-1: Using ep0 maxpacket: 16
[   97.828430][  T834] usb 6-1: config 0 has no interfaces?
[   97.832332][  T834] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   97.835450][  T834] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.837879][  T834] usb 6-1: Product: syz
[   97.839223][  T834] usb 6-1: Manufacturer: syz
[   97.840564][  T834] usb 6-1: SerialNumber: syz
[   97.842994][  T834] usb 6-1: config 0 descriptor??
[   98.055744][  T163] ==================================================================
[   98.058183][  T163] BUG: KASAN: slab-use-after-free in drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[   98.060934][  T163] Read of size 1 at addr ffff888052437009 by task kworker/u32:5/163
[   98.064150][  T163] 
[   98.065061][  T163] CPU: 2 UID: 0 PID: 163 Comm: kworker/u32:5 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   98.065076][  T163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.065083][  T163] Workqueue: events_unbound commit_work
[   98.065094][  T163] Call Trace:
[   98.065098][  T163]  <TASK>
[   98.065102][  T163]  dump_stack_lvl+0x116/0x1f0
[   98.065114][  T163]  print_report+0xc3/0x670
[   98.065123][  T163]  ? __virt_addr_valid+0x5e/0x590
[   98.065138][  T163]  ? __phys_addr+0xc6/0x150
[   98.065152][  T163]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[   98.065169][  T163]  kasan_report+0xe0/0x110
[   98.065178][  T163]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[   98.065196][  T163]  drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[   98.065214][  T163]  ? preempt_schedule_thunk+0x16/0x30
[   98.065225][  T163]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[   98.065243][  T163]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[   98.065258][  T163]  ? drm_atomic_helper_commit_hw_done+0x330/0x490
[   98.065269][  T163]  drm_atomic_helper_commit_tail+0xcb/0xf0
[   98.065279][  T163]  commit_tail+0x35b/0x400
[   98.065289][  T163]  process_one_work+0x9cc/0x1b70
[   98.065303][  T163]  ? __pfx_fsnotify_connector_destroy_workfn+0x10/0x10
[   98.065319][  T163]  ? __pfx_process_one_work+0x10/0x10
[   98.065332][  T163]  ? assign_work+0x1a0/0x250
[   98.065342][  T163]  worker_thread+0x6c8/0xf10
[   98.065355][  T163]  ? __kthread_parkme+0x19e/0x250
[   98.065371][  T163]  ? __pfx_worker_thread+0x10/0x10
[   98.065382][  T163]  kthread+0x3c2/0x780
[   98.065392][  T163]  ? __pfx_kthread+0x10/0x10
[   98.065402][  T163]  ? __pfx_kthread+0x10/0x10
[   98.065411][  T163]  ? __pfx_kthread+0x10/0x10
[   98.065421][  T163]  ? __pfx_kthread+0x10/0x10
[   98.065431][  T163]  ? rcu_is_watching+0x12/0xc0
[   98.065443][  T163]  ? __pfx_kthread+0x10/0x10
[   98.065453][  T163]  ret_from_fork+0x45/0x80
[   98.065464][  T163]  ? __pfx_kthread+0x10/0x10
[   98.065474][  T163]  ret_from_fork_asm+0x1a/0x30
[   98.065491][  T163]  </TASK>
[   98.065494][  T163] 
[   98.120561][  T163] Allocated by task 8107:
[   98.121751][  T163]  kasan_save_stack+0x33/0x60
[   98.123000][  T163]  kasan_save_track+0x14/0x30
[   98.124295][  T163]  __kasan_kmalloc+0xaa/0xb0
[   98.125549][  T163]  drm_atomic_helper_crtc_duplicate_state+0x70/0xd0
[   98.127301][  T163]  drm_atomic_get_crtc_state+0x16e/0x450
[   98.128952][  T163]  drm_atomic_get_plane_state+0x436/0x590
[   98.130520][  T163]  drm_atomic_set_property+0xa29/0x34e0
[   98.132017][  T163]  drm_mode_atomic_ioctl+0x66f/0x25f0
[   98.133484][  T163]  drm_ioctl_kernel+0x1f1/0x3e0
[   98.134815][  T163]  drm_ioctl+0x5c9/0xc30
[   98.135967][  T163]  __x64_sys_ioctl+0x190/0x200
[   98.137283][  T163]  do_syscall_64+0xcd/0x260
[   98.138533][  T163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.140118][  T163] 
[   98.140783][  T163] Freed by task 8106:
[   98.141883][  T163]  kasan_save_stack+0x33/0x60
[   98.143200][  T163]  kasan_save_track+0x14/0x30
[   98.144475][  T163]  kasan_save_free_info+0x3b/0x60
[   98.145833][  T163]  __kasan_slab_free+0x51/0x70
[   98.147123][  T163]  kfree+0x2b6/0x4d0
[   98.148191][  T163]  drm_atomic_state_default_clear+0x455/0xe40
[   98.149812][  T163]  __drm_atomic_state_free+0x185/0x2b0
[   98.151269][  T163]  drm_client_modeset_commit_atomic+0x6b2/0x7e0
[   98.152928][  T163]  drm_client_modeset_commit_locked+0x14d/0x580
[   98.154623][  T163]  drm_client_modeset_commit+0x4f/0x80
[   98.156071][  T163]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[   98.157994][  T163]  drm_fbdev_client_restore+0x2c/0x40
[   98.159490][  T163]  drm_client_dev_restore+0x1f3/0x2a0
[   98.160933][  T163]  drm_release+0x2c4/0x360
[   98.162159][  T163]  __fput+0x3ff/0xb70
[   98.163247][  T163]  task_work_run+0x14d/0x240
[   98.164510][  T163]  syscall_exit_to_user_mode+0x27b/0x2a0
[   98.166028][  T163]  do_syscall_64+0xda/0x260
[   98.167257][  T163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.168844][  T163] 
[   98.169513][  T163] The buggy address belongs to the object at ffff888052437000
[   98.169513][  T163]  which belongs to the cache kmalloc-512 of size 512
[   98.173164][  T163] The buggy address is located 9 bytes inside of
[   98.173164][  T163]  freed 512-byte region [ffff888052437000, ffff888052437200)
[   98.176730][  T163] 
[   98.177394][  T163] The buggy address belongs to the physical page:
[   98.179155][  T163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x52434
[   98.181452][  T163] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   98.183785][  T163] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   98.185873][  T163] page_type: f5(slab)
[   98.187000][  T163] raw: 00fff00000000040 ffff88801b442c80 ffffea0000d07400 dead000000000002
[   98.189396][  T163] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   98.191786][  T163] head: 00fff00000000040 ffff88801b442c80 ffffea0000d07400 dead000000000002
[   98.194190][  T163] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   98.196563][  T163] head: 00fff00000000002 ffffea0001490d01 ffffffffffffffff 0000000000000000
[   98.199040][  T163] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   98.201422][  T163] page dumped because: kasan: bad access detected
[   98.203202][  T163] page_owner tracks the page as allocated
[   98.204783][  T163] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6124, tgid 6124 (udevd), ts 82724278393, free_ts 82634803213
[   98.210209][  T163]  post_alloc_hook+0x181/0x1b0
[   98.211529][  T163]  get_page_from_freelist+0x10fc/0x35c0
[   98.212977][  T163]  __alloc_frozen_pages_noprof+0x223/0x2370
[   98.214585][  T163]  alloc_pages_mpol+0x1fb/0x550
[   98.215901][  T163]  new_slab+0x23c/0x330
[   98.217036][  T163]  ___slab_alloc+0xd9c/0x1940
[   98.218322][  T163]  __slab_alloc.constprop.0+0x56/0xb0
[   98.219767][  T163]  __kmalloc_cache_noprof+0xfb/0x3e0
[   98.221170][  T163]  kernfs_fop_open+0x28b/0xe00
[   98.222454][  T163]  do_dentry_open+0x741/0x1c10
[   98.223766][  T163]  vfs_open+0x82/0x3f0
[   98.224864][  T163]  path_openat+0x1e5e/0x2d40
[   98.226115][  T163]  do_filp_open+0x20b/0x470
[   98.227348][  T163]  do_sys_openat2+0x11b/0x1d0
[   98.228605][  T163]  __x64_sys_openat+0x174/0x210
[   98.229923][  T163]  do_syscall_64+0xcd/0x260
[   98.231171][  T163] page last free pid 5944 tgid 5944 stack trace:
[   98.232852][  T163]  __free_frozen_pages+0x69d/0xf90
[   98.234252][  T163]  tlb_remove_table_rcu+0x116/0x1a0
[   98.235648][  T163]  rcu_core+0x799/0x14e0
[   98.236813][  T163]  handle_softirqs+0x216/0x8e0
[   98.238144][  T163]  __irq_exit_rcu+0x109/0x170
[   98.239458][  T163]  irq_exit_rcu+0x9/0x30
[   98.240636][  T163]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   98.242153][  T163]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   98.243823][  T163] 
[   98.244474][  T163] Memory state around the buggy address:
[   98.246000][  T163]  ffff888052436f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   98.248190][  T163]  ffff888052436f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   98.250380][  T163] >ffff888052437000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.252497][  T163]                       ^
[   98.253683][  T163]  ffff888052437080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.255797][  T163]  ffff888052437100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   98.257915][  T163] ==================================================================
[   98.260145][    C2] vkms_vblank_simulate: vblank timer overrun
[   98.260576][  T834] usb 6-1: USB disconnect, device number 9
[   98.262567][  T163] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   98.262578][  T163] CPU: 2 UID: 0 PID: 163 Comm: kworker/u32:5 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
[   98.262591][  T163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.262598][  T163] Workqueue: events_unbound commit_work
[   98.262611][  T163] Call Trace:
[   98.262615][  T163]  <TASK>
[   98.262619][  T163]  dump_stack_lvl+0x3d/0x1f0
[   98.262630][  T163]  panic+0x71c/0x800
[   98.262641][  T163]  ? __pfx_panic+0x10/0x10
[   98.262650][  T163]  ? irqentry_exit+0x3b/0x90
[   98.262659][  T163]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.262674][  T163]  ? preempt_schedule_thunk+0x16/0x30
[   98.262684][  T163]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[   98.262702][  T163]  ? preempt_schedule_common+0x44/0xc0
[   98.262717][  T163]  ? check_panic_on_warn+0x1f/0xb0
[   98.262727][  T163]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[   98.262745][  T163]  check_panic_on_warn+0xab/0xb0
[   98.262755][  T163]  end_report+0x107/0x170
[   98.262764][  T163]  kasan_report+0xee/0x110
[   98.262773][  T163]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[   98.262791][  T163]  drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[   98.262809][  T163]  ? preempt_schedule_thunk+0x16/0x30
[   98.262820][  T163]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[   98.262838][  T163]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[   98.262853][  T163]  ? drm_atomic_helper_commit_hw_done+0x330/0x490
[   98.262864][  T163]  drm_atomic_helper_commit_tail+0xcb/0xf0
[   98.262874][  T163]  commit_tail+0x35b/0x400
[   98.262884][  T163]  process_one_work+0x9cc/0x1b70
[   98.262898][  T163]  ? __pfx_fsnotify_connector_destroy_workfn+0x10/0x10
[   98.262915][  T163]  ? __pfx_process_one_work+0x10/0x10
[   98.262928][  T163]  ? assign_work+0x1a0/0x250
[   98.262939][  T163]  worker_thread+0x6c8/0xf10
[   98.262952][  T163]  ? __kthread_parkme+0x19e/0x250
[   98.262967][  T163]  ? __pfx_worker_thread+0x10/0x10
[   98.262978][  T163]  kthread+0x3c2/0x780
[   98.262989][  T163]  ? __pfx_kthread+0x10/0x10
[   98.262998][  T163]  ? __pfx_kthread+0x10/0x10
[   98.263008][  T163]  ? __pfx_kthread+0x10/0x10
[   98.263018][  T163]  ? __pfx_kthread+0x10/0x10
[   98.263027][  T163]  ? rcu_is_watching+0x12/0xc0
[   98.263040][  T163]  ? __pfx_kthread+0x10/0x10
[   98.263050][  T163]  ret_from_fork+0x45/0x80
[   98.263061][  T163]  ? __pfx_kthread+0x10/0x10
[   98.263071][  T163]  ret_from_fork_asm+0x1a/0x30
[   98.263088][  T163]  </TASK>
[   98.263780][  T163] Kernel Offset: disabled

VM DIAGNOSIS:
09:30:50  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88806a43afc0 RCX=ffffffff81af353e RDX=ffff88801d2fc880
RSI=0000000000000000 RDI=0000000000000005 RBP=ffffc90000157d10 RSP=ffffc90000157c38
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1c793ee
R12=1ffff9200002af8c R13=0000000000000003 R14=0000000000000001 R15=ffffed100d4875f9
RIP=ffffffff81bb2ce2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69cf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2fcc7000 CR3=000000002a6f2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffffc000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faab2f35f90 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faab220f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faab220f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faab220f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faab220f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faab220f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faab220f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000032647261632f 6972642f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000011475142400c 4a51470c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
EAX=00000000 EBX=00000000 ECX=00000000 EDX=00000000
ESI=00000000 EDI=00000000 EBP=00000000 ESP=0000792e
EIP=0000ab61 EFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
CS =0010 00000000 0000ffff 00009b00 DPL=0 CS16 [-RA]
SS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
DS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
FS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
GS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
LDT=0008 00001800 000007ff 00408200 DPL=0 LDT
TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy
GDT=     00001000 000007ff
IDT=     00003800 000001ff
CR0=00000031 CR2=00000000 CR3=00000000 CR4=00002040
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000001
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4a7140f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4a7140f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4a7140f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4a7140f29d
info registers vcpu 2

CPU#2
RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854bf865 RDI=ffffffff9ae09320 RBP=ffffffff9ae092e0 RSP=ffffc9000299f508
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3235303838386652
R12=0000000000000000 R13=000000000000003a R14=ffffffff9ae092e0 R15=ffffffff854bf800
RIP=ffffffff854bf88f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6bcf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2f21fffc CR3=000000002389e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000c 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004000040 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeed4d40f0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08e460f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08e460f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08e460f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08e460f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08e460f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f08e460f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000893c8ec8 RBX=0000003c893c8e6a RCX=0000000000000003 RDX=000000000000003c
RSI=ffffffff8bf43760 RDI=ffffffff8bf437a0 RBP=0000003c893c6130 RSP=ffffc90000aefae0
R8 =0000000000000001 R9 =00000000000091b0 R10=ffff88816dd416d7 R11=0000000000000010
R12=0000000000000003 R13=00000000000032c9 R14=0000000000000000 R15=000000009ab7ae01
RIP=ffffffff8b6dc329 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6ccf000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f08e4570f20 CR3=0000000054f8e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1a4f20f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1a4f20f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1a4f20f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1a4f20f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1a4f20f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1a4f20f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c8a60ff3e0220f00 0000803566e0200f 300f000040000004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 13f67354280f0000 40003d80380f662e 67ec00a0ba1806b2 f30f66659a1c0f0f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000