last executing test programs:

1m13.304933385s ago: executing program 0 (id=1096):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r0, 0x1, 0x80, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="26003300b0910300ffffffffffff08021100000050505050505457f99eb3c401010003005c0200000600cd000000000004008e"], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

1m13.304204322s ago: executing program 0 (id=1098):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x8200, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb, [{}, {}, {0x3}, {}, {}, {}, {}, {0x0, 0xfffffffe}]}})
fstat(r0, &(0x7f0000000540))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES64], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="38000000031404002ab1000f4938c29ebda883bd7000ffdbdf250900020073797a32000000000800410073697700140033"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setresuid(0x0, 0xee00, 0x0)
syz_open_dev$usbfs(&(0x7f0000000480), 0xd, 0x141341)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
setrlimit(0x8, 0x0)
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r7, &(0x7f0000000340)=ANY=[], 0xff2e)
ioctl$TCXONC(r7, 0x540a, 0x2)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff2}, {}, {0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000839}, 0x0)

1m12.352899511s ago: executing program 0 (id=1118):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000180)={0x0, 0x98a, 0x1, "c2"}, 0x9)

1m12.274334396s ago: executing program 0 (id=1111):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002580)={&(0x7f0000001540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func={0x2, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x5f]}}, 0x0, 0x27, 0x0, 0x1, 0x80}, 0x28)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r0, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000080)="0f20d835200000000f22d84d0fc719f3e1bbc4a2519618670f017cc41565640f01cff30fc77100f0818e8864000000000000440f30450f01f8", 0x39}], 0x1, 0x2, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x56, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid}]})
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)
recvfrom(r2, &(0x7f0000000180)=""/47, 0x2f, 0x10060, 0x0, 0x0)

1m11.304223619s ago: executing program 0 (id=1115):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x90004)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
accept4(r0, 0x0, 0x0, 0x0)

1m10.924591725s ago: executing program 3 (id=1116):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe(0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000015"], 0x34}, 0x1, 0x0, 0x0, 0x41c1}, 0x4040800)

1m10.92416883s ago: executing program 3 (id=1117):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x7fff, 0x267, 0x0, 0x25, 0x19dd, 0x9}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1m10.484667344s ago: executing program 3 (id=1121):
socket$inet6(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x3, "0062ba7d820000a75e0000000000fcff00"})
sched_setaffinity(0xffffffffffffffff, 0x8, &(0x7f0000000080))
r1 = syz_open_pts(r0, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)
openat$null(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d80000001b000100000000000000000064010102000000000000000000000000e000000100"/56, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xd8}, 0x1, 0x0, 0x0, 0x4044001}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
socket(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001880)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e16000002800128009000100766c616e00000000180002800c0002000e0000000a000000060001000004000008000500", @ANYRES32=r6], 0x50}}, 0x2)

1m10.415172282s ago: executing program 3 (id=1124):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002580)={&(0x7f0000001540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func={0x2, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x5f]}}, 0x0, 0x27, 0x0, 0x1, 0x80}, 0x28)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r0, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000080)="0f20d835200000000f22d84d0fc719f3e1bbc4a2519618670f017cc41565640f01cff30fc77100f0818e8864000000000000440f30450f01f8", 0x39}], 0x1, 0x2, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x56, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid}]})
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)
recvfrom(r2, &(0x7f0000000180)=""/47, 0x2f, 0x10060, 0x0, 0x0)

1m10.204564059s ago: executing program 0 (id=1126):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mknod(&(0x7f0000000100)='./file1/file3\x00', 0xc000, 0x7)
renameat2(0xffffffffffffff9c, &(0x7f0000002200)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000021c0)='./file1/file3\x00', 0x2)

1m10.155345561s ago: executing program 32 (id=1126):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mknod(&(0x7f0000000100)='./file1/file3\x00', 0xc000, 0x7)
renameat2(0xffffffffffffff9c, &(0x7f0000002200)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000021c0)='./file1/file3\x00', 0x2)

1m9.454526679s ago: executing program 3 (id=1133):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x7, &(0x7f0000000300)=0xa7ae, 0x4)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0x2, 0x70bd30, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x8, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x828}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x2}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0xd94}]}, 0x48}, 0x1, 0x0, 0x0, 0x4040801}, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000000c0)='veno\x00', 0x5)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r4, {0x10, 0xffe0}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22044028}, 0x40040)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e04070620"], 0x7)

1m9.344791072s ago: executing program 1 (id=1136):
r0 = syz_open_dev$radio(&(0x7f0000000140), 0x1, 0x2)
sync_file_range(r0, 0x80004004, 0x6, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000240)={0x800, 0x8001, 0xbb9, 0x7, 0xb7})
syz_fuse_handle_req(r2, &(0x7f00000021c0)="1a1bf258bdc9f689c2c421aea0b5e6e277ab8227e0ecc7181d99cb039523ac4f21069c7411bdb3c58d6cbceb209c2a92afd63276b3ef9805157e7edcc4cb319c13e53019c1916ddf8c0f66d7e65afb76dfeb01add47faaab82536cdb72f859ac11fd497ee171914a1dfeed87f2e7e36bdc6536ac1841855e6a223dffade00f21b7a3fd86bf47b3e6733984b0718b9796d184d210f894807930cb1c2771ba66216076527e77605a1ccb5873bc955c4a74aaafa13a69dc98440921a569e22d05a4138cc7685f989c9c191e08571c34c0a449ce727260f6f332d8bc4a9defacfc144bd4dc7a83ef9ebc8cce944c31eac92b840a0f60a1014187fbcc9e860fb94e11c178984d6373677fce19249775aaf17fa80a128dfa786cce3f18d4b2a105b332b70e16333d648e3cd463023ce18436821f00d0fc29e26ef2dbb7e949707982a9d243447fcd8271cfc9678b8d097f7b6e0cf89a74b7257e308b2a58a2cf2b62a4ca7c52f0b1a0e04aa8c931b874662b5f3c49df15c214dbfca7fec7cdfbaa9b3a1264a3d467140cb0b19931daf7d7dc5971d4cccc1419415f9145f04a7d0dbf9637582cf2479bfc63f70f677e1b40545d381ef6f10e07eab1ab42514038491f833ab31c30f2c65eaeebdcb23a07553d527e9a89a5cb535c85e31b914e47390548a3aba0e30460483293b7dd537ed3738d31281b6ff5820361750839880548f8f0946a1e6c3e7248ecaa230b5ce03c5539d48cc0c255eec89282e86acd830b086e16abfe550187bd0d24e3ddb93cbd5b74d11b4ee6eb0e5527a15fb08e9d09eb690fe2bf365020a45b59081929bab81d90dae0fc53c1786faaa5480ea76c3f56958aff51583eadae41f5add8f857b60dd9504ca333dc79b9fde373ccc6db20b54d66d8bef1d376d9696964e9e76a263d4a1044da56c4ff1a222e2f76f6a62874f03fa1ed8e5d82f9ce6ff71cd7a579839e8139060072f2477eb664eada7675ed665a829dd7639f5107b098ca44281cb5fce9716035717824c9d129db601b1776f5f67c2049ed7f3ad0be67cc03dadecfd7cc76bb997885d979feafde4f0ee5f5d30383a792d0509ecfb9e8c4cfe54fbca29f36a48748d6b7510d4f8ded8ae6e168c59bf51f5bf18be2b18b3f860243af523c881e5e4bf4b995c96e81cd6638d2a749ae96d1d589cbe1f636ace178673570741e42613891a8a027f78f28e308cade08722e5fc629f73dc3cadf84515dbeff9f9d8c4cd0aa7cee59ca5f7afe0ae9c5e86680e0976bb58d60e5afad4b11a3d44d36d5e8d34169b52152ad5a60eccf0f8d54c4a7d936cfe389babd7f76219780e9d915a4b3dcb384f8c899ec02071e4e1ad329b7a1523cef48e81c5f40a2d429af3a985fec3f9cf9067766c6eec356c7608c45c74a7e28d6620303d237f870e8c9c34835622edfcb16aeb24a109974072ff969033574e8d189662efa9062422ef2f975b59aba0149110b29fd1905d3f755bc66964da685a22dc08a9443c7385f034f41c173b8776efe43da86bf078b53fddd6c22be93274d4ca7c2ffa0dac603cf641d8b54d9eb40ea30beb12a7057cada928b81d4807e52c432546f6438429e6bc835844d8fbc7a252e97628f5acbd4aa9df28dd38eb7a1d136849c375a7fbae0364d6befed9357ed10734db7367bb3b70d6d2508789cc2be3a7c67127e7caaf089a8861f48e0742c98622abecdb622803a325352621da831d1c1f1a210e16e9bbd0706305b4f1f6314aff880f6f03a016d2c6bd5c5a8055df05ed0ec2c0d670c3ae30ac764a05706d8f9a9fbace8b089b751a5b85bfd4ec3328657c39437f54035fadbf67df39e357440a56f7dc89db08fd1d854ecc2b1e2db4f5119cf01bd68b5f2d80e727056cc0920a6abbabd2fdb23992e40ae8935d5ca46b4648fdf58cab977e4a7980d25fd2af7d0e596aec98677f7eedcf2a8a429af00a401e712f7007e19d3588bd18ba2511fde5646a1083960e89176d8716e0565b59aa63fac085dc8fc3d828d2381105203ead50a01c869760823f5bacf898d9af2ebb4eda6efd1fa6ea5b7b019c3ba4d625f70dd5d841c1fe96eb01785a43e0c1cb4877dcc55bf0c8603fecf507772914bbffb8cd5c9d51b9e9e72e6e8b00512c2fa0a23ca3d71d75600ac3e7ac9580a4abfbdbc3c9bbcd1e2bc4096482912c45870ca932dd18a9e5c04826be0f6165c1e885fe1e252c96aed9b2e326c3b8651d3814843a778d748eebd17f1e5c92848a13e1570966249ae7d3c563748d259cfdc589e1ca287f22359fc5c207a9fe48814574dd9960e5234bcad598f6a968b2c24873227c4a0c3fb2c92a8dd3cb9b052ac19a9d5de68b46615677add2eff4b2ce562a68fa5a4577b225b49ed476fb1dfeb75a23193aae6caebbbd1aadb7028d352a4c49b0dd12d86025cfce0fbbaba4c4b1c5c0cb781825c7b42263603ddf50ebcc798b37cc84d52a437fd6c91abd2d66fac0e535177f3b19a5a91b57122adf62d831a7b46b5ff22878d8c053ed6c1785f7a3086d6824adffd5e7848013804d4725d3d3a662d2564580104210b74c174ee163d81b5ad0cbcf2af67a01312c7d74dc19840507e10d1711df67e52d04f354a5377387ea9e604b3c483c0f642b987198e6a23d7a39c2db845a1f68f4fab5379d80487cc2b3e43c911575a6e3dd26bdfd8ec85ced7444c0fb22a4c2e9f0accd29405fbc5752f95d4817e6b8e1f95ffa4c6e9aa92461da63e24d9ea34fa096cd3911c63be80c8f0a96309d2231d39f8944f04818a5e635eae9254decfd99b1fa3373a726594482474de4fa4842469baf04d036e04b7ff9b30d4cef8c1a52e15ed130d3abbb52935e41a106fda9710887015ebbb5baf3ff0ef1de7b4368274b1e1038d1b44af2c08467c475b8fcc70b3641467d775a87cb985b40f910cbc856634e33a9bbe834c0fd308198ac54a80de2876940ad774b992bff07eb81786a31397494d6d09259aae70e304df2e57e2123054764276ef803c046002fd8a4e4d0346d74aa6bf93747ee9f9dbe920a11303c3446b325856ca9b484c7c38508599f0f33fbacfd8984231e73ee59787b5f1dd4d1ad7ac739cbd1e53ec726434b767373db936800cdcf49be3955b22bd8dcae5c471aebfeab0a421ec0583847208a54e50e2299b90dc92200b0722be745b05c0a7d65eff13289075b71dbb8c5e357616d39923e1d6b81e1402abb2fcf80dd2147893a2b3de12314b902d0857de8c77fcfd12477f6542792babc1c7c3255f55c656a59e9bed71362f65425c43154919bccfc0201e59f805f8fbabeb136f02cb422ecc96b6630bd5f046d174aa369821ef8b37c9e681ca2654ec51a6f0dac57cd197b1c494230948213cfce943b5efd0428c60da4dc4c1ce7d9b7da804368e23c0608411b0d3e4f8cc80ee1be75ee216021a01c521df6413bc4aafec8f4a185de7b28c7f0a4de869b34fdebc3867d7eb3b30c553555659a071e2d6ac69a7ee3e81c5a7dc0e23a909ade0848bea7169e044bdc9f87aea29f36e334460f2c1447385263c67f873d428a2d33554515d7f27d754acd1247443bd64f635894aabf3341adcbd44b527f45f5d38dc96e6f7017aa6a595f66033a703daae9a002c7418840b4c0294d1ddc9a028be009f969cc07ef8fd911803303696ab0db4e7e1677f030a09d32f24d5589335ccc9a3adb99d17b8553c06516c8d41b90b56404f424721910576f22595c1bb1571d406dd724f775dd524cd084450128e9e8458780f26a33456f33850f6407a5432aa0fb5c0bcf557a39b1fcf3320f3cbd59979e031dec13e78ae0b9d9599f7d3adc9680315ee2cf53000f9892fe797da9753bdea8f4ae91b90a707c945d695a5d1e5d436b7f4f285580f4e9ba29828f3a6bc6dac8c856ca48829fb51d1b4c43bbaaf7db1775b3567c4e00b4090b50510e0b8ccdb064f5c75f22b5945c0316210516999bd01132a72d4133d51911c8f42f294ff5373c1e73e175454e111d8c9f0e0321e72351967d4ed759e24ae6fe9ab30e0be14f1a28026cf5c902c2cc0ab4dc9c9414517de95d7a42cb406ddf36d96e17ec69bba8cb1904bf8efe5639dd9d1e713ae1fdbb9431fa44cf658670fec67d638972b3cc715cd0373c0bb7a7b7f77d1fbc76ec229e272f577119148fb3976ff1dbe7eb78bff2324395183db09113a9d4a44b07953ce4c7642948d68bceee32453b943c992c0c3a7f5951d937809d3d6819773da5f8c757c6af5cc8a145430227ae90bc4dab4530a69c021809a65a9e1c1a3cb8ea28787a54e4adbb6e5710eeba63fc7c9d542e7f344eb5928fa6954ee9cf034b3f28b8c3a4681b09e61a345e7fdd241ac4095f01ab12260fb9bc970c67e7f71bd5405a5070fcf3f0a0446fc344024dfb6a89f8d11556d12f8d712bce084321c93197ad4d2a180046fe925a2835214ed394bf97294e8e2dcfa3d50a6737764bd9d353257264158238c6677876ce740233760c48f22381ed3210837aa6776cf34ebbbc0125e1c77f0f110278d2bb9dd2eedc533ec46249ce6eadc310540a3ca771bcf4355602b8abd101cc31c91de9986f79be5d3c368682a4f23d15fb82a302b9240f095e775feda6da506a7572ff9a7997d94e368b5baeb0c056886db312fa9c7ba3257ee2a39f34274663a435ba2d5aa4fe00036b1ebe075adb81ed754aa55b6f5ca73e8edce1a40c0d401a8ac87807e9c0d1b34420fc6863406742abb348a359ec5edff684dc4f9248e6f2c342a0bf629f88ece0361a0f3ce4000acb1f19b3beb10646e1d95fec8fee7f275ad60396cf08e6d002ce64136d2fa760b1d10160064bdcd86d13a74f98a7f423b72cbd87f847349ab7a226afb555657b98b5a753d9e35b204c05dcc430ab3678b268bc1d66ce18f6fee48a3b19c5ef0566dfff40c839cd719fb2a7ada58731284063e8504cd5f8e4d4f11ed5beaeeaa303ffd75403bba891fb9c1cf393b8aa89850556df3a70df309a8307855ec1cd8a31e9dbbd07bf08a5a7a4703e6457b67a499afe635c7dd579140ad15fd53ae0384870b1c29799b5643cb3f539c6391dc71919773e877b971687e0a61924993ab82401f62e00a128985290e9adadb6529ef14c6f965eaf1cf57c08acd5e5ecd7031d000b8ad7eb19edc19de178564dd2ca7eb79bb717dd303a85a76bef93252d68f65e1132bf77dc8b381dc84a3d917e174de5ebc569654d77ea832350fc2fa45c0bae3882c85297b597aba2c6e41528b97de6a101edc2c460772d355a355c794ebbe421fda5140b430eff3b88dd63ee1426b5a394006f531c0fbd825b72bffe689e9c4dcba362485d0a6739d54d2715a92706335d504cadcc23d8de2d870e6f11e67844128b3ba6b10809821897d794892804d8b81036836aef66131df174bbb0a6f11cbb5781c3e821bfdbe32c06f40e11e0e02b70e4c5ebfabf58e766ec24907a1bd2ab3d80ca1e66658780699f1eada7ce7b8e074ee7a3f40141a9f4362405a1ebe8eb39742dffa91b3cc41c49910cbd4a6aa088e7fe74fc8fa54c53e82b581514130b13bf1bbf07674b77ece33fb8217e65fb03912b10ac24863b9aa4e419da868935a1c835440cb6c2b599e32277aebc5dab22514f87ebb1badfbaf42fe3d8979a6fb2e409b649d709b538b483c424cf7af0f68be41e01631298a884d4afe52815b9dfdd37c03fb70d1af366d3a5954c244602e80d000f3106ef3ab2a2be5ece5a0d30bb6cf9d1f0ad0ed8bd87217a9285bad09432a5a582449bee76dd0b59175590e1edb8132d9703b8a5329d0c249f5159815076a8d930959a8206ba080de944e3e72976c18817b2fca01175b9a5c0fb1d1c1cc154917dfae64237295097837b734d0fe48f58644fa601aab06da0a05f35591efd31fa7a6b11ff0c81e98d6f1cf23a3e5c2b28e1c97b7561af44618c529a76aad5939fbd807011179b63ba179c66ac2c398da195c233e1ed33d5663a2cd7e4becdb15cb99cb8a270e64f87aa4735863c3f0125dd2a112d8dce9e9b745eb23cf31e8f5db5b69cda662d8a2235f22a68d3171c3bc9bd403a169c1285c0ed8f1f2d5522435307f93aa7c2ef43dddeeca89a9da4bba207fb04537c20950fd047c0052be427075ae26b420c4305ac902aceebd741a4d11b120fdc8b03c10cab560044f9c7c0afe2866893ab3b98725af4cbd9bd71000315d2b1a7bfd10e3136a53084e5aaaa563539fb0f335c21e9e37658c2cdc96e238682bde6c05155603b9bb9c07ad3f56b72312acd6b675ecd5bb6c71cf71ee1d66d8718f30a93ca6d9a9dd7002a46da81d92067aa0219604427901b30b94c09273dfa1f3fc543222595a3b593d02d9ef34fc66a05f2e5c14f15565c02be66cc997db902337da389f25ac01d84b13b90cb197df958d5d3b2be7f626148b225f6a92da3700a2e4ef8883105cb93e3c340b20557e52e3076a91f069f47547161e91618a1ec6d1f61aba188f14de82289566681b2ff243754b83f6f932bc9bb65bb20bc93a6ef162102709d86b6b2f9e8b4b779c396d47c702bd6b68b333805297eddbad5ed4c393087bcc86decc8e9ccb216f2509564661eaf683e7750ad8ec7ab57551de78220bdfea794c41a8b68735ba2bf74f98af22968bb011d7961d3986b09141773c7c99006b026ed073db5d05f7770ef9dc2fb188d0f5171b75dd1a25e8d7e7941dd53a7ea5b5143acdc954aba040d702148805cd6ada8d2a3aa232881dea941611a73a38610747e654944b8e127ab7cb5841cfb02a6f4850e69afea2d5a469eefa89d47501548f60d46ec41d387294ecb1b6de86694eeed21f511955912e5e735290396a0d5e6fb4e0505ce1b85debb12d2aca70be2d70f3d7cf948667077bf40bdc2d2c906f1ac864a59191b71cd86f9c479386704ab0659cddf25b27207a3ea32f702311965c5b8986a487c86d6f58da03b7d1e56a961088a6d957eba11f6a401850b2e7faffe7c7c81a5cf0639c06fe3c5365a8ed263aff1dd0d4466b4cf41848eb326140101526339a4485d8f8cab1ef3620251b4e2c6c4bec5e3755a22975da40949c3b48206ad087bf893b7797875297591cdc1aa167aa6036e3086bb66f199e5bd023952932e7e2883f41fc41edc71d260e1c73b8b5c68269f4ebeb47fc027e768ad34db9528b07a7bf68aae38f1c1fd8b87a56426c682f5790171487e806e900dfc389470f212b09898d95ffd380ec4d5c62c32fe0c7bc257993ed0ee9076369956a2e493fea88a038ffe710826818581487952f538605fc249253d91280361b0a80a669a4d912fe7b7c9ecc22aa9a01147a8ad1a39fa536e9528b352ad11d71e9757e7492b13b3fbf06d012aeb564d4a9e02dbc837d24cd68b99d0bf7614c7a6f8159926a9da81c4be3a5b93cdf4ba99ecaf3439578ca871f3337cc8e45f8b2ecacf91aba09160ecd5c5ff96fd6c4371783b052f9564b3c35db1af0ba923282d3691ec358eedf1a62da58046591b0290be2fa2c476c6e931a81b839be86c788297dede79412cb7ae003e4c877ad8a4f6ba2eec3966db1f07ea6fcc7b9ca9ac58ecdb4240cc113cf97681a280feed353db6deec3ea42a949f31ea4a7a60db94e55a34818c42c55cfa0315f4650b9b88dd8deba15e33d8d5d44a1eee19a57dd19ada3e86a9e18a43d6eb87e0490f006a069f853c5bbbe2ea32dd9f0f15d5c15a760832f6b2200815d93d404b860f441db9f5a6956432637a3473bfbdbeedbe2f543c4a89162150fdce9412939528be7bdc51fe7f66f5df8cf3cc62148e9ad035d3ffa267cca3a0092f48f8b12d04516dd1c83bc81c1936002afedc7a011c089ac31176b771a14b33b9fd1e1192c0df8db70faa31de029c22686aecf704d51c312691bf7215fe1b0f36c124c6a28f5a7eda377aa5a32817003d0832d59a3b742268ab3c358931e2c3b2bf63e841a5024b7a2a86e1bce6cf8f7d8031f8942ad4aa376709721abcccae98af060916fc434c86ac85cfede479549bb8c785b48ce2f426026980da1ebe44cc6ef857efdba2f969304e654d2cd6f3555823f670a79f1e664f34062e6e6c7b831c2d9c37149a9720924b31032df26faf081e2edbfc35ed746cda3a841cbc770a22e4b7d430734f67cd9f3fc186811336e3d1b3bba89a6f13e6b898bcf815c744bdb9243f283ae18d7caccc91c6f71e9e47fc4b5e3edb700539bf74e32fcd320087fff75567594338c5ed4eff53fe11cf53ddcd97a7988675dc98c0ebb88450e092b680b5099fa61dd5d5f8d9a2968cf26a3dfdaaf20a7949a9c926463498f3e60307c9c3067ee5aa93a06bcafdf5a621745e6f9164cd3f720c06bc609ad875ad23008851af3d65585719cde8d1a5fe46a43291e18374c5d4558aff111aac1754d9f54f009d21d9be54fe92e7a53db63f3c2b63e49987fbe634828f216e69d079e6fab4f55decccc5453b72ba48f2fbad6d56a80d12b97ff16523c773c88afc62c4fc833a6775037b500e387e5ce290c119110e6d42120e29964439114bca67fecec42ab2cc02910ea9131444afe25894e3cccef9f082b0f9b0735efc99dcc05bee83824aa24c9565abcf23b756a9f1b5b045bed51386ad7f735f03704041bcb5d1e762f6462364d8744c0fb6cb35781d42b7451b853f63a5c03d92ac89bbb5c5fb1b5af20c6fec417561e53f8c44b3f2b27d08d5cb913207215b220d1631afa34f95f13060f2844f1c4dd4bf0ccd40d09a1a055d6de0540717d92fcc03d0dcbf7b7ad5113bf25f0d5efb2e27282ad92f97af9f7a74cf9a74fa8a87c4ca78f065a3147d08f6d502167d264f75f0ede750abdf9eefd9f81433cec7463f76f78baaa3667d94405f302c872511abed1d26a52a5ab1001d6bab15d4d0e8572c91beffb97100ea004b8b4e67fb9165f84f2fb022c544c251da78e042bf3182b11b6564c27ff3e39497a35334f1768cef098bc86a1d6f7e808fc1024fe6434073dda424aa7829ef4862fe7b0ea3108a015388908785a30b80b5374b910d08f7dc827a35d676e67d5676bce0429cdf6993985a0dc2367989dd7c652600fa55150cce454bf2a9c2603f1eca07f4604a760b37f103810d2d98c8f76850e7dd398d435dadd3972adf0efd140e39dd10a2c25280d346fd6915d72bb53bf8c6754162c02c00dc275172a5f96a6a3e25565585ca709a64c402a5d1d636571e2d2996da5e669b1a5124313e1d3f507b5d9ca017d5754e3fed3557f119063395a776462c480471f09a795b5e31e729f01467c88d84d2d0eb2b2d559a720c31bfc0f72cffcfc8b906bad7ba92bf2e9fbe1bc5698a75bcb8d2cb6a7d069d14990876fc754f17db6c50c4ed47d6f3940b11108854a023049ecd45b8d56c01568c84bf37c46c5469524764a2487f1e21b3e05ea541a8ea25176df29560e6f007607d63a189793663e4389144811bd662e210e524a1abbf0e83f581a18ee5f6ec8e4d56f7e08ac7b7edc2faf40373cc3dcfec9ce793f4c2cb7ae08adc36644e50c9de676fbd3c7e1856ce62585b123717f6b15abbb4dda7841eb35930374e373b718b8947636bb76a23d9fab54316c45a75736bf1e893a79f47353466819f2e713668447d58b3f8b234b9aab25693f368138280d5ad6e472134099039e3d01dcc6c148aac3c92f6854873ff98264c7f7422aee6106d2dedb72954e649c7849ac3526e7551f4d08201576c49390ebd65dd31103d88a8626c3e7086ab85fd5542aea9dff1f8df7141e204584e4692e5b78c94f480509dbcab7429751ca9749a499701f69f902802b45f89d9ddf689058e935aa57eea3e7872c23c5e4600c301ab977522073875157963232e7dab90d748e5578cf07771e1ee50586558adff8429038950e9a5ef60774d01415771499cdb0b411c6b46c940c4c8262904dbd2289eac3e07abafc0b19becc0016d2ba0665d013365fbd3cd6e93a86da4e7185e1c0e3cab5d50958f3be15572ee5003757eb32cab0388f74fbb44dbf92212c08982493f60da07d2387d8a580d6b6b12dfed4a880a816ad021f70380ea0c86a579fc72c6924fd87ceabb8478c17a892787d4c3fb3ea00b2579da45c04134a1a13a27c39962e89673b4f076de2f1af006d42f4c6caece47ca76645412cd3f7593d104f1e94c65fbbd506d85548ad45cc74c23b8e9452dbbf92aadbf7d3245444afd161a17abd1a1e4294653df12f14b8dd7c695a6b885aa6bd8982a183078d75317922dd57a16c4b4d3d65b30a7cd17911d1da5ece3e8063b4ec9858eaaf3e6c86839a44b78a4cdf4b00fb4b900c76d85f7b89b70bd132c4d5b8fb01fe251b2ec019742db4e9a5dec5e8516816b5898ea9c2a49de194844e48a41f76c360dba8677b3df7d0b12733623cdd39b9a6b7a7de2c09a4fe0cb95bcafeff1a90b669b92511718bc1383c8ce4bd961376ad4c1c9bc4e46f849fe41c110925adbadf5e10ab6b6560a63832d63d9628c7a89fbf6f8353d8fd72bf3be33e1fc21aae7cf54e3d6f1fba871296a845d6ce99c86bcd7abe040891488227658db3e14aeb9712e145be6e71b57ca8fb0d9acbf16d97b8e530852e34b37d96a4a568584d465be7738e32a654f86aa7e89dd1a7a3e707ebf7a38df2ec2ca0a6752717f4a74b5b4768c2b66a4b7e373883e3e03191f6878fa6fcdf6dd0ef0f78efc6d32c1e10746c8309793500092c45ba162c4f2e34e600d43c35a8caa684f01dfce4ce57ee6b3f6986eb52dd32f02ee2455019ef8ad9d8f042342cf108966694c86f895f9b4af375c96716cd8478c6b667e4bdcc1ba78823c08ae285c121f57963cef71dedc41fd2fd5ca8af2559a83c0fd01e7cdb9fdf9668979e3011dec7a7d2f1e3e85acacbc808a8e6cf0b123c5f6a17c442f1652d224c1118a0629ec098c8b60fdc3a91d62519863171b5450af61146fa6d6293298a5f92fd225bb62fff98b2f7d004b7b2cc87adbfc5633ce5d1f3acd63a3ef65c55b682f87140dce64e4ee313d477df612908f2ab86b38b5b7b7c006d3d559128bb2afe45ff9e5af7ca2dbfd704b64bcc3e775e81e88d092dbb842c101e4e252d4aff72d3a08864d2024398ced335c15b324e5f12006b12cf3e5a6198d8d3bfe5513b614a201cb354e3cedea8049fc8465e74dc79e47c5476b195c3ba196b122253f1531f219fb73d9c6f63e6bcf136d6493d35b8976f66ffbb62b5360ed37752c894a2f98a44a9a8f1e12e46e2dcb7484612a58e6ee139112ae3af2b9d8e1171aaf4114ce4dbc56e075e6a3155f95a1f5334be9cd9d89f2ba5555ec9858a86ad71e9fef6b51199611c0036f3b54cc1a4d5f6c5f2a35b8e8c6d96c07a9f6fc427361f5fab31849e1f23f1b5c785b7344499c4d63c8084d7852c251d7cdc3f44591f2e1083f409dbf1e92f5d4a58d567736d7a996ffa7b46550565f9b0459c6f30fdc4a693346524add323dc79577a3598bc7ca6c6cc0b304c6fd4eb3cb5da21b9febf404b3ea01188f7554f09e4331a28a807a5adc858543637c4006f9f8c2e6e433ee2ac69f3f5443d84c2e2cb8ed8962bcc2653294de47153c9be911aa2f20b127ee5ff5f1b6084fba0300c247a13e0d9b4e680", 0x2000, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x20, 0x0, 0x6a4, {0x0, 0x16}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x1}]})
sendmmsg(r1, &(0x7f0000000ac0), 0x2, 0x44040050)
mkdirat(0xffffffffffffffff, &(0x7f0000000300)='./bus\x00', 0x40)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000100)={0x1, 0x7ffffffb}, 0x8)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
close(r5)

1m9.072191874s ago: executing program 3 (id=1139):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4097}, 0x804)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'team0\x00', &(0x7f0000000180)=@ethtool_link_settings={0x1, 0xa, 0x82, 0x7f, 0x9, 0x0, 0x25, 0x80, 0x41, 0x4, [0x2, 0xd, 0xe18, 0x172d, 0x3, 0x7, 0x6, 0x3]}})
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x481, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000850)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r3 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_LOG_BASE(r2, 0x4008af04, &(0x7f00000002c0)=&(0x7f0000000180))
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000300)=""/71, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0x2)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x6d8d, 0x0, &(0x7f0000000180), &(0x7f00000001c0))

1m9.007748092s ago: executing program 33 (id=1139):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4097}, 0x804)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'team0\x00', &(0x7f0000000180)=@ethtool_link_settings={0x1, 0xa, 0x82, 0x7f, 0x9, 0x0, 0x25, 0x80, 0x41, 0x4, [0x2, 0xd, 0xe18, 0x172d, 0x3, 0x7, 0x6, 0x3]}})
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x481, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000850)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r3 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_LOG_BASE(r2, 0x4008af04, &(0x7f00000002c0)=&(0x7f0000000180))
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000300)=""/71, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0x2)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x6d8d, 0x0, &(0x7f0000000180), &(0x7f00000001c0))

1m8.461523416s ago: executing program 1 (id=1146):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x5, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x7f00})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r1, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)

1m8.022385084s ago: executing program 1 (id=1148):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f0000000000)=@file={0x1, './file1\x00'}, 0x6e)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

1m7.778021401s ago: executing program 1 (id=1149):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002580)={&(0x7f0000001540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func={0x2, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x5f]}}, 0x0, 0x27, 0x0, 0x1, 0x80}, 0x28)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
accept(r0, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000080)="0f20d835200000000f22d84d0fc719f3e1bbc4a2519618670f017cc41565640f01cff30fc77100f0818e8864000000000000440f30450f01f8", 0x39}], 0x1, 0x2, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x56, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid}]})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
recvfrom(r2, &(0x7f0000000180)=""/47, 0x2f, 0x10060, 0x0, 0x0)

1m6.732578429s ago: executing program 1 (id=1153):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = socket(0x40000000015, 0x5, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, 0x0, 0x0)
ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000001f00))
socket(0x15, 0x5, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x15, @remote, 'bond0\x00'}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022})
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, 0x0)
sendmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)

1m5.952245377s ago: executing program 1 (id=1156):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x90004)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
accept4(r0, 0x0, 0x0, 0x0)

1m5.920194182s ago: executing program 34 (id=1156):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x90004)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
accept4(r0, 0x0, 0x0, 0x0)

3.194456555s ago: executing program 5 (id=1867):
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000010c0)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYBLOB="010026bd70003c140000020000000800010075d7d524f4cbacb32b285168bb5e328e447bc05fe1dfd55f29283925aadb362d34a3c41fe5d643461b816378220aa8c1562ca62d156ac759e6e4e678463fd72b55e234d0cdf4ffc1162783765a95316ff1cfe36dc90a5e13ea195444d04d39f813e57cc82f99166f33058c4c5014adc1fbccb428a86a9c249d3bd4a7e5f68b84c0e769e117bd8a646c599c84393ef0a870c4aad9c8da9a", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20004004)
sendmsg$NFC_CMD_ENABLE_SE(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000009c0)={&(0x7f0000000a40)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="000227bd7000fedbdf251100000008000100", @ANYRESHEX=0x0, @ANYBLOB="080015000100000049c8af"], 0x24}, 0x1, 0x0, 0x0, 0x4004090}, 0x10000)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r0, &(0x7f0000000f40)=""/180, 0xb4, 0x39)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={&(0x7f0000000100)="3b5c7a329202779754bd8a003e9637b20248d5b083bc78e596deb5b918f1bf3d1483d0515ca7ac95d60502d9", &(0x7f0000000140)=""/51, &(0x7f0000000240)="875298f0a25311ab1675d3edcb730ed79213c9a5b925636f5fb61cd69e4d5ee54f7f", &(0x7f0000000380)="17319705f014d79b20596e8abdd67e1382df715037765698200662418a9f99352ba48b4b36dbd277976616ec083b2f86f3a923104384c5f2d7159675f8c5dcb96b27e40981bf4e3144e579507b9879582e6d35f8e51af88335cc2972b7", 0x3, r0}, 0x38)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000840)={'\x00', 0x6, 0x5, 0x81, 0x1ff, 0x7, <r2=>0x0})
capset(&(0x7f00000008c0)={0x19980330, r2}, &(0x7f0000000800)={0x5, 0x6, 0x5, 0x2, 0x40, 0x5})
setresuid(0x0, 0xee00, 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
io_uring_setup(0x7ae8, &(0x7f0000000c40)={0x0, 0x8aa4, 0x10000, 0x3, 0x400000aa, 0x0, r0})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000cc0)=[{&(0x7f0000000cc0)}, {&(0x7f0000000d40)=""/222, 0xde}, {&(0x7f0000000e40)=""/233, 0xe9}], 0x3)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000980)={0x73622a85, 0xa, 0x4000000000007})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r1, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
syz_clone3(&(0x7f0000000700)={0x24142680, &(0x7f0000000300), &(0x7f00000004c0), &(0x7f0000000500), {0x27}, &(0x7f0000000540)=""/177, 0xb1, &(0x7f0000000680)=""/106, &(0x7f0000000600)=[0xffffffffffffffff], 0x1, {r0}}, 0x58)
read$FUSE(r5, &(0x7f0000005500)={0x2020}, 0x2020)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r6}, 0x10)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000180)={0x3, 0x5, 0x9, 0xda, 0x0, 0x16, 0x20, 0x7e, 0x3f, 0x3, 0x7f, 0x7, 0xa0, 0x4}, 0xe)
r7 = openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000040)=0x8, 0x4)
sendmsg$nl_route(r7, &(0x7f00000007c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="c0000000180000012abd7000fcdbdf25021f0000ff0200070002000005001b0006000000530008806030950bba2725e5ff83006e2e565ca7e09f4f82ab23be97260400000022821698492a657349f69addec9e0f44368b77cda3dd21aba0d7d80008001e00040000000800100004000000100016800c00010000000000000000020600150006000000080006000400000008000f000600000008000200e0000001060015000800"/180], 0xc0}, 0x1, 0x0, 0x0, 0x880}, 0x1)
syz_emit_ethernet(0x4e, &(0x7f0000000b40)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000e88a84700810044000800490c00380000000000069078ac1414bbac1e010194040000440c96300000000b0000000900004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c0200009001000000f283ce172edd289f67331d3e4a6c465023d5cd775d05761d98edff0b54dfe498deedbfc2391ece4180930fdff557d26ee9380a3a19870c3f04dc788aec47cd39dd014c4737f77f14e909b09d6fdc9ae059035f472d1d3cd846d0fa4337f8698b175b015ca9c63c4382c3c8d07c4edc4cf463d5e6087e260b3900f3e03c390899859d915b1f3c1e44fd0ed1c9be1e8fe67d7fa97d48f128f3911eb563e0bd648385d36dee302fc025c0"], 0x0)

3.032791966s ago: executing program 5 (id=1872):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0, 0x0]}, &(0x7f0000000040)=0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000170000000c0006"], 0x20}, 0x1, 0x0, 0x0, 0x408c4}, 0x4000004)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in6={{0x2, 0x0, 0x0, @dev, 0x6}}, 0x9, 0x7, 0x0, 0x1, 0x54, 0x0, 0xfc}, 0x9c)

2.724791493s ago: executing program 5 (id=1874):
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x103100, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="120000000700"], 0x48)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x3c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8, 0x11, 0x1}]}}]}, 0x3c}}, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)

2.614586885s ago: executing program 5 (id=1875):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x200, &(0x7f00000010c0)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=@ipv4_newrule={0x2c, 0x20, 0x3118a55668bf7371, 0x20, 0x25dfdbfd, {0x2, 0x10, 0x14, 0x0, 0xfd, 0x0, 0x0, 0x2, 0x1}, [@FRA_SRC={0x8, 0x2, @remote}, @FRA_DST={0x8, 0x1, @broadcast}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040000}, 0x1000)
r4 = dup(r2)
write$UHID_INPUT(r4, &(0x7f0000000000)={0xf, {"a2e3ad21ed0d09f91b3d090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f31006c090890e0878f0e1ac6e7049b334a959b6619520100ffe8d178708c523c921b1b5b31070b074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd9c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe6187ee9e9d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b9621040382de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b994503bf07ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe25}}, 0x1006)

2.414138356s ago: executing program 5 (id=1877):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x200, &(0x7f00000010c0)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000000000)={0xf, {"a2e3ad21ed0d09f91b3d090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f31006c090890e0878f0e1ac6e7049b334a959b6619520100ffe8d178708c523c921b1b5b31070b074a0936cd3b78130daa61d8e8041800005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd9c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe6187ee9e9d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b9621040382de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b994503bf07ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe25}}, 0x1006)

2.231449294s ago: executing program 5 (id=1881):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f2110"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write(r0, 0x81, 0xfffffffffffffdca, &(0x7f0000000080)="c0")
readv(r1, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/99, 0x63}], 0x1)

1.70434284s ago: executing program 6 (id=1892):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r0, 0x1, 0x80, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB='P\x00', @ANYRES16=r3, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="26003300b0910300ffffffffffff08021100000050505050505457f99eb3c401010003005c0200000600cd0000"], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

1.643266173s ago: executing program 6 (id=1895):
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$BLKGETDISKSEQ(r0, 0x80081280, &(0x7f0000000000))
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)}, 0xc010)
r1 = openat$incfs(0xffffffffffffff9c, &(0x7f00000000c0)='.pending_reads\x00', 0x80100, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000080)="8fc1bab3ee6f3b73ffcd8f1786e984f022b4789a0f7d9f0f93ab4b54a33f609890ea4aa57c86cb8a58dffb363320045dfff8ce8e9451d3", &(0x7f0000000100)=@udp6=r1, 0x4}, 0x20)

1.622206776s ago: executing program 6 (id=1898):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe(0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001400010000000000fbdbdf250a00a100", @ANYRES32=r4, @ANYBLOB="14000100ff05000000000000dfce00000000000108000800026e"], 0x34}}, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000015"], 0x34}, 0x1, 0x0, 0x0, 0x41c1}, 0x4040800) (fail_nth: 3)

1.572140843s ago: executing program 6 (id=1901):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$inet6_sctp(0xa, 0x4, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000001440)={<r3=>0x0, @in={{0x2, 0x4e21, @private=0xa010101}}, 0xdd76, 0x400, 0x401, 0x200, 0xfffffff3}, &(0x7f0000001500)=0x98)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000001540)={r3, @in6={{0xa, 0x4e20, 0x9, @mcast1, 0x3}}}, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
r4 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r4, 0x800442d4, &(0x7f0000000200)=0x7bd)
r5 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_enter(r5, 0x0, 0xe38e, 0x5, 0x0, 0x0)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000002dc0)=ANY=[@ANYBLOB="0e0000000a000000d7e100107fd57099be402152e60a21eb75323dba0cfbc1fe723a1ad5dfe1a30eba6e50334541943fa3c61d563b01ef0a9dd087d17bf0fc68199be31c3d8d9219a2308585d809162ad38e149af07c8332b80978ebd48b93b4685e1927905f9f6ceae015c29c7b10883b068c67905c04ba3fc0f6c0b572701d17c40def587689ff8f5f4249baffce61e027ed4032bcdaa8744f8f7f7edec8f4492fd12726c40e8909e10b00c9f4c1d4e8c1eed71f2c067d111c99f7b0268f750b91b70e8baba763210128fdea6f2a40f3db9210d604aaa8ac2efda9e34cf259ff5d5a53c29a47033f56d16ab1990e79a6dc61c2442bf8c0042958469f32da4d82d74e8ea2f13a629c01ada1cf1013e7d1d477d5ea4e7c3671aedd1a9a732075174b28f61531620e1136e051184e9631c4ec4db4140c21517d10bb56e170c1ff94da6e568ae1cef8e14c16fac07432a844b9efbbe53c9afbc36c5bf970985fbe9ea666b63e4c06e2979d455cb2d2eb042dd0d0e1af6e7cbdcb648a509fcb6452d012fd6a90c99aab08684fb60a855a1956222362d523dbd1ff8000f8e373cc3512f3b755add4afc59a139e6ed625b28c8906a2407a797dcf505cd930a9ff0d94574cea3ab24882d5b24739c3e586aebe81fbfd7e8afdf9aaa8ca4ee2584157d978691e248746c3dc56657b2c29962cdd5aeb5c1726b7bb9079fbfe07a4a1c92dbaa10ba46b839e542df60e8bcc6b00ef21caf61541a26a1d5a0f633e8d489c7b43d5cced313a4bec837ebd7d22452a3d150fa433752baa841872be987160498f1a2ae63ecfb6a08f6586449f8919645317ad9f29a87f8441f3f3831f1c77a83d2db52d745e89095139fdc6dbcee0311efec0f94cc160387b14d558525773d05e3e48a5b0c3527c372c1b97cf91340a0819ed68386c7fd3377c903acba607ee74b43a3e61ef683c7d028406d802f99ea0c4278da8d2300768ce13ff73fa6ada1aeaa32d339f19e667af661e75abba87499be4b37b96b602c296a907ee3656a4c6838eea56f514fc8809ea1308e227a3380165a950e061ee382ce6e4f90af18a750c2c1383dc3441c47184fcc7fb6575b2eea9792ad17100af71c7edbeb25be10b81d9d882c1e9068b1e820d4dadb8888f57d6e5a2f1dce2f71a8127a0c9159e299b706367cebc2ee9dbe9dd70317fd9ef6c7ced2a6ac777a4b8becde3d26466e72a663b421be2e22142a094532f2f5e7912a58a17c3dbbf7b001617614fef56496a26b60e7e236f49b2f52770a0eea4944b8bfdb9bce4a3fa47e771794052339fe28843f3193a78b484938afb3fd8b0322ea3f5249d896300ea5e7e767062b83d462addcbf4d8129f05136fb245e56e07eaba84dca11cd6b2cc39b6bd41100c575c984f434431620b2be5601274916ffbe8a7f1c079d1e5fc080ae3f77cae5cb52bb8bb56259026894ccb55bb1ebd7e147baf6c8dfc590391214ab5a6c608facdfed8e42c725347b3f6aa8ad345611a62077f58627fbb93ae566c65668f059100f975fa6de9b5b9395d95ae5137f5f2f915f787891e8a4da8e5d9f18111fbad9491772058ae081ca49ac74a994fd25488b1207c7de585003d30a5df229bccaba24ede92bc520ec743f9bd943aa7792c6b590e5a2c3928a887bb708d98d1e97dbfbf31cacc6f5c7409808b87fb92a5a54b4c81b1eb739e7c6ba707b3a772e716dee75b1854ada6db9cfdb1394d57a280b6fd40779e2c2d5427745d66c7251644ac50906a482e1e5302cd640948f24c182544c5d1bbc31868df9b65b1071a620523352709e128b64ee7810fe2e6f11a4f20dcb8608e872cf8f59c4b3e4f25f8d768b7a8e20ca7e3c1b3f840c060604e5295b1b1537be37416dd5dfe99c12aea279df1f2d54d767c439d996974488d333e9266a2c5dbced8eee520428fb842c26bff25287a63be604fbe2de2a1ece687ad9b3e0ba1f1caaeb88d6c8885fcf430ded6618aa33d66eb111ec03ef38dda245b0278348184983406e2c5215e5e4f45a3c7dbbc7529e86812837198e1bf18aad9e93bac5c3494e7012cc84d6f595ff88dd0b188c4cdce56c0bf0c3c5be2d7d16128837273db2f6d22dbb31512883cadebebddb44ef5c29b76061d9cce07b5caab8f384d49272dd2189aea3fdd499b25ebfaad88b8ebf63bccec722660f0e0ca9534c72b4ba66b8bb63945ff855348a957964bba8455669accfd090bfd84349300c2233c8583287d958dedaefd01706da6ae2e01f498ac458041c3be110d5299e51045e3b24e1e5c784ca77d61f1f6eae8694b22f9eb6bf4613ab175fdad76c0d7e6ae92b677bdc2f17009e28868f4e155ac74223713451162ae37f75bcb5e0f93e555b9ed23f8f99a678a25a483936b25557873a16b39516e637773729553413fb8bf624694b33610f75d6219f3bbc53f6b605c050a3db08b9bf312e7be2bb4803ff12d05a952ce93f164eb5ef6af8274b007162fc5eaf7b01c99474fb901691945f938e0871e6b223277aa349ff1338a6ac1021ab983a1db9826723b70ef4070387c5f732c8a73a774f426ced3d8f6a87d90df80f84d4627b3ea7f4cddf5c96055d6c358b182bbc1415b6fd3239a794051528d84b3a27c8063f2f6f7ef4d8893eb7300bcb8b014251ba674c52b7058bd1b384ec4da056d44f95b8a63520b450bc522acb0801864eafe85efc423a64e298e8f919e5d5b7f75eab0c942e9b64777075dc89d1b885befc0add0b885b686ad85d72b06649f3c9633d0ff6d31b6d1fe8cf73e4f704327378ea5072bb558be4064e13ac604f402f43ddafe4e007a68617d76014dd0b9f53df724790fdbef0a8ae2c9946b6b9463ed532f5879381b0a85ece5889ac7faf1d9753df7a59effa530f4016f61c9ef30ef94ca58694c49cb1dc5171e37aea084cea3e695cb9b697c1022c0402c42824a32b3b14f09a5a43a1f2cf003bbb0666f22dac9fd07898ae1b43d0a24b91b4cf9c1dedd297688ee4508789e9cb5b185ba166ba3cf409215388341732bebb3f47d0198420665a5f5058c854684f42f65bba68af9e1ddabfb63db567fa701171be462f30a8374f9b7a6104ccb1415c7dbf00d6399aecab3565df5a60852604961089cb27ebede0b1f9b97f268897a25c018883db032f1641b9f3b49aff129bb65a561e804a3b4a2762fa5eff798b283c7e672fd1f626643e2d014d6a0ae1593e21ca375ee7f456deb83efdf9bb6b863652eca7779d3dc0ca44060fd6087f3d419695451e8b08cf9e03e5df057480314ff00284cf6e44b251189367d211d29745e2c20c1b6cd54f74feabb024fc6e97f11163b979f0f46b82818eb26431fc8a5a7168bbb2218b709f2a326ae76ebabd7876f2b398911c868bc78b0ca7bb855385361533dddde3f30d38570ffa0e75875269bf1f6be10da3e9c9e821d65c67c42758d6f910946bfd3755cb8b21ad85884d2dd26bd62dda60f72f7f763da50c7b7435c54ff5a909e183ce94868a6c50a115e8624432644e94e64ddb6cf402c647f930412e4c81384fdaa27645df65f72411f4fa3e7d8c8c75bf09fbe348196f50d023dd023c7624b1d8a59d7729e3ec99defd1dd5145a705fbf49808c70ba21a57a0fb629b77e70592dea3cd573baff737fc51f8fa581466e5b821a33f2b1d4df717f43d034a44e5c68d7307ad7f6fede2699b24443bc5a94401d9cc8496bb327ee2fe6a6bef194862c3ad05d0afdee7c396808cc9b2c8b7b6ae2398281dd7b49b087603f692f35d1233d93ec7e8b266f6bd210539d2a979a8ace4a73140cd2adac0584ea346c7b67e78bccb72202076e3b19868388e10cf4ab52999c2d6d3f3a57d94bc03e6d96695557b7096008f024d715ac7f8ce9b22b350c02abc949278fe8e601e674a8ceade54f163fd53355cca3a3a8f0bc6a5bf8060867ee304f8778d268142ae6b4dc17e0101eb8949965dd1fe0fa069d19116a27a7fffdfc4ff882ba58c845c0f24b325978b8a715185c7db70283913cd684c213219ed7c49656b5cdc5e39fc9e0db6dc145d119ad7dda114de8af25d65b188c796a249a75c9403d0ff0d1013c4813394c7f1b9673b4e1f97adad76e33fcc25eda223ab6557a3b3002cebd175793fc197f50c13ef7120ecb49b31c3f9dade186f9b695760e41127c422dee3bb0727a0c99268e6f7f82a4d3bf0fbefeeb28d7fde9764e20e91e9c61df93d538a504519c1eddbd810ad81aa7b14a9ce4514af41230d0545ec4f56c855afc597a5d70ecbf639c1bfcba4ec079f9a8057dc7724ca867dd60ec8c3d078d257a9cb9852857934dc193898bb5d7c4a6a4c3fa58b125c3376f964c6d9114da12d530ffafa70a9538bc3e7a6a4cf10e6b1cacfaba0f87317024e5acb9eb5045be0820d01275265f6489676e3dcbba78aab804612c46568a77bd3929231cdeba451aeadb9c0b1ce12216e15e8e62632f2a1dc5e56baca7c272dd0b8c40956a6bf931049edca445f0390707ae7154fdaaf5224e62a8adf247ab9994b3f0dbe1804a9d9340d3ec0a5a6e3a317d7d0d2f4906046231e81b16ba2a35eed7cb22ba830395a67df07fbef428c9c3492ed79ac5d9e8606065308fcc8e58604f5e8621db3f1179f603972c175fc4bcd2e9fb54c8676b4ff6a4e50b677dae1f30098cec6c8f7e9239da32da3434248482ee93ab32a6ac0e25aa822cf2e5e76dc0e6baf02fadf2650257ff2a7b1afe7906555db5ebffcf54bdd951c23fa13b57f7c381dce9e47cf3119378ad7c708664bae01fa7f3f956f8ed4a7e6d3c67dc6797bdb5448cd0cee2eb15f85e46aa8675cdb288f9ee9b4f2187f4bd7534992214ed9e76e51d77e26386d7a6eef14b3b742094ad13116e7cd2316561766911c7decc44c80abb70e8b20843741bc39d7ca33231caed2f68e9b3799bfc6883c492c4a736cd3a2f49d715ae7a0b44633935cc628cbd2c356ddaf3ea6ab2de8926538028c35a07ad8496ffc804514a0f2d4f9757515d417b8e4b4117a3e51e25dde54abb240c67a6f64596f0691ef1a49e0c0d8ec2ae509b7c3e7d7d62a230c3aa72557da18b058ad67bd4b32a0c2e4bd0a36868a90162a16a4ad6b64d5c115b4b7f5d3dfbb1d300d85949a22eb61125dbcd280236840bc681e9eaca83d0111549d172e0f7e79ccd7e96107e059201bafdfb55e35d9589eb31a4b93bac3bcb95b640d2d36ec7630cc3dc3ed12eff52ade0c7ac8f2a9f75502a24dd1d865ed85f2620e83e0be4e2c1199f5cf4a69bc0daf279360c97ff30b5738549ee5eaa0e8370c6a5c65f1075324a43c55f84b8ed9aaaa5e1531999ec644d0fbc715b11cdc73034c21cf7f72915766269d09eb0a317902e01f18dc104fccfd2f9986606a8e598b203883342ed9c19218c2503be3f8c500f52b7b843556dbb68878f0b7fc91bda8cd3d8b17d31542122ac7dfd1196598d7dcb74453c40df6346ec49e3a9d8ac9430e2c6eecadc91c2e430ea4d7973611ff8424729507a4a7c184fee973a2d9ed3eafd219f12e08b451423c50d6e044549de645174932a33697cbbcb002294e7a26bbc4cae4db537ed96a7113ac6a6d6942f47282124b362dc188a0832f13f03d948cf6000f77969cd2d36708633db48e58adbc85da3e8dc28027c977313c828a75a10f3c1dc8c118466705fd6bce0b919e694684f48ff10717bcbba1cf9fd76ccbf838fc9fea76446a09694283a130902b46566ba1b0887924893df320519b4ef6efa46c9987c85d571db4d1c81ca36623bf4454320624675dc9b28217c31f41f24b69984f2729f44c107018a5fd3025153df9f76208ea81d87bf2c831391522d597147ab88038fafdb02b67dc1b3203ab2b213a3aeaa6de0bd41ea982886a3544ea1a3fc0451e2fbd2faf5ce32f"], 0x100c)
io_uring_register$IORING_REGISTER_BUFFERS2(r5, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20)
sendto$inet6(r1, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r6=>r0, {0x6517}}, './file0\x00'})
bind$unix(r6, &(0x7f0000000340)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000001340)=ANY=[@ANYRES32=0x0, @ANYBLOB="8b090e009f07aab61c9ff7580b7f167822c229f3f251d1720cbaaccbd1d969ede4cd9c576630ef09b2da8f5fc2b98441430466aed140be4df6baf41566ab37643810770800318a90d88decb9ad179bfdfffbe6cc9b29186773e31bec79f5c15ec7a1df0bf4e2fd5c72e7e759b0ad4555e10ff2f72b45cf46d4c21e215e15d42da04359bbc15cab8ce44271ac1015b05e41ccdfb43b7e7ca50a759252a586bc3bffa6157624880823974cec6240d4d6e894bc7bdb63da22c9b924296f9ecc9f33fb245b2eca04cfab96fa7ee4e793ebe2f4"], 0x16)

1.453495944s ago: executing program 4 (id=1905):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r0, 0x1, 0x80, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB='P\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="26003300b0910300ffffffffffff08021100000050505050505457f99eb3c401010003005c0200000600cd0000"], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

1.453207735s ago: executing program 4 (id=1906):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe(0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_CTL(r2, 0x40049421, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001400010000000000fbdbdf250a00a100", @ANYRES32=r4, @ANYBLOB="14000100ff05000000000000dfce00000000000108000800026e"], 0x34}}, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000015"], 0x34}, 0x1, 0x0, 0x0, 0x41c1}, 0x4040800)

1.374461041s ago: executing program 4 (id=1907):
ioperm(0x181, 0xd80b, 0x400000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ(r1, 0xaea2, 0xffffffffffffffff)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x2)
r3 = socket(0x10, 0x3, 0x0)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@ipv4_newroute={0x54, 0x18, 0x200, 0x70bd2d, 0x25dfdbfc, {0x2, 0x10, 0x0, 0x40, 0xfe, 0x1, 0xfe, 0x8, 0x200}, [@RTA_MARK={0x8, 0x10, 0xb154}, @RTA_ENCAP={0x10, 0x16, 0x0, 0x1, @SEG6_LOCAL_BPF={0xc, 0x8, 0x0, 0x1, @SEG6_LOCAL_BPF_PROG={0x8, 0x1, r4}}}, @RTA_DPORT={0x6, 0x1d, 0x4e21}, @RTA_MARK={0x8, 0x10, 0x9}, @RTA_SPORT={0x6, 0x1c, 0x4e24}, @RTA_NH_ID={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x64044050}, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$alg(0x26, 0x5, 0x0)
fcntl$notify(r8, 0x402, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)={0x34, r7, 0x1, 0x20000, 0x25dfdbfe, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_IRQ={0x8, 0x9, 0x6837}]}, 0x34}}, 0x4000010)
getsockopt$inet_tcp_int(r5, 0x6, 0x7, 0x0, &(0x7f00000007c0))
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendfile(r2, r1, &(0x7f0000000000)=0x2, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.23158296s ago: executing program 4 (id=1909):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x7ff, 0x683)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x11}, 0x94)
r5 = socket(0x10, 0x803, 0x0)
sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5}}], 0x1, 0x2040000, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001bae9ee14d4284d73c826d8bce62cb84c8b765cbac71c46bc4718"], 0x398}}, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001100)={r0, 0x0, {0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0xffffffff, 0x10, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "244333635181e658d9744a000000000000000000002100008009000000000100", [0xfffffffffeff7ffc]}})
ioctl$BTRFS_IOC_SPACE_INFO(r1, 0x4c09, 0x0)

1.231315591s ago: executing program 2 (id=1910):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = socket(0x40000000015, 0x5, 0x0)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000001)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x50})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010002000000800000001200000008000300", @ANYRES32=r4, @ANYBLOB="0a0006000802110000010000080014"], 0x30}}, 0x0)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2b}, 'dvmrp0\x00'}}, 0x1e)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, 0x0, 0x0)
ioctl$PPPIOCGCHAN(r5, 0x80047437, &(0x7f0000001f00))
socket(0x0, 0x5, 0x0)
r6 = socket$pppoe(0x18, 0x1, 0x0)
r7 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGMASK(r7, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc)=<r9=>0x0)
timer_settime(r9, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$EVIOCGPROP(r7, 0x80404509, 0x0)
connect$pppoe(r6, &(0x7f0000000080)={0x18, 0x0, {0x15, @remote, 'bond0\x00'}}, 0x1e)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, 'veth0_macvtap\x00'}}, 0x1e)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

1.231211793s ago: executing program 4 (id=1911):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="0849ae43", 0x4) (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async, rerun: 32)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) (async, rerun: 64)
statx(r1, &(0x7f0000000000)='./file0\x00', 0x100, 0x80, &(0x7f0000000140)) (async, rerun: 64)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

944.311908ms ago: executing program 2 (id=1912):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x7ff, 0x683)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, 0x0)
ioctl$BTRFS_IOC_SPACE_INFO(r0, 0x4c08, 0x0)

943.906319ms ago: executing program 2 (id=1913):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = socket(0x40000000015, 0x5, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, 0x0, 0x0)
ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000001f00))
socket(0x15, 0x5, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x15, @remote, 'bond0\x00'}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022})
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, &(0x7f0000000200)=0x1)
sendmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1000e}}], 0x34000, 0x0)

864.626027ms ago: executing program 2 (id=1914):
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x11, r2)
ptrace$setsig(0x4203, r2, 0x4, &(0x7f0000000040)={0x15, 0xa, 0x1e0000})
sendmsg$nl_route_sched(r1, 0x0, 0x4008000)
syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f0000000200)=@multiplanar_mmap={0x4, 0x1, 0x4, 0x10, 0x12000000, {}, {0x5, 0xc, 0x4, 0x1, 0x5, 0x4, "2df2a2ac"}, 0x3, 0x1, {&(0x7f00000002c0)=[{0x2, 0x0, {0x2}, 0x8}, {0x6, 0x1, {0xfffffffffffffff9}, 0x3}]}, 0x2042, 0x0, <r5=>0xffffffffffffffff})
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x1b, &(0x7f0000000280)=0x8001, 0x4)
setsockopt$inet_opts(r6, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_opts(r6, 0x0, 0x4, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000380), 0x4)
ioctl$vim2m_VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f0000000040)=@multiplanar_fd={0x1, 0x3, 0x4, 0x4, 0x4, {}, {0x2, 0x8, 0x0, 0x81, 0x9, 0x5}, 0x8ad, 0x4, {&(0x7f00000003c0)=[{0x2, 0x7fffffff, {}, 0x3}, {0xfffffffb, 0x100, {}, 0x6}]}, 0x4, 0x0, r5})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000008c0)={'macvlan1\x00'})
sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200000c1}, 0x40)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
socket(0x10, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00'})

674.398673ms ago: executing program 6 (id=1915):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r0, 0x1, 0x80, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB='P\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="26003300b0910300ffffffffffff08021100000050505050505457f99eb3c401010003005c0200000600cd0000"], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

674.150728ms ago: executing program 6 (id=1916):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r2, 0x9, 0x3}, 0xc)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000240)=ANY=[], 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000843000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/105, 0x69, 0x0, &(0x7f0000000500)=""/123, 0x7b}, &(0x7f0000000580)=0x40)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x1c, 0x0, 0x1, 0x70bd28, 0x25dfdbf9}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

334.29523ms ago: executing program 4 (id=1917):
socket$inet6(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETS(r0, 0x40045431, 0x0)
sched_setaffinity(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)
openat$null(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044001}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800", @ANYRES32=r6], 0x50}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x1, 0x803, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001880)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e16000002800128009000100766c616e00000000180002800c0002000e0000000a000000060001000004000008000500", @ANYRES32=r10], 0x50}}, 0x2)
syz_genetlink_get_family_id$nl80211(0x0, r5)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r11=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r11}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

238.026µs ago: executing program 2 (id=1918):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000001c0)={<r1=>0x0, @in6={{0xa, 0x4e22, 0x5, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x2}}, [0xee86, 0xfffffffffffffc00, 0x2, 0x3ff, 0xfffffffeffffffff, 0xc96, 0xd, 0x1, 0x8, 0x401, 0x8, 0xe2a0000000000000, 0xfa5, 0x7]}, &(0x7f0000000000)=0x100)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000040)={r1, 0x1}, 0x8)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000180)={0x3, 0x8, 0x9, 0xd7, 0x0, 0x16, 0x20, 0x7e, 0x3f, 0x3, 0x7f, 0x7, 0x9c, 0x4}, 0xe)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa00080045ff002800fee06663c7444211557983d01de10000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c02000090780000"], 0x0)

0s ago: executing program 2 (id=1919):
syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
r0 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
mq_unlink(0x0)
close(r0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000180)={0x2020}, 0x2024)
lseek(0xffffffffffffffff, 0xfffffffffffffff5, 0x1)
r1 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000080)={'pcl812\x00', [0x2f00, 0x4000005, 0x1, 0x2, 0x0, 0xfffffffe, 0x1, 0x6, 0xffe, 0x1, 0xc, 0x1, 0x4, 0x6, 0xffff, 0x6, 0xffffffa7, 0x40000009, 0x832, 0x30000, 0x3ff, 0x9, 0x800, 0xe2df, 0x4, 0x1, 0x9, 0x3, 0x4, 0x5, 0x70f]})
r2 = syz_usb_connect(0x2, 0x3f, 0x0, 0x0)
r3 = creat(0x0, 0x20)
socket$l2tp(0x2, 0x2, 0x73)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2e, &(0x7f0000000180)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f000000e0c0), 0x10010)
ioctl$int_in(r4, 0x5421, &(0x7f0000000000)=0x4000000000003)
sendfile(r4, r5, &(0x7f0000000100)=0x6, 0x100000000010001)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
writev(0xffffffffffffffff, &(0x7f0000019880)=[{0x0}], 0x1)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_read(r2, 0x63, 0xfffffffb, &(0x7f00000021c0)=""/163)
syz_open_dev$evdev(0x0, 0x3, 0x10602)

kernel console output (not intermixed with test programs):

ts+0x13c/0x2b0
[  254.606064][T10449]  ? __pfx___x64_sys_getdents+0x10/0x10
[  254.606084][T10449]  ? fput+0x70/0xf0
[  254.606100][T10449]  ? __pfx_filldir+0x10/0x10
[  254.606133][T10449]  do_syscall_64+0xcd/0x4c0
[  254.606159][T10449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.606178][T10449] RIP: 0033:0x7f284c78e929
[  254.606193][T10449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.606212][T10449] RSP: 002b:00007f284d5c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  254.606231][T10449] RAX: ffffffffffffffda RBX: 00007f284c9b5fa0 RCX: 00007f284c78e929
[  254.606243][T10449] RDX: 00000000000000b8 RSI: 0000200000001fc0 RDI: 0000000000000003
[  254.606252][T10449] RBP: 00007f284d5c3090 R08: 0000000000000000 R09: 0000000000000000
[  254.606263][T10449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.606273][T10449] R13: 0000000000000000 R14: 00007f284c9b5fa0 R15: 00007ffd9d59e5a8
[  254.606299][T10449]  </TASK>
[  254.606306][T10449] ERROR: Out of memory at tomoyo_realpath_from_path.
[  254.742510][   T24] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  254.771998][T10451] syzkaller0: entered promiscuous mode
[  254.774645][T10451] syzkaller0: entered allmulticast mode
[  254.872476][   T24] usb 7-1: device descriptor read/64, error -71
[  254.897639][T10455] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1361'.
[  254.976909][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  254.976925][   T40] audit: type=1400 audit(1751890661.961:645): avc:  denied  { write } for  pid=10458 comm="syz.6.1363" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  254.996911][   T24] usb usb7-port1: attempt power cycle
[  255.108480][T10463] SELinux:  Context system_u:object_r:hald_log_t:s0 is not valid (left unmapped).
[  255.182625][    T9] usb 10-1: USB disconnect, device number 2
[  255.199965][   T40] audit: type=1400 audit(1751890662.181:646): avc:  denied  { connect } for  pid=10467 comm="syz.4.1366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  255.207881][T10470] loop7: detected capacity change from 0 to 524255232
[  255.207896][   T40] audit: type=1400 audit(1751890662.191:647): avc:  denied  { read } for  pid=10469 comm="syz.5.1367" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  255.226895][   T40] audit: type=1400 audit(1751890662.201:648): avc:  denied  { mounton } for  pid=10467 comm="syz.4.1366" path="/50/file0" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=dir permissive=1
[  255.237899][   T40] audit: type=1400 audit(1751890662.201:649): avc:  denied  { read } for  pid=10467 comm="syz.4.1366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  255.245737][T10472] vlan2: entered promiscuous mode
[  255.248339][T10472] vlan2: entered allmulticast mode
[  255.250655][T10472] hsr_slave_1: entered allmulticast mode
[  255.270754][T10472] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1368'.
[  255.317806][T10477] netlink: 165992 bytes leftover after parsing attributes in process `syz.4.1366'.
[  255.332526][   T24] usb 7-1: new full-speed USB device number 14 using dummy_hcd
[  255.352975][   T24] usb 7-1: device descriptor read/8, error -71
[  255.386140][T10475] syzkaller0: entered promiscuous mode
[  255.388105][T10475] syzkaller0: entered allmulticast mode
[  255.401415][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  255.403715][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  255.499856][T10481] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1370'.
[  255.504164][    C2] Unknown status report in ack skb
[  255.602439][   T24] usb 7-1: new full-speed USB device number 15 using dummy_hcd
[  255.623341][   T24] usb 7-1: device descriptor read/8, error -71
[  255.743600][   T24] usb usb7-port1: unable to enumerate USB device
[  256.049483][   T40] audit: type=1400 audit(1751890663.031:650): avc:  denied  { unmount } for  pid=9599 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  256.203069][   T24] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  256.214215][   T40] audit: type=1326 audit(1751890663.201:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.4.1375" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b5db8e929 code=0x0
[  256.364043][   T24] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.367800][   T24] usb 11-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  256.370615][   T24] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.374544][   T24] usb 11-1: config 0 descriptor??
[  256.604324][   T24] usbhid 11-1:0.0: can't add hid device: -71
[  256.606320][   T24] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  256.610699][   T24] usb 11-1: USB disconnect, device number 4
[  256.679953][T10500] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1376'.
[  257.072434][T10502] loop7: detected capacity change from 0 to 524255232
[  257.123321][T10507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1379'.
[  257.134943][T10509] FAULT_INJECTION: forcing a failure.
[  257.134943][T10509] name failslab, interval 1, probability 0, space 0, times 0
[  257.140223][T10509] CPU: 2 UID: 0 PID: 10509 Comm: syz.4.1380 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  257.140246][T10509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  257.140256][T10509] Call Trace:
[  257.140262][T10509]  <TASK>
[  257.140268][T10509]  dump_stack_lvl+0x16c/0x1f0
[  257.140297][T10509]  should_fail_ex+0x512/0x640
[  257.140319][T10509]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  257.140345][T10509]  should_failslab+0xc2/0x120
[  257.140370][T10509]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  257.140391][T10509]  ? __alloc_skb+0x2b2/0x380
[  257.140413][T10509]  ? __pfx_avc_has_perm+0x10/0x10
[  257.140431][T10509]  __alloc_skb+0x2b2/0x380
[  257.140452][T10509]  ? __pfx___alloc_skb+0x10/0x10
[  257.140471][T10509]  ? do_raw_spin_lock+0x12c/0x2b0
[  257.140491][T10509]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  257.140517][T10509]  sock_wmalloc+0xd4/0x120
[  257.140539][T10509]  pppoe_sendmsg+0x2c3/0x7b0
[  257.140558][T10509]  ? __pfx_pppoe_sendmsg+0x10/0x10
[  257.140573][T10509]  ? __might_fault+0x13b/0x190
[  257.140601][T10509]  ____sys_sendmsg+0xa95/0xc70
[  257.140620][T10509]  ? copy_msghdr_from_user+0x10a/0x160
[  257.140641][T10509]  ? __pfx_____sys_sendmsg+0x10/0x10
[  257.140662][T10509]  ? __pfx__kstrtoull+0x10/0x10
[  257.140692][T10509]  ___sys_sendmsg+0x134/0x1d0
[  257.140716][T10509]  ? __pfx____sys_sendmsg+0x10/0x10
[  257.140751][T10509]  ? find_held_lock+0x2b/0x80
[  257.140788][T10509]  __sys_sendmmsg+0x200/0x420
[  257.140814][T10509]  ? __pfx___sys_sendmmsg+0x10/0x10
[  257.140845][T10509]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  257.140880][T10509]  ? fput+0x70/0xf0
[  257.140894][T10509]  ? ksys_write+0x1ac/0x250
[  257.140915][T10509]  ? __pfx_ksys_write+0x10/0x10
[  257.140940][T10509]  __x64_sys_sendmmsg+0x9c/0x100
[  257.140961][T10509]  ? lockdep_hardirqs_on+0x7c/0x110
[  257.140984][T10509]  do_syscall_64+0xcd/0x4c0
[  257.141009][T10509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.141026][T10509] RIP: 0033:0x7f9b5db8e929
[  257.141041][T10509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.141056][T10509] RSP: 002b:00007f9b5e970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  257.141073][T10509] RAX: ffffffffffffffda RBX: 00007f9b5ddb5fa0 RCX: 00007f9b5db8e929
[  257.141084][T10509] RDX: 0000000000034000 RSI: 00002000000008c0 RDI: 0000000000000003
[  257.141093][T10509] RBP: 00007f9b5e970090 R08: 0000000000000000 R09: 0000000000000000
[  257.141104][T10509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.141113][T10509] R13: 0000000000000000 R14: 00007f9b5ddb5fa0 R15: 00007ffec58d5f38
[  257.141137][T10509]  </TASK>
[  257.240483][T10511] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  257.324489][   T40] audit: type=1326 audit(1751890664.311:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.2.1385" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcd64d8e929 code=0x0
[  257.407941][   T40] audit: type=1326 audit(1751890664.391:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10525 comm="syz.6.1388" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f284c78e929 code=0x0
[  257.650781][   T40] audit: type=1400 audit(1751890664.631:654): avc:  denied  { shutdown } for  pid=10538 comm="syz.5.1391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  257.769424][T10544] netlink: 5 bytes leftover after parsing attributes in process `syz.5.1393'.
[  257.773377][T10544] 
s0ªî{X¹¦: renamed from macvtap0 (while UP)
[  257.777110][T10544] 
s0ªî{X¹¦: entered allmulticast mode
[  257.779036][T10544] veth0_macvtap: entered allmulticast mode
[  257.781255][T10544] A link change request failed with some changes committed already. Interface 
s0ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  257.897665][T10547] fuse: Bad value for 'fd'
[  257.901687][ T5964] Bluetooth: unknown link type 108
[  257.903922][ T5964] Bluetooth: hci2: connection err: -111
[  257.947080][T10549] syzkaller0: entered promiscuous mode
[  257.949298][T10549] syzkaller0: entered allmulticast mode
[  258.191584][T10555] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1397'.
[  258.244118][T10559] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1396'.
[  258.298083][T10561] program syz.6.1399 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  258.501529][T10576] syzkaller0: entered promiscuous mode
[  258.505003][T10576] syzkaller0: entered allmulticast mode
[  259.234781][T10587] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1408'.
[  259.584999][T10600] syzkaller0: entered promiscuous mode
[  259.587356][T10600] syzkaller0: entered allmulticast mode
[  259.767552][ T6055] Process accounting resumed
[  259.835644][T10607] affs: No valid root block on device nullb0
[  260.282855][T10604] Process accounting resumed
[  260.528350][T10637] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1424'.
[  260.688778][T10641] kvm: user requested TSC rate below hardware speed
[  260.691258][T10641] FAULT_INJECTION: forcing a failure.
[  260.691258][T10641] name failslab, interval 1, probability 0, space 0, times 0
[  260.696128][T10641] CPU: 1 UID: 0 PID: 10641 Comm: syz.4.1426 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  260.696144][T10641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.696152][T10641] Call Trace:
[  260.696155][T10641]  <TASK>
[  260.696159][T10641]  dump_stack_lvl+0x16c/0x1f0
[  260.696198][T10641]  should_fail_ex+0x512/0x640
[  260.696213][T10641]  ? __kmalloc_noprof+0xbf/0x510
[  260.696229][T10641]  ? lsm_blob_alloc+0x68/0x90
[  260.696239][T10641]  should_failslab+0xc2/0x120
[  260.696255][T10641]  __kmalloc_noprof+0xd2/0x510
[  260.696269][T10641]  ? __pfx_perf_event_init_task+0x10/0x10
[  260.696280][T10641]  ? audit_alloc+0xa2/0x7b0
[  260.696293][T10641]  ? __pfx_audit_alloc+0x10/0x10
[  260.696308][T10641]  lsm_blob_alloc+0x68/0x90
[  260.696319][T10641]  security_task_alloc+0x2d/0x260
[  260.696335][T10641]  copy_process+0x2205/0x7650
[  260.696357][T10641]  ? __pfx_copy_process+0x10/0x10
[  260.696374][T10641]  ? lockdep_init_map_type+0x5c/0x280
[  260.696386][T10641]  ? lockdep_init_map_type+0x5c/0x280
[  260.696396][T10641]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  260.696415][T10641]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  260.696428][T10641]  vhost_task_create+0x1d2/0x2e0
[  260.696439][T10641]  ? __pfx_vhost_task_create+0x10/0x10
[  260.696454][T10641]  ? __pfx_vhost_task_fn+0x10/0x10
[  260.696472][T10641]  kvm_mmu_post_init_vm+0x1b7/0x370
[  260.696488][T10641]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  260.696502][T10641]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  260.696518][T10641]  kvm_vcpu_ioctl+0x5eb/0x1690
[  260.696533][T10641]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  260.696551][T10641]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  260.696568][T10641]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  260.696588][T10641]  ? hook_file_ioctl_common+0x145/0x410
[  260.696609][T10641]  ? selinux_file_ioctl+0x180/0x270
[  260.696623][T10641]  ? selinux_file_ioctl+0xb4/0x270
[  260.696638][T10641]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  260.696652][T10641]  __x64_sys_ioctl+0x18e/0x210
[  260.696669][T10641]  do_syscall_64+0xcd/0x4c0
[  260.696686][T10641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.696697][T10641] RIP: 0033:0x7f9b5db8e929
[  260.696706][T10641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.696717][T10641] RSP: 002b:00007f9b5e970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  260.696727][T10641] RAX: ffffffffffffffda RBX: 00007f9b5ddb5fa0 RCX: 00007f9b5db8e929
[  260.696734][T10641] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  260.696740][T10641] RBP: 00007f9b5e970090 R08: 0000000000000000 R09: 0000000000000000
[  260.696746][T10641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.696752][T10641] R13: 0000000000000000 R14: 00007f9b5ddb5fa0 R15: 00007ffec58d5f38
[  260.696766][T10641]  </TASK>
[  260.906335][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  260.906346][   T40] audit: type=1400 audit(1751890667.891:663): avc:  denied  { map } for  pid=10644 comm="syz.4.1428" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  260.915726][   T40] audit: type=1400 audit(1751890667.891:664): avc:  denied  { execute } for  pid=10644 comm="syz.4.1428" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  260.964801][T10650] FAULT_INJECTION: forcing a failure.
[  260.964801][T10650] name failslab, interval 1, probability 0, space 0, times 0
[  260.970372][T10650] CPU: 3 UID: 0 PID: 10650 Comm: syz.4.1430 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  260.970395][T10650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.970406][T10650] Call Trace:
[  260.970413][T10650]  <TASK>
[  260.970421][T10650]  dump_stack_lvl+0x16c/0x1f0
[  260.970458][T10650]  should_fail_ex+0x512/0x640
[  260.970486][T10650]  should_failslab+0xc2/0x120
[  260.970511][T10650]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  260.970537][T10650]  ? dst_alloc+0x99/0x1a0
[  260.970563][T10650]  dst_alloc+0x99/0x1a0
[  260.970587][T10650]  rt_dst_alloc+0x35/0x3a0
[  260.970606][T10650]  ip_route_output_key_hash_rcu+0x87a/0x28f0
[  260.970639][T10650]  ip_route_output_key_hash+0x137/0x2e0
[  260.970664][T10650]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  260.970689][T10650]  ? lock_acquire+0x179/0x350
[  260.970705][T10650]  ? selinux_xfrm_skb_sid_ingress+0x234/0x320
[  260.970730][T10650]  ip_route_output_flow+0x27/0x150
[  260.970752][T10650]  ip_send_unicast_reply+0x5a7/0x1600
[  260.970771][T10650]  ? __pfx_ip_send_unicast_reply+0x10/0x10
[  260.970783][T10650]  ? __lock_acquire+0xb8a/0x1c90
[  260.970800][T10650]  ? find_held_lock+0x2b/0x80
[  260.970822][T10650]  tcp_v4_send_reset+0x1299/0x2fa0
[  260.970837][T10650]  ? netif_receive_skb+0x137/0x7b0
[  260.970849][T10650]  ? tun_rx_batched.isra.0+0x3ee/0x740
[  260.970868][T10650]  ? __pfx_tcp_v4_send_reset+0x10/0x10
[  260.970880][T10650]  ? __pfx_inet_ehashfn+0x10/0x10
[  260.970894][T10650]  ? ipt_do_table+0xd48/0x1ae0
[  260.970909][T10650]  ? __inet_lookup_established+0x4bb/0x800
[  260.970927][T10650]  ? __inet_lookup_listener+0x321/0x3b0
[  260.970944][T10650]  ? __asan_memmove+0x3c/0x60
[  260.970958][T10650]  ? tcp_v4_rcv+0x1811/0x4650
[  260.970970][T10650]  tcp_v4_rcv+0x1811/0x4650
[  260.970992][T10650]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  260.971009][T10650]  ? __pfx_raw_local_deliver+0x10/0x10
[  260.971025][T10650]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  260.971039][T10650]  ip_protocol_deliver_rcu+0xba/0x4c0
[  260.971057][T10650]  ip_local_deliver_finish+0x316/0x570
[  260.971075][T10650]  ip_local_deliver+0x18e/0x1f0
[  260.971090][T10650]  ? __pfx_ip_local_deliver+0x10/0x10
[  260.971106][T10650]  ip_rcv+0x2c3/0x5d0
[  260.971121][T10650]  ? __pfx_ip_rcv+0x10/0x10
[  260.971135][T10650]  __netif_receive_skb_one_core+0x197/0x1e0
[  260.971149][T10650]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  260.971162][T10650]  ? lock_acquire+0x179/0x350
[  260.971174][T10650]  ? __phys_addr+0xe8/0x180
[  260.971189][T10650]  __netif_receive_skb+0x1d/0x160
[  260.971202][T10650]  netif_receive_skb+0x137/0x7b0
[  260.971214][T10650]  ? __pfx_netif_receive_skb+0x10/0x10
[  260.971232][T10650]  tun_rx_batched.isra.0+0x3ee/0x740
[  260.971249][T10650]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  260.971268][T10650]  ? tun_get_user+0x1c0d/0x3b80
[  260.971282][T10650]  ? rcu_is_watching+0x12/0xc0
[  260.971299][T10650]  tun_get_user+0x28a2/0x3b80
[  260.971321][T10650]  ? __pfx_tun_get_user+0x10/0x10
[  260.971336][T10650]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  260.971356][T10650]  ? find_held_lock+0x2b/0x80
[  260.971369][T10650]  ? tun_get+0x191/0x370
[  260.971387][T10650]  tun_chr_write_iter+0xdc/0x210
[  260.971404][T10650]  vfs_write+0x6c4/0x1150
[  260.971418][T10650]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  260.971435][T10650]  ? __pfx_vfs_write+0x10/0x10
[  260.971452][T10650]  ? find_held_lock+0x2b/0x80
[  260.971474][T10650]  ksys_write+0x12a/0x250
[  260.971487][T10650]  ? __pfx_ksys_write+0x10/0x10
[  260.971500][T10650]  ? xfd_validate_state+0x61/0x180
[  260.971519][T10650]  do_syscall_64+0xcd/0x4c0
[  260.971536][T10650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.971547][T10650] RIP: 0033:0x7f9b5db8d3df
[  260.971556][T10650] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  260.971567][T10650] RSP: 002b:00007f9b5e970000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  260.971578][T10650] RAX: ffffffffffffffda RBX: 00007f9b5ddb5fa0 RCX: 00007f9b5db8d3df
[  260.971584][T10650] RDX: 0000000000000036 RSI: 0000200000000080 RDI: 00000000000000c8
[  260.971590][T10650] RBP: 00007f9b5e970090 R08: 0000000000000000 R09: 0000000000000000
[  260.971597][T10650] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  260.971603][T10650] R13: 0000000000000000 R14: 00007f9b5ddb5fa0 R15: 00007ffec58d5f38
[  260.971616][T10650]  </TASK>
[  261.070667][T10652] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1431'.
[  261.123908][T10655] program syz.4.1432 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  261.124472][T10652] bond0: option use_carrier: invalid value (100)
[  261.224524][T10667] FAULT_INJECTION: forcing a failure.
[  261.224524][T10667] name failslab, interval 1, probability 0, space 0, times 0
[  261.230149][T10667] CPU: 3 UID: 0 PID: 10667 Comm: syz.4.1437 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  261.230172][T10667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  261.230185][T10667] Call Trace:
[  261.230191][T10667]  <TASK>
[  261.230198][T10667]  dump_stack_lvl+0x16c/0x1f0
[  261.230229][T10667]  should_fail_ex+0x512/0x640
[  261.230253][T10667]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  261.230279][T10667]  should_failslab+0xc2/0x120
[  261.230306][T10667]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  261.230328][T10667]  ? __lock_acquire+0x622/0x1c90
[  261.230343][T10667]  ? __alloc_skb+0x2b2/0x380
[  261.230370][T10667]  __alloc_skb+0x2b2/0x380
[  261.230392][T10667]  ? __pfx___alloc_skb+0x10/0x10
[  261.230417][T10667]  ? find_held_lock+0x2b/0x80
[  261.230444][T10667]  mgmt_cmd_complete+0x4f/0x550
[  261.230474][T10667]  get_conn_info+0x2da/0x930
[  261.230500][T10667]  ? find_held_lock+0x2b/0x80
[  261.230524][T10667]  ? __pfx_get_conn_info+0x10/0x10
[  261.230546][T10667]  ? __hci_dev_get+0x16a/0x270
[  261.230575][T10667]  ? do_raw_read_unlock+0x44/0xe0
[  261.230596][T10667]  ? _raw_read_unlock+0x28/0x50
[  261.230619][T10667]  ? __pfx_mgmt_init_hdev+0x10/0x10
[  261.230652][T10667]  hci_sock_sendmsg+0x1522/0x25f0
[  261.230684][T10667]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  261.230717][T10667]  sock_write_iter+0x4ff/0x5b0
[  261.230732][T10667]  ? __pfx_sock_write_iter+0x10/0x10
[  261.230761][T10667]  ? bpf_lsm_file_permission+0x9/0x10
[  261.230790][T10667]  ? security_file_permission+0x71/0x210
[  261.230817][T10667]  ? rw_verify_area+0xcf/0x680
[  261.230838][T10667]  vfs_write+0x6c4/0x1150
[  261.230859][T10667]  ? __pfx_sock_write_iter+0x10/0x10
[  261.230881][T10667]  ? __pfx_vfs_write+0x10/0x10
[  261.230902][T10667]  ? find_held_lock+0x2b/0x80
[  261.230942][T10667]  ksys_write+0x1f8/0x250
[  261.230965][T10667]  ? __pfx_ksys_write+0x10/0x10
[  261.230996][T10667]  do_syscall_64+0xcd/0x4c0
[  261.231021][T10667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.231041][T10667] RIP: 0033:0x7f9b5db8e929
[  261.231056][T10667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.231075][T10667] RSP: 002b:00007f9b5e970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  261.231093][T10667] RAX: ffffffffffffffda RBX: 00007f9b5ddb5fa0 RCX: 00007f9b5db8e929
[  261.231103][T10667] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  261.231113][T10667] RBP: 00007f9b5e970090 R08: 0000000000000000 R09: 0000000000000000
[  261.231125][T10667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.231135][T10667] R13: 0000000000000000 R14: 00007f9b5ddb5fa0 R15: 00007ffec58d5f38
[  261.231162][T10667]  </TASK>
[  261.341195][T10669] kvm: user requested TSC rate below hardware speed
[  261.401482][T10674] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1440'.
[  261.461083][T10678] KVM: debugfs: duplicate directory 10678-4
[  261.461678][   T40] audit: type=1400 audit(1751890668.441:665): avc:  denied  { ioctl } for  pid=10677 comm="syz.4.1442" path="socket:[31420]" dev="sockfs" ino=31420 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  261.464758][ T6000] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  261.517796][T10676] loop6: detected capacity change from 0 to 524287999
[  261.540918][ T5964] Bluetooth: hci1: SCO packet for unknown connection handle 2048
[  261.586179][T10681] FAULT_INJECTION: forcing a failure.
[  261.586179][T10681] name failslab, interval 1, probability 0, space 0, times 0
[  261.594474][T10681] CPU: 1 UID: 0 PID: 10681 Comm: syz.6.1443 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  261.594497][T10681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  261.594508][T10681] Call Trace:
[  261.594514][T10681]  <TASK>
[  261.594521][T10681]  dump_stack_lvl+0x16c/0x1f0
[  261.594549][T10681]  should_fail_ex+0x512/0x640
[  261.594571][T10681]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  261.594594][T10681]  should_failslab+0xc2/0x120
[  261.594620][T10681]  __kmalloc_cache_noprof+0x6a/0x3e0
[  261.594640][T10681]  ? nexthop_alloc+0x3c/0x1f0
[  261.594667][T10681]  nexthop_alloc+0x3c/0x1f0
[  261.594690][T10681]  rtm_new_nexthop+0x1fa5/0x84e0
[  261.594706][T10681]  ? stack_trace_save+0x8e/0xc0
[  261.594730][T10681]  ? __pfx_stack_trace_save+0x10/0x10
[  261.594752][T10681]  ? stack_depot_save_flags+0x28/0xa40
[  261.594776][T10681]  ? __lock_acquire+0xb8a/0x1c90
[  261.594797][T10681]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  261.594812][T10681]  ? kasan_save_stack+0x33/0x60
[  261.594832][T10681]  ? kasan_save_track+0x14/0x30
[  261.594853][T10681]  ? kasan_save_free_info+0x3b/0x60
[  261.594868][T10681]  ? __kasan_slab_free+0x51/0x70
[  261.594889][T10681]  ? kmem_cache_free+0x2d1/0x4d0
[  261.594908][T10681]  ? kfree_skbmem+0x1a4/0x1f0
[  261.594924][T10681]  ? consume_skb+0xcc/0x100
[  261.594946][T10681]  ? nlmon_xmit+0xa5/0xe0
[  261.594963][T10681]  ? dev_hard_start_xmit+0x97/0x740
[  261.594981][T10681]  ? __dev_queue_xmit+0x7eb/0x43e0
[  261.594998][T10681]  ? netlink_deliver_tap+0xa87/0xd30
[  261.595021][T10681]  ? netlink_unicast+0x5df/0x7f0
[  261.595035][T10681]  ? netlink_sendmsg+0x8d1/0xdd0
[  261.595049][T10681]  ? ____sys_sendmsg+0xa95/0xc70
[  261.595063][T10681]  ? ___sys_sendmsg+0x134/0x1d0
[  261.595083][T10681]  ? __sys_sendmsg+0x16d/0x220
[  261.595103][T10681]  ? do_syscall_64+0xcd/0x4c0
[  261.595126][T10681]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.595165][T10681]  ? find_held_lock+0x2b/0x80
[  261.595197][T10681]  ? cred_has_capability.isra.0+0x193/0x2f0
[  261.595225][T10681]  ? __lock_acquire+0x622/0x1c90
[  261.595252][T10681]  ? find_held_lock+0x2b/0x80
[  261.595270][T10681]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  261.595283][T10681]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  261.595299][T10681]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  261.595312][T10681]  ? rtnetlink_rcv_msg+0x95e/0xe90
[  261.595334][T10681]  rtnetlink_rcv_msg+0x95e/0xe90
[  261.595359][T10681]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  261.595389][T10681]  ? ref_tracker_free+0x37c/0x830
[  261.595414][T10681]  netlink_rcv_skb+0x155/0x420
[  261.595439][T10681]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  261.595465][T10681]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  261.595491][T10681]  ? netlink_deliver_tap+0x1ae/0xd30
[  261.595521][T10681]  netlink_unicast+0x53a/0x7f0
[  261.595540][T10681]  ? __pfx_netlink_unicast+0x10/0x10
[  261.595564][T10681]  netlink_sendmsg+0x8d1/0xdd0
[  261.595585][T10681]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.595612][T10681]  ____sys_sendmsg+0xa95/0xc70
[  261.595630][T10681]  ? copy_msghdr_from_user+0x10a/0x160
[  261.595671][T10681]  ? __pfx_____sys_sendmsg+0x10/0x10
[  261.595701][T10681]  ___sys_sendmsg+0x134/0x1d0
[  261.595726][T10681]  ? __pfx____sys_sendmsg+0x10/0x10
[  261.595747][T10681]  ? __lock_acquire+0x622/0x1c90
[  261.595797][T10681]  __sys_sendmsg+0x16d/0x220
[  261.595821][T10681]  ? __pfx___sys_sendmsg+0x10/0x10
[  261.595862][T10681]  do_syscall_64+0xcd/0x4c0
[  261.595890][T10681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.595907][T10681] RIP: 0033:0x7f284c78e929
[  261.595922][T10681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.595940][T10681] RSP: 002b:00007f284d5c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.595957][T10681] RAX: ffffffffffffffda RBX: 00007f284c9b5fa0 RCX: 00007f284c78e929
[  261.595967][T10681] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  261.595979][T10681] RBP: 00007f284d5c3090 R08: 0000000000000000 R09: 0000000000000000
[  261.595989][T10681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.595998][T10681] R13: 0000000000000000 R14: 00007f284c9b5fa0 R15: 00007ffd9d59e5a8
[  261.596022][T10681]  </TASK>
[  261.763678][ T6000] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.767084][ T6000] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  261.769849][ T6000] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.774020][ T6000] usb 7-1: config 0 descriptor??
[  261.795975][T10685] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1445'.
[  261.833679][T10687] syzkaller0: entered promiscuous mode
[  261.835915][T10687] syzkaller0: entered allmulticast mode
[  261.960364][T10697] FAULT_INJECTION: forcing a failure.
[  261.960364][T10697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.967195][T10697] CPU: 0 UID: 0 PID: 10697 Comm: syz.4.1451 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  261.967219][T10697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  261.967231][T10697] Call Trace:
[  261.967238][T10697]  <TASK>
[  261.967246][T10697]  dump_stack_lvl+0x16c/0x1f0
[  261.967272][T10697]  should_fail_ex+0x512/0x640
[  261.967301][T10697]  _copy_from_user+0x2e/0xd0
[  261.967328][T10697]  kstrtouint_from_user+0xd6/0x1d0
[  261.967348][T10697]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  261.967364][T10697]  ? __lock_acquire+0xb8a/0x1c90
[  261.967396][T10697]  proc_fail_nth_write+0x83/0x250
[  261.967417][T10697]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  261.967448][T10697]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  261.967469][T10697]  vfs_write+0x2a0/0x1150
[  261.967497][T10697]  ? __pfx___mutex_lock+0x10/0x10
[  261.967524][T10697]  ? __pfx_vfs_write+0x10/0x10
[  261.967553][T10697]  ? __fget_files+0x20e/0x3c0
[  261.967585][T10697]  ksys_write+0x12a/0x250
[  261.967628][T10697]  ? __pfx_ksys_write+0x10/0x10
[  261.967659][T10697]  do_syscall_64+0xcd/0x4c0
[  261.967687][T10697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.967706][T10697] RIP: 0033:0x7f9b5db8d3df
[  261.967721][T10697] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  261.967740][T10697] RSP: 002b:00007f9b5e970030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  261.967758][T10697] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9b5db8d3df
[  261.967770][T10697] RDX: 0000000000000001 RSI: 00007f9b5e9700a0 RDI: 0000000000000006
[  261.967782][T10697] RBP: 00007f9b5e970090 R08: 0000000000000000 R09: 0000000000000000
[  261.967792][T10697] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  261.967804][T10697] R13: 0000000000000000 R14: 00007f9b5ddb5fa0 R15: 00007ffec58d5f38
[  261.967829][T10697]  </TASK>
[  261.972879][T10699] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1452'.
[  261.982066][T10665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.059384][T10665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.308049][   T40] audit: type=1326 audit(1751890669.291:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10708 comm="syz.4.1455" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b5db8e929 code=0x0
[  262.666366][T10719] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  262.836683][T10725] netlink: 'syz.6.1459': attribute type 9 has an invalid length.
[  262.839918][T10725] netlink: 'syz.6.1459': attribute type 6 has an invalid length.
[  262.842869][T10725] netlink: 'syz.6.1459': attribute type 7 has an invalid length.
[  262.845287][T10725] netlink: 'syz.6.1459': attribute type 8 has an invalid length.
[  262.921662][   T40] audit: type=1326 audit(1751890669.901:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10726 comm="syz.6.1460" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f284c78e929 code=0x0
[  262.937084][T10729] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1461'.
[  263.067648][T10736] FAULT_INJECTION: forcing a failure.
[  263.067648][T10736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.073419][T10736] CPU: 3 UID: 0 PID: 10736 Comm: syz.4.1464 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  263.073435][T10736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  263.073442][T10736] Call Trace:
[  263.073445][T10736]  <TASK>
[  263.073449][T10736]  dump_stack_lvl+0x16c/0x1f0
[  263.073469][T10736]  should_fail_ex+0x512/0x640
[  263.073486][T10736]  _copy_from_user+0x2e/0xd0
[  263.073502][T10736]  copy_msghdr_from_user+0x98/0x160
[  263.073518][T10736]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  263.073535][T10736]  ? kfree+0x24f/0x4d0
[  263.073546][T10736]  ? __pfx__kstrtoull+0x10/0x10
[  263.073560][T10736]  ___sys_sendmsg+0xfe/0x1d0
[  263.073575][T10736]  ? __pfx____sys_sendmsg+0x10/0x10
[  263.073602][T10736]  ? __pfx___might_resched+0x10/0x10
[  263.073619][T10736]  __sys_sendmmsg+0x200/0x420
[  263.073635][T10736]  ? __pfx___sys_sendmmsg+0x10/0x10
[  263.073662][T10736]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  263.073685][T10736]  ? fput+0x70/0xf0
[  263.073694][T10736]  ? ksys_write+0x1ac/0x250
[  263.073707][T10736]  ? __pfx_ksys_write+0x10/0x10
[  263.073723][T10736]  __x64_sys_sendmmsg+0x9c/0x100
[  263.073737][T10736]  ? lockdep_hardirqs_on+0x7c/0x110
[  263.073751][T10736]  do_syscall_64+0xcd/0x4c0
[  263.073766][T10736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.073778][T10736] RIP: 0033:0x7f9b5db8e929
[  263.073787][T10736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.073797][T10736] RSP: 002b:00007f9b5e970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  263.073808][T10736] RAX: ffffffffffffffda RBX: 00007f9b5ddb5fa0 RCX: 00007f9b5db8e929
[  263.073814][T10736] RDX: 0000000000034000 RSI: 00002000000008c0 RDI: 0000000000000004
[  263.073821][T10736] RBP: 00007f9b5e970090 R08: 0000000000000000 R09: 0000000000000000
[  263.073827][T10736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.073833][T10736] R13: 0000000000000000 R14: 00007f9b5ddb5fa0 R15: 00007ffec58d5f38
[  263.073847][T10736]  </TASK>
[  263.263808][T10742] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1465'.
[  263.565317][T10747] loop7: detected capacity change from 0 to 524255232
[  263.753823][T10751] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1468'.
[  263.758628][   T40] audit: type=1400 audit(1751890670.741:668): avc:  denied  { write } for  pid=10748 comm="syz.5.1468" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  263.801863][T10753] kvm: user requested TSC rate below hardware speed
[  264.012292][   T40] audit: type=1400 audit(1751890670.991:669): avc:  denied  { map } for  pid=10757 comm="syz.4.1471" path="socket:[31468]" dev="sockfs" ino=31468 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  264.019614][   T40] audit: type=1400 audit(1751890670.991:670): avc:  denied  { read } for  pid=10757 comm="syz.4.1471" path="socket:[31468]" dev="sockfs" ino=31468 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  264.061224][   T40] audit: type=1326 audit(1751890671.041:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10760 comm="syz.6.1472" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f284c78e929 code=0x0
[  264.200214][T10769] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1474'.
[  264.204451][    C1] Unknown status report in ack skb
[  264.242985][ T6000] usbhid 7-1:0.0: can't add hid device: -71
[  264.245459][ T6000] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  264.250327][ T5960] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  264.260747][ T6000] usb 7-1: USB disconnect, device number 16
[  264.311035][   T40] audit: type=1326 audit(1751890671.291:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.2.1477" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcd64d8e929 code=0x0
[  264.471835][T10779] kvm: user requested TSC rate below hardware speed
[  264.474388][T10779] FAULT_INJECTION: forcing a failure.
[  264.474388][T10779] name failslab, interval 1, probability 0, space 0, times 0
[  264.478274][T10779] CPU: 3 UID: 0 PID: 10779 Comm: syz.4.1478 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  264.478288][T10779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  264.478295][T10779] Call Trace:
[  264.478299][T10779]  <TASK>
[  264.478303][T10779]  dump_stack_lvl+0x16c/0x1f0
[  264.478322][T10779]  should_fail_ex+0x512/0x640
[  264.478337][T10779]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  264.478352][T10779]  should_failslab+0xc2/0x120
[  264.478369][T10779]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  264.478382][T10779]  ? __asan_memcpy+0x3c/0x60
[  264.478394][T10779]  ? alloc_pid+0xc7/0xbc0
[  264.478406][T10779]  alloc_pid+0xc7/0xbc0
[  264.478420][T10779]  copy_process+0x466f/0x7650
[  264.478441][T10779]  ? __pfx_copy_process+0x10/0x10
[  264.478458][T10779]  ? lockdep_init_map_type+0x5c/0x280
[  264.478470][T10779]  ? lockdep_init_map_type+0x5c/0x280
[  264.478480][T10779]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  264.478497][T10779]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  264.478510][T10779]  vhost_task_create+0x1d2/0x2e0
[  264.478521][T10779]  ? __pfx_vhost_task_create+0x10/0x10
[  264.478536][T10779]  ? __pfx_vhost_task_fn+0x10/0x10
[  264.478553][T10779]  kvm_mmu_post_init_vm+0x1b7/0x370
[  264.478569][T10779]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  264.478582][T10779]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  264.478599][T10779]  kvm_vcpu_ioctl+0x5eb/0x1690
[  264.478614][T10779]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  264.478631][T10779]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  264.478649][T10779]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  264.478672][T10779]  ? hook_file_ioctl_common+0x145/0x410
[  264.478694][T10779]  ? selinux_file_ioctl+0x180/0x270
[  264.478708][T10779]  ? selinux_file_ioctl+0xb4/0x270
[  264.478723][T10779]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  264.478737][T10779]  __x64_sys_ioctl+0x18e/0x210
[  264.478750][T10779]  do_syscall_64+0xcd/0x4c0
[  264.478767][T10779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.478778][T10779] RIP: 0033:0x7f9b5db8e929
[  264.478787][T10779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.478798][T10779] RSP: 002b:00007f9b5e970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  264.478809][T10779] RAX: ffffffffffffffda RBX: 00007f9b5ddb5fa0 RCX: 00007f9b5db8e929
[  264.478815][T10779] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  264.478821][T10779] RBP: 00007f9b5e970090 R08: 0000000000000000 R09: 0000000000000000
[  264.478827][T10779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.478833][T10779] R13: 0000000000000000 R14: 00007f9b5ddb5fa0 R15: 00007ffec58d5f38
[  264.478847][T10779]  </TASK>
[  264.625411][T10783] bridge1: entered promiscuous mode
[  264.691497][T10787] FAULT_INJECTION: forcing a failure.
[  264.691497][T10787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.696104][T10787] CPU: 1 UID: 0 PID: 10787 Comm: syz.4.1481 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  264.696118][T10787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  264.696125][T10787] Call Trace:
[  264.696128][T10787]  <TASK>
[  264.696149][T10787]  dump_stack_lvl+0x16c/0x1f0
[  264.696170][T10787]  should_fail_ex+0x512/0x640
[  264.696187][T10787]  _copy_from_user+0x2e/0xd0
[  264.696202][T10787]  copy_msghdr_from_user+0x98/0x160
[  264.696217][T10787]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  264.696234][T10787]  ? kfree+0x24f/0x4d0
[  264.696245][T10787]  ? __pfx__kstrtoull+0x10/0x10
[  264.696258][T10787]  ___sys_sendmsg+0xfe/0x1d0
[  264.696273][T10787]  ? __pfx____sys_sendmsg+0x10/0x10
[  264.696300][T10787]  ? __pfx___might_resched+0x10/0x10
[  264.696318][T10787]  __sys_sendmmsg+0x200/0x420
[  264.696334][T10787]  ? __pfx___sys_sendmmsg+0x10/0x10
[  264.696353][T10787]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  264.696375][T10787]  ? fput+0x70/0xf0
[  264.696384][T10787]  ? ksys_write+0x1ac/0x250
[  264.696397][T10787]  ? __pfx_ksys_write+0x10/0x10
[  264.696413][T10787]  __x64_sys_sendmmsg+0x9c/0x100
[  264.696427][T10787]  ? lockdep_hardirqs_on+0x7c/0x110
[  264.696445][T10787]  do_syscall_64+0xcd/0x4c0
[  264.696461][T10787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.696472][T10787] RIP: 0033:0x7f9b5db8e929
[  264.696482][T10787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.696492][T10787] RSP: 002b:00007f9b5e970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  264.696503][T10787] RAX: ffffffffffffffda RBX: 00007f9b5ddb5fa0 RCX: 00007f9b5db8e929
[  264.696509][T10787] RDX: 0000000000034000 RSI: 00002000000008c0 RDI: 0000000000000003
[  264.696515][T10787] RBP: 00007f9b5e970090 R08: 0000000000000000 R09: 0000000000000000
[  264.696521][T10787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.696527][T10787] R13: 0000000000000000 R14: 00007f9b5ddb5fa0 R15: 00007ffec58d5f38
[  264.696540][T10787]  </TASK>
[  264.795855][T10789] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1482'.
[  264.799401][T10789] veth0_to_bond: entered allmulticast mode
[  265.202478][ T6000] usb 11-1: new low-speed USB device number 5 using dummy_hcd
[  265.332432][ T6000] usb 11-1: device descriptor read/64, error -71
[  265.582449][ T6000] usb 11-1: new low-speed USB device number 6 using dummy_hcd
[  265.632635][ T5964] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  265.742862][ T6000] usb 11-1: device descriptor read/64, error -71
[  265.766592][T10817] syzkaller0: entered promiscuous mode
[  265.768867][T10817] syzkaller0: entered allmulticast mode
[  265.854209][ T6000] usb usb11-port1: attempt power cycle
[  265.911964][T10819] __nla_validate_parse: 1 callbacks suppressed
[  265.911981][T10819] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1494'.
[  265.960526][ T5964] Bluetooth: unknown link type 108
[  265.963058][ T5964] Bluetooth: hci2: connection err: -111
[  266.050184][T10826] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1496'.
[  266.192447][ T6000] usb 11-1: new low-speed USB device number 7 using dummy_hcd
[  266.206489][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  266.206504][   T40] audit: type=1400 audit(1751890673.191:674): avc:  denied  { execute } for  pid=10829 comm="syz.2.1498" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  266.213902][ T6000] usb 11-1: device descriptor read/8, error -71
[  266.342460][   T61] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  266.462443][ T6000] usb 11-1: new low-speed USB device number 8 using dummy_hcd
[  266.485613][ T6000] usb 11-1: device descriptor read/8, error -71
[  266.502560][   T61] usb 9-1: Using ep0 maxpacket: 32
[  266.506679][   T61] usb 9-1: config index 0 descriptor too short (expected 156, got 27)
[  266.510111][   T61] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  266.514764][   T61] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  266.519209][   T61] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  266.524785][   T61] usb 9-1: config 0 interface 0 has no altsetting 0
[  266.529611][   T61] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  266.533325][   T61] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  266.536736][   T61] usb 9-1: Product: syz
[  266.538518][   T61] usb 9-1: Manufacturer: syz
[  266.540456][   T61] usb 9-1: SerialNumber: syz
[  266.544694][   T61] usb 9-1: config 0 descriptor??
[  266.549543][   T61] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  266.556662][   T61] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  266.603038][ T6000] usb usb11-port1: unable to enumerate USB device
[  266.653548][T10837] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1501'.
[  266.804155][   T61] usb 9-1: USB disconnect, device number 5
[  266.806902][    C2] ldusb 9-1:0.0: usb_submit_urb failed (-19)
[  266.813946][   T61] ldusb 9-1:0.0: LD USB Device #0 now disconnected
[  266.840029][T10842] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1503'.
[  266.916278][   T40] audit: type=1400 audit(1751890673.901:675): avc:  denied  { write } for  pid=10843 comm="syz.5.1504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  267.300845][T10855] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1506'.
[  267.556236][   T40] audit: type=1326 audit(1751890674.541:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10856 comm="syz.4.1508" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b5db8e929 code=0x0
[  267.988066][T10860] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1509'.
[  268.041313][   T40] audit: type=1400 audit(1751890675.021:677): avc:  denied  { write } for  pid=10865 comm="syz.6.1511" path="socket:[33864]" dev="sockfs" ino=33864 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  268.124651][T10870] loop7: detected capacity change from 0 to 524255232
[  268.217411][ T5365] udevd[5365]: worker [7928] terminated by signal 33 (Unknown signal 33)
[  268.220074][ T5365] udevd[5365]: worker [7928] failed while handling '/devices/virtual/block/loop7'
[  268.260199][T10880] Bluetooth: hci0: load_link_keys: too big key_count value 28530
[  268.263954][T10880] FAULT_INJECTION: forcing a failure.
[  268.263954][T10880] name failslab, interval 1, probability 0, space 0, times 0
[  268.267873][T10880] CPU: 2 UID: 0 PID: 10880 Comm: syz.2.1518 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  268.267887][T10880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  268.267894][T10880] Call Trace:
[  268.267898][T10880]  <TASK>
[  268.267903][T10880]  dump_stack_lvl+0x16c/0x1f0
[  268.267921][T10880]  should_fail_ex+0x512/0x640
[  268.267939][T10880]  should_failslab+0xc2/0x120
[  268.267955][T10880]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  268.267971][T10880]  ? __alloc_skb+0x2b2/0x380
[  268.267987][T10880]  __alloc_skb+0x2b2/0x380
[  268.268001][T10880]  ? __pfx___alloc_skb+0x10/0x10
[  268.268014][T10880]  ? __alloc_skb+0x200/0x380
[  268.268027][T10880]  ? __pfx___alloc_skb+0x10/0x10
[  268.268039][T10880]  ? __pfx_bt_err+0x10/0x10
[  268.268056][T10880]  create_monitor_ctrl_event+0x3b/0x450
[  268.268073][T10880]  mgmt_cmd_status+0x29e/0x510
[  268.268089][T10880]  load_link_keys+0x215/0x940
[  268.268121][T10880]  ? __hci_dev_get+0x16a/0x270
[  268.268141][T10880]  ? __pfx_load_link_keys+0x10/0x10
[  268.268175][T10880]  ? do_raw_read_unlock+0x44/0xe0
[  268.268189][T10880]  ? _raw_read_unlock+0x28/0x50
[  268.268204][T10880]  ? __pfx_mgmt_init_hdev+0x10/0x10
[  268.268229][T10880]  hci_sock_sendmsg+0x1522/0x25f0
[  268.268254][T10880]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  268.268274][T10880]  sock_write_iter+0x4ff/0x5b0
[  268.268285][T10880]  ? __pfx_sock_write_iter+0x10/0x10
[  268.268301][T10880]  ? bpf_lsm_file_permission+0x9/0x10
[  268.268318][T10880]  ? security_file_permission+0x71/0x210
[  268.268334][T10880]  ? rw_verify_area+0xcf/0x680
[  268.268347][T10880]  vfs_write+0x6c4/0x1150
[  268.268366][T10880]  ? __pfx_sock_write_iter+0x10/0x10
[  268.268378][T10880]  ? __pfx_vfs_write+0x10/0x10
[  268.268390][T10880]  ? find_held_lock+0x2b/0x80
[  268.268412][T10880]  ksys_write+0x1f8/0x250
[  268.268426][T10880]  ? __pfx_ksys_write+0x10/0x10
[  268.268443][T10880]  do_syscall_64+0xcd/0x4c0
[  268.268459][T10880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.268470][T10880] RIP: 0033:0x7fcd64d8e929
[  268.268480][T10880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.268490][T10880] RSP: 002b:00007fcd65b5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  268.268500][T10880] RAX: ffffffffffffffda RBX: 00007fcd64fb5fa0 RCX: 00007fcd64d8e929
[  268.268507][T10880] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000005
[  268.268513][T10880] RBP: 00007fcd65b5b090 R08: 0000000000000000 R09: 0000000000000000
[  268.268519][T10880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.268525][T10880] R13: 0000000000000000 R14: 00007fcd64fb5fa0 R15: 00007ffdc2ee1d28
[  268.268539][T10880]  </TASK>
[  268.483490][T10892] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1522'.
[  268.494862][T10890] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1521'.
[  268.554122][T10896] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1517'.
[  268.815513][   T40] audit: type=1326 audit(1751890675.801:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10913 comm="syz.4.1530" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b5db8e929 code=0x0
[  268.823946][T10917] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1531'.
[  268.961097][   T40] audit: type=1400 audit(1751890675.941:679): avc:  denied  { create } for  pid=10925 comm="syz.5.1534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  268.969958][   T40] audit: type=1400 audit(1751890675.961:680): avc:  denied  { read } for  pid=10925 comm="syz.5.1534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  269.044130][T10930] FAULT_INJECTION: forcing a failure.
[  269.044130][T10930] name failslab, interval 1, probability 0, space 0, times 0
[  269.048126][T10930] CPU: 2 UID: 0 PID: 10930 Comm: syz.5.1536 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  269.048140][T10930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.048147][T10930] Call Trace:
[  269.048151][T10930]  <TASK>
[  269.048155][T10930]  dump_stack_lvl+0x16c/0x1f0
[  269.048174][T10930]  should_fail_ex+0x512/0x640
[  269.048189][T10930]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  269.048206][T10930]  should_failslab+0xc2/0x120
[  269.048221][T10930]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  269.048236][T10930]  ? __alloc_skb+0x2b2/0x380
[  269.048250][T10930]  ? __pfx_avc_has_perm+0x10/0x10
[  269.048263][T10930]  __alloc_skb+0x2b2/0x380
[  269.048275][T10930]  ? __pfx___alloc_skb+0x10/0x10
[  269.048288][T10930]  ? do_raw_spin_lock+0x12c/0x2b0
[  269.048301][T10930]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  269.048317][T10930]  sock_wmalloc+0xd4/0x120
[  269.048330][T10930]  pppoe_sendmsg+0x2c3/0x7b0
[  269.048344][T10930]  ? __pfx_pppoe_sendmsg+0x10/0x10
[  269.048353][T10930]  ? __might_fault+0x13b/0x190
[  269.048375][T10930]  ____sys_sendmsg+0xa95/0xc70
[  269.048385][T10930]  ? copy_msghdr_from_user+0x10a/0x160
[  269.048400][T10930]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.048412][T10930]  ? kfree+0x24f/0x4d0
[  269.048422][T10930]  ? __pfx__kstrtoull+0x10/0x10
[  269.048436][T10930]  ___sys_sendmsg+0x134/0x1d0
[  269.048452][T10930]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.048479][T10930]  ? __pfx___might_resched+0x10/0x10
[  269.048497][T10930]  __sys_sendmmsg+0x200/0x420
[  269.048513][T10930]  ? __pfx___sys_sendmmsg+0x10/0x10
[  269.048533][T10930]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  269.048555][T10930]  ? fput+0x70/0xf0
[  269.048564][T10930]  ? ksys_write+0x1ac/0x250
[  269.048577][T10930]  ? __pfx_ksys_write+0x10/0x10
[  269.048593][T10930]  __x64_sys_sendmmsg+0x9c/0x100
[  269.048607][T10930]  ? lockdep_hardirqs_on+0x7c/0x110
[  269.048623][T10930]  do_syscall_64+0xcd/0x4c0
[  269.048639][T10930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.048650][T10930] RIP: 0033:0x7f9feb78e929
[  269.048659][T10930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.048669][T10930] RSP: 002b:00007f9fec5ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  269.048679][T10930] RAX: ffffffffffffffda RBX: 00007f9feb9b5fa0 RCX: 00007f9feb78e929
[  269.048686][T10930] RDX: 0000000000034000 RSI: 00002000000008c0 RDI: 0000000000000003
[  269.048692][T10930] RBP: 00007f9fec5ac090 R08: 0000000000000000 R09: 0000000000000000
[  269.048698][T10930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.048704][T10930] R13: 0000000000000000 R14: 00007f9feb9b5fa0 R15: 00007ffe11f57818
[  269.048717][T10930]  </TASK>
[  269.150702][T10934] syz.6.1538: attempt to access beyond end of device
[  269.150702][T10934] loop6: rw=0, sector=0, nr_sectors = 1 limit=0
[  269.156314][T10934] FAT-fs (loop6): unable to read boot sector
[  269.164425][T10937] FAULT_INJECTION: forcing a failure.
[  269.164425][T10937] name failslab, interval 1, probability 0, space 0, times 0
[  269.165187][T10934] netlink: zone id is out of range
[  269.169555][T10937] CPU: 0 UID: 0 PID: 10937 Comm: syz.5.1539 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  269.169579][T10937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.169590][T10937] Call Trace:
[  269.169598][T10937]  <TASK>
[  269.169604][T10937]  dump_stack_lvl+0x16c/0x1f0
[  269.169634][T10937]  should_fail_ex+0x512/0x640
[  269.169661][T10937]  should_failslab+0xc2/0x120
[  269.169687][T10937]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  269.169709][T10937]  ? __call_rcu_common.constprop.0+0x3f0/0xa10
[  269.169730][T10937]  ? __alloc_skb+0x2b2/0x380
[  269.169758][T10937]  __alloc_skb+0x2b2/0x380
[  269.169779][T10937]  ? __pfx___alloc_skb+0x10/0x10
[  269.169802][T10937]  ? rt_cache_route+0x100/0x1c0
[  269.169826][T10937]  ? __lock_acquire+0x622/0x1c90
[  269.169847][T10937]  __ip_append_data+0x3128/0x4240
[  269.169871][T10937]  ? __pfx_ip_reply_glue_bits+0x10/0x10
[  269.169897][T10937]  ? ip_dst_mtu_maybe_forward.constprop.0+0x311/0x6e0
[  269.169919][T10937]  ? __pfx___ip_append_data+0x10/0x10
[  269.169944][T10937]  ip_send_unicast_reply+0x8a0/0x1600
[  269.169973][T10937]  ? __pfx_ip_send_unicast_reply+0x10/0x10
[  269.170009][T10937]  ? tun_chr_write_iter+0xdc/0x210
[  269.170036][T10937]  ? vfs_write+0x6c4/0x1150
[  269.170056][T10937]  ? ksys_write+0x12a/0x250
[  269.170076][T10937]  ? do_syscall_64+0xcd/0x4c0
[  269.170098][T10937]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.170131][T10937]  tcp_v4_send_reset+0x1299/0x2fa0
[  269.170164][T10937]  ? __pfx_tcp_v4_send_reset+0x10/0x10
[  269.170184][T10937]  ? __pfx_inet_ehashfn+0x10/0x10
[  269.170204][T10937]  ? __call_rcu_common.constprop.0+0x3f0/0xa10
[  269.170223][T10937]  ? ipt_do_table+0xd48/0x1ae0
[  269.170248][T10937]  ? __inet_lookup_established+0x4bb/0x800
[  269.170286][T10937]  ? __inet_lookup_listener+0x321/0x3b0
[  269.170315][T10937]  ? __asan_memmove+0x3c/0x60
[  269.170338][T10937]  ? tcp_v4_rcv+0x1811/0x4650
[  269.170359][T10937]  tcp_v4_rcv+0x1811/0x4650
[  269.170399][T10937]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  269.170427][T10937]  ? __pfx_raw_local_deliver+0x10/0x10
[  269.170456][T10937]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  269.170479][T10937]  ip_protocol_deliver_rcu+0xba/0x4c0
[  269.170507][T10937]  ip_local_deliver_finish+0x316/0x570
[  269.170536][T10937]  ip_local_deliver+0x18e/0x1f0
[  269.170561][T10937]  ? __pfx_ip_local_deliver+0x10/0x10
[  269.170587][T10937]  ip_rcv+0x2c3/0x5d0
[  269.170614][T10937]  ? __pfx_ip_rcv+0x10/0x10
[  269.170636][T10937]  __netif_receive_skb_one_core+0x197/0x1e0
[  269.170659][T10937]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  269.170681][T10937]  ? lock_acquire+0x179/0x350
[  269.170698][T10937]  ? __phys_addr+0xe8/0x180
[  269.170723][T10937]  __netif_receive_skb+0x1d/0x160
[  269.170745][T10937]  netif_receive_skb+0x137/0x7b0
[  269.170765][T10937]  ? __pfx_netif_receive_skb+0x10/0x10
[  269.170797][T10937]  tun_rx_batched.isra.0+0x3ee/0x740
[  269.170825][T10937]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[  269.170858][T10937]  ? tun_get_user+0x1c0d/0x3b80
[  269.170881][T10937]  ? rcu_is_watching+0x12/0xc0
[  269.170909][T10937]  tun_get_user+0x28a2/0x3b80
[  269.170948][T10937]  ? __pfx_tun_get_user+0x10/0x10
[  269.170973][T10937]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  269.171005][T10937]  ? find_held_lock+0x2b/0x80
[  269.171027][T10937]  ? tun_get+0x191/0x370
[  269.171057][T10937]  tun_chr_write_iter+0xdc/0x210
[  269.171086][T10937]  vfs_write+0x6c4/0x1150
[  269.171109][T10937]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  269.171138][T10937]  ? __pfx_vfs_write+0x10/0x10
[  269.171158][T10937]  ? find_held_lock+0x2b/0x80
[  269.171198][T10937]  ksys_write+0x12a/0x250
[  269.171221][T10937]  ? __pfx_ksys_write+0x10/0x10
[  269.171251][T10937]  do_syscall_64+0xcd/0x4c0
[  269.171283][T10937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.171301][T10937] RIP: 0033:0x7f9feb78d3df
[  269.171316][T10937] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  269.171333][T10937] RSP: 002b:00007f9fec5ac000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  269.171350][T10937] RAX: ffffffffffffffda RBX: 00007f9feb9b5fa0 RCX: 00007f9feb78d3df
[  269.171362][T10937] RDX: 0000000000000036 RSI: 0000200000000080 RDI: 00000000000000c8
[  269.171372][T10937] RBP: 00007f9fec5ac090 R08: 0000000000000000 R09: 0000000000000000
[  269.171383][T10937] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  269.171393][T10937] R13: 0000000000000000 R14: 00007f9feb9b5fa0 R15: 00007ffe11f57818
[  269.171419][T10937]  </TASK>
[  269.244597][T10942] 9pnet: Unknown protocol version 9p2000.u
[  269.248213][T10934] netlink: zone id is out of range
[  269.329526][T10934] netlink: set zone limit has 4 unknown bytes
[  269.376596][T10950] openvswitch: netlink: EtherType 0 is less than min 600
[  269.673454][T10972] FAULT_INJECTION: forcing a failure.
[  269.673454][T10972] name failslab, interval 1, probability 0, space 0, times 0
[  269.679033][T10972] CPU: 3 UID: 0 PID: 10972 Comm: syz.5.1551 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  269.679055][T10972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.679067][T10972] Call Trace:
[  269.679074][T10972]  <TASK>
[  269.679081][T10972]  dump_stack_lvl+0x16c/0x1f0
[  269.679113][T10972]  should_fail_ex+0x512/0x640
[  269.679137][T10972]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  269.679164][T10972]  should_failslab+0xc2/0x120
[  269.679191][T10972]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  269.679214][T10972]  ? __alloc_skb+0x2b2/0x380
[  269.679240][T10972]  __alloc_skb+0x2b2/0x380
[  269.679264][T10972]  ? __pfx___alloc_skb+0x10/0x10
[  269.679286][T10972]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  269.679303][T10972]  ? rtnetlink_rcv_msg+0x880/0xe90
[  269.679335][T10972]  netlink_ack+0x15d/0xb80
[  269.679360][T10972]  netlink_rcv_skb+0x332/0x420
[  269.679378][T10972]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  269.679405][T10972]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  269.679432][T10972]  ? netlink_deliver_tap+0x1ae/0xd30
[  269.679461][T10972]  netlink_unicast+0x53a/0x7f0
[  269.679482][T10972]  ? __pfx_netlink_unicast+0x10/0x10
[  269.679507][T10972]  netlink_sendmsg+0x8d1/0xdd0
[  269.679531][T10972]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.679563][T10972]  ____sys_sendmsg+0xa95/0xc70
[  269.679584][T10972]  ? copy_msghdr_from_user+0x10a/0x160
[  269.679607][T10972]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.679636][T10972]  ___sys_sendmsg+0x134/0x1d0
[  269.679662][T10972]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.679683][T10972]  ? __lock_acquire+0x622/0x1c90
[  269.679731][T10972]  __sys_sendmsg+0x16d/0x220
[  269.679756][T10972]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.679794][T10972]  do_syscall_64+0xcd/0x4c0
[  269.679822][T10972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.679838][T10972] RIP: 0033:0x7f9feb78e929
[  269.679852][T10972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.679869][T10972] RSP: 002b:00007f9fec5ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.679887][T10972] RAX: ffffffffffffffda RBX: 00007f9feb9b5fa0 RCX: 00007f9feb78e929
[  269.679900][T10972] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  269.679912][T10972] RBP: 00007f9fec5ac090 R08: 0000000000000000 R09: 0000000000000000
[  269.679924][T10972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.679935][T10972] R13: 0000000000000000 R14: 00007f9feb9b5fa0 R15: 00007ffe11f57818
[  269.679959][T10972]  </TASK>
[  269.722927][ T5964] Bluetooth: unknown link type 108
[  269.781745][T10980] can0: slcan on ptm1.
[  269.792808][ T5964] Bluetooth: hci0: connection err: -111
[  269.795624][   T40] audit: type=1400 audit(1751890676.781:681): avc:  denied  { bind } for  pid=10979 comm="syz.5.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  269.805640][   T40] audit: type=1400 audit(1751890676.791:682): avc:  denied  { bind } for  pid=10979 comm="syz.5.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  269.807637][T10979] delete_channel: no stack
[  269.882993][T10979] can0 (unregistered): slcan off ptm1.
[  269.924196][   T40] audit: type=1400 audit(1751890676.911:683): avc:  denied  { mount } for  pid=10981 comm="syz.4.1556" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  270.945484][   T61] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[  271.102531][   T61] usb 11-1: Using ep0 maxpacket: 32
[  271.107398][   T61] usb 11-1: config 0 interface 0 has no altsetting 0
[  271.114855][   T61] usb 11-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  271.118551][   T61] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.121504][   T61] usb 11-1: Product: syz
[  271.123298][   T61] usb 11-1: Manufacturer: syz
[  271.125101][   T61] usb 11-1: SerialNumber: syz
[  271.132146][   T61] usb 11-1: config 0 descriptor??
[  271.146896][T11034] __nla_validate_parse: 13 callbacks suppressed
[  271.146912][T11034] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1571'.
[  271.150262][   T61] gs_usb 11-1:0.0: Required endpoints not found
[  271.170096][T11036] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1574'.
[  271.309646][T11041] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1576'.
[  271.418653][T11047] fuse: Bad value for 'fd'
[  271.422165][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  271.422175][   T40] audit: type=1326 audit(1751890678.401:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11046 comm="syz.4.1579" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b5db8e929 code=0x0
[  271.834864][   T40] audit: type=1400 audit(1751890678.821:686): avc:  denied  { read append } for  pid=11053 comm="syz.2.1582" name="usbmon5" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  271.844803][   T40] audit: type=1400 audit(1751890678.821:687): avc:  denied  { open } for  pid=11053 comm="syz.2.1582" path="/dev/usbmon5" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  271.853219][   T40] audit: type=1400 audit(1751890678.821:688): avc:  denied  { ioctl } for  pid=11053 comm="syz.2.1582" path="/dev/usbmon5" dev="devtmpfs" ino=753 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  271.863266][   T40] audit: type=1400 audit(1751890678.831:689): avc:  denied  { call } for  pid=11053 comm="syz.2.1582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  272.178051][T11074] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1584'.
[  272.181778][T11074] IPVS: Error joining to the multicast group
[  272.303072][T11085] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11085 comm=syz.4.1586
[  272.313292][T11085] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=11085 comm=syz.4.1586
[  272.343343][T11082] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1585'.
[  272.353537][T11082] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1585'.
[  272.362458][   T40] audit: type=1400 audit(1751890679.341:690): avc:  denied  { setattr } for  pid=11087 comm="syz.4.1587" path="/dev/ubi_ctrl" dev="devtmpfs" ino=718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  272.443697][ T5964] Bluetooth: hci1: command tx timeout
[  272.669012][T11099] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1588'.
[  273.281921][T11119] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1590'.
[  273.328849][T11125] NILFS (nullb0): couldn't find nilfs on the device
[  273.330275][T11128] fuse: Bad value for 'fd'
[  273.336652][   T40] audit: type=1326 audit(1751890680.321:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11126 comm="syz.4.1595" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b5db8e929 code=0x0
[  273.506965][   T61] usb 11-1: USB disconnect, device number 9
[  273.533149][T11133] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(4)
[  273.535249][T11133] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  273.538334][T11133] vhci_hcd vhci_hcd.0: Device attached
[  273.540914][T11134] usbip_core: unknown command
[  273.542585][T11134] vhci_hcd: unknown pdu 0
[  273.543992][T11134] usbip_core: unknown command
[  273.545662][  T219] vhci_hcd: stop threads
[  273.547441][  T219] vhci_hcd: release socket
[  273.548975][  T219] vhci_hcd: disconnect device
[  273.612440][   T24] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  273.774308][   T24] usb 10-1: config index 0 descriptor too short (expected 23569, got 27)
[  273.776951][   T24] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.780781][   T24] usb 10-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  273.783823][   T24] usb 10-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  273.786667][   T24] usb 10-1: Manufacturer: syz
[  273.792831][   T24] usb 10-1: config 0 descriptor??
[  273.852530][   T24] rc_core: IR keymap rc-hauppauge not found
[  273.854473][   T24] Registered IR keymap rc-empty
[  273.856922][   T24] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0
[  273.860949][   T24] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0/input13
[  274.051700][   T24] usb 10-1: USB disconnect, device number 3
[  274.512712][T11158] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1600'.
[  274.684181][T11164] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1604'.
[  274.688271][T11164] bridge_slave_1: left allmulticast mode
[  274.692862][T11164] bridge_slave_1: left promiscuous mode
[  274.695593][T11164] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.701846][T11164] bridge_slave_0: left allmulticast mode
[  274.705455][T11164] bridge_slave_0: left promiscuous mode
[  274.708020][T11164] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.112435][   T24] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  275.291935][   T24] usb 10-1: Using ep0 maxpacket: 32
[  275.296676][   T24] usb 10-1: config 0 interface 0 has no altsetting 0
[  275.305226][   T24] usb 10-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  275.309081][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.313719][   T24] usb 10-1: Product: syz
[  275.315575][   T24] usb 10-1: Manufacturer: syz
[  275.317615][   T24] usb 10-1: SerialNumber: syz
[  275.323544][   T24] usb 10-1: config 0 descriptor??
[  275.328764][   T24] gs_usb 10-1:0.0: Required endpoints not found
[  275.502505][ T6038] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  275.654396][ T6038] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  275.659944][ T6038] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  275.664593][ T6038] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.670220][ T6038] usb 7-1: config 0 descriptor??
[  275.675629][ T6038] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  275.812713][   T54] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[  275.873669][   T24] usb 11-1: new high-speed USB device number 10 using dummy_hcd
[  275.964421][   T54] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  275.967671][   T54] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  275.971981][   T54] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  275.976909][   T54] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  275.981418][   T54] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  275.987670][   T54] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  275.990806][   T54] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  275.995445][   T54] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  276.000169][   T54] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  276.004912][   T54] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  276.010069][   T54] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  276.013356][   T54] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  276.017741][   T54] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  276.022687][   T54] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  276.027259][   T54] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  276.032535][   T24] usb 11-1: Using ep0 maxpacket: 32
[  276.034407][   T54] usb 9-1: string descriptor 0 read error: -22
[  276.035705][   T24] usb 11-1: no configurations
[  276.037473][   T54] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  276.039423][   T24] usb 11-1: can't read configurations, error -22
[  276.043241][   T54] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.056317][   T54] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  276.172439][   T24] usb 11-1: new high-speed USB device number 11 using dummy_hcd
[  276.256482][ T6038] usb 9-1: USB disconnect, device number 6
[  276.332542][   T24] usb 11-1: Using ep0 maxpacket: 32
[  276.337989][   T24] usb 11-1: no configurations
[  276.340009][   T24] usb 11-1: can't read configurations, error -22
[  276.343020][   T24] usb usb11-port1: attempt power cycle
[  276.682508][   T24] usb 11-1: new high-speed USB device number 12 using dummy_hcd
[  276.703228][   T24] usb 11-1: Using ep0 maxpacket: 32
[  276.706092][   T24] usb 11-1: no configurations
[  276.708115][   T24] usb 11-1: can't read configurations, error -22
[  276.806865][T11190] capability: warning: `syz.4.1616' uses 32-bit capabilities (legacy support in use)
[  276.832488][   T24] usb 11-1: new high-speed USB device number 13 using dummy_hcd
[  276.863623][   T24] usb 11-1: Using ep0 maxpacket: 32
[  276.865836][   T24] usb 11-1: no configurations
[  276.867422][   T24] usb 11-1: can't read configurations, error -22
[  276.869736][   T24] usb usb11-port1: unable to enumerate USB device
[  276.879059][T11195] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  276.882204][T11195] syzkaller0: entered promiscuous mode
[  276.884094][T11195] syzkaller0: entered allmulticast mode
[  277.056884][   T40] audit: type=1326 audit(1751890684.041:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11198 comm="syz.4.1620" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b5db8e929 code=0x0
[  277.676302][   T24] usb 10-1: USB disconnect, device number 4
[  277.843440][T11206] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1621'.
[  277.944475][T11210] kvm: user requested TSC rate below hardware speed
[  278.151915][T11218] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  278.155960][T11218] syzkaller0: entered promiscuous mode
[  278.158130][T11218] syzkaller0: entered allmulticast mode
[  278.280686][    T9] usb 7-1: USB disconnect, device number 17
[  278.426184][T11220] loop6: detected capacity change from 0 to 2098
[  278.479056][   T40] audit: type=1326 audit(1751890685.461:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11224 comm="syz.6.1630" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f284c78e929 code=0x0
[  278.584620][T11231] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1632'.
[  278.659686][T11242] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  278.662040][T11245] 9pnet_virtio: no channels available for device syz
[  278.663295][T11242] syzkaller0: entered promiscuous mode
[  278.667166][T11242] syzkaller0: entered allmulticast mode
[  278.752474][    T9] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  278.902682][    T9] usb 7-1: Using ep0 maxpacket: 32
[  278.908709][    T9] usb 7-1: config 0 interface 0 has no altsetting 0
[  278.915849][    T9] usb 7-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  278.919635][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.923032][    T9] usb 7-1: Product: syz
[  278.924856][    T9] usb 7-1: Manufacturer: syz
[  278.926835][    T9] usb 7-1: SerialNumber: syz
[  278.931206][    T9] usb 7-1: config 0 descriptor??
[  278.935552][    T9] gs_usb 7-1:0.0: Required endpoints not found
[  279.222425][   T24] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  279.382716][   T24] usb 9-1: Using ep0 maxpacket: 32
[  279.385735][   T24] usb 9-1: no configurations
[  279.387658][   T24] usb 9-1: can't read configurations, error -22
[  279.511950][T11251] loop6: detected capacity change from 0 to 2098
[  279.524345][   T24] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  279.660799][T11260] loop7: detected capacity change from 0 to 524255232
[  279.683753][   T24] usb 9-1: Using ep0 maxpacket: 32
[  279.686944][   T24] usb 9-1: no configurations
[  279.689759][   T24] usb 9-1: can't read configurations, error -22
[  279.702938][   T24] usb usb9-port1: attempt power cycle
[  279.753949][T11264] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1640'.
[  279.817935][T11268] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1645'.
[  279.923568][T11270] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1646'.
[  280.052545][   T24] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  280.083221][   T24] usb 9-1: Using ep0 maxpacket: 32
[  280.085929][   T24] usb 9-1: no configurations
[  280.087863][   T24] usb 9-1: can't read configurations, error -22
[  280.222430][   T24] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  280.243230][   T24] usb 9-1: Using ep0 maxpacket: 32
[  280.245412][   T24] usb 9-1: no configurations
[  280.246886][   T24] usb 9-1: can't read configurations, error -22
[  280.249562][   T24] usb usb9-port1: unable to enumerate USB device
[  280.540107][   T40] audit: type=1400 audit(1751890687.521:694): avc:  denied  { ioctl } for  pid=11279 comm="syz.5.1650" path="socket:[33611]" dev="sockfs" ino=33611 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  280.590521][T11278] loop6: detected capacity change from 0 to 2098
[  280.739645][T11286] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  280.746855][T11286] syzkaller0: entered promiscuous mode
[  280.748620][T11286] syzkaller0: entered allmulticast mode
[  280.775521][   T40] audit: type=1400 audit(1751890687.761:695): avc:  denied  { bind } for  pid=11287 comm="syz.6.1653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  280.788982][T11288] kvm: user requested TSC rate below hardware speed
[  280.963480][T11296] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1655'.
[  280.978562][   T40] audit: type=1400 audit(1751890687.961:696): avc:  denied  { append } for  pid=11297 comm="syz.6.1656" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  281.162599][T11304] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1657'.
[  281.327580][   T61] usb 7-1: USB disconnect, device number 18
[  281.533131][   T40] audit: type=1400 audit(1751890688.521:697): avc:  denied  { ioctl } for  pid=11307 comm="syz.5.1659" path="socket:[35865]" dev="sockfs" ino=35865 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  281.685352][   T61] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  281.686661][T11316] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  281.692287][T11316] syzkaller0: entered promiscuous mode
[  281.694761][T11316] syzkaller0: entered allmulticast mode
[  281.845940][   T61] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  281.849763][   T61] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  281.853325][   T61] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  281.857466][   T61] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  281.861583][   T61] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  281.864811][   T61] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.873015][   T61] usb 7-1: config 0 descriptor??
[  281.940347][T11330] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1667'.
[  281.941934][   T40] audit: type=1400 audit(1751890688.921:698): avc:  denied  { map } for  pid=11322 comm="syz.5.1665" path="socket:[35887]" dev="sockfs" ino=35887 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  281.950852][   T40] audit: type=1400 audit(1751890688.921:699): avc:  denied  { read accept } for  pid=11322 comm="syz.5.1665" path="socket:[35887]" dev="sockfs" ino=35887 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  281.950924][T11323] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1665'.
[  281.961696][   T40] audit: type=1400 audit(1751890688.931:700): avc:  denied  { getopt } for  pid=11322 comm="syz.5.1665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  281.964551][T11323] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1665'.
[  282.151855][T11334] kvm: user requested TSC rate below hardware speed
[  282.222457][   T24] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  282.284103][   T61] usbhid 7-1:0.0: can't add hid device: -71
[  282.286795][   T61] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  282.292777][   T61] usb 7-1: USB disconnect, device number 19
[  282.392441][   T24] usb 9-1: Using ep0 maxpacket: 8
[  282.395998][   T24] usb 9-1: config index 0 descriptor too short (expected 5924, got 36)
[  282.398769][   T24] usb 9-1: config 250 has an invalid interface number: 228 but max is -1
[  282.401481][   T24] usb 9-1: config 250 has 1 interface, different from the descriptor's value: 0
[  282.404518][   T24] usb 9-1: config 250 has no interface number 0
[  282.406571][   T24] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  282.410332][   T24] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  282.413791][   T24] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  282.417091][   T24] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  282.420357][   T24] usb 9-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  282.424841][   T24] usb 9-1: config 250 interface 228 has no altsetting 0
[  282.428463][   T24] usb 9-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  282.431462][   T24] usb 9-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  282.434488][   T24] usb 9-1: Product: syz
[  282.436445][   T24] usb 9-1: SerialNumber: syz
[  282.445195][   T24] hub 9-1:250.228: bad descriptor, ignoring hub
[  282.447329][   T24] hub 9-1:250.228: probe with driver hub failed with error -5
[  282.497641][T11340] loop7: detected capacity change from 0 to 524255232
[  282.551366][T11339] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  282.556402][   T40] audit: type=1400 audit(1751890689.541:701): avc:  denied  { mount } for  pid=11336 comm="syz.5.1669" name="/" dev="configfs" ino=3136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  282.563525][   T40] audit: type=1400 audit(1751890689.541:702): avc:  denied  { search } for  pid=11336 comm="syz.5.1669" name="/" dev="configfs" ino=3136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  282.572796][   T40] audit: type=1400 audit(1751890689.541:703): avc:  denied  { search } for  pid=11336 comm="syz.5.1669" name="/" dev="configfs" ino=3136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  282.581923][   T40] audit: type=1400 audit(1751890689.541:704): avc:  denied  { read open } for  pid=11336 comm="syz.5.1669" path="/" dev="configfs" ino=3136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  282.591360][   T40] audit: type=1400 audit(1751890689.541:705): avc:  denied  { search } for  pid=11336 comm="syz.5.1669" name="/" dev="configfs" ino=3136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  282.600451][   T40] audit: type=1400 audit(1751890689.541:706): avc:  denied  { search } for  pid=11336 comm="syz.5.1669" name="/" dev="configfs" ino=3136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  282.610480][   T40] audit: type=1400 audit(1751890689.541:707): avc:  denied  { search } for  pid=11336 comm="syz.5.1669" name="/" dev="configfs" ino=3136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  282.646508][   T24] usblp 9-1:250.228: usblp0: USB Bidirectional printer dev 11 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  282.860968][T11349] kvm: user requested TSC rate below hardware speed
[  283.212413][ T6038] usb 11-1: new high-speed USB device number 14 using dummy_hcd
[  283.372443][ T6038] usb 11-1: Using ep0 maxpacket: 32
[  283.375950][ T6038] usb 11-1: no configurations
[  283.377850][ T6038] usb 11-1: can't read configurations, error -22
[  283.502893][ T6038] usb 11-1: new high-speed USB device number 15 using dummy_hcd
[  283.564557][T11325] usb 9-1: reset high-speed USB device number 11 using dummy_hcd
[  283.642490][ T5964] Bluetooth: hci2: command tx timeout
[  283.652683][ T6038] usb 11-1: Using ep0 maxpacket: 32
[  283.655528][ T6038] usb 11-1: no configurations
[  283.657070][ T6038] usb 11-1: can't read configurations, error -22
[  283.659364][ T6038] usb usb11-port1: attempt power cycle
[  283.941917][T11367] __nla_validate_parse: 1 callbacks suppressed
[  283.941931][T11367] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1678'.
[  284.002472][ T6038] usb 11-1: new high-speed USB device number 16 using dummy_hcd
[  284.023051][ T6038] usb 11-1: Using ep0 maxpacket: 32
[  284.025315][ T6038] usb 11-1: no configurations
[  284.026893][ T6038] usb 11-1: can't read configurations, error -22
[  284.153158][ T6038] usb 11-1: new high-speed USB device number 17 using dummy_hcd
[  284.172857][ T6038] usb 11-1: Using ep0 maxpacket: 32
[  284.174967][ T6038] usb 11-1: no configurations
[  284.176388][ T6038] usb 11-1: can't read configurations, error -22
[  284.179083][ T6038] usb usb11-port1: unable to enumerate USB device
[  284.242593][   T61] usb 9-1: USB disconnect, device number 11
[  284.246983][   T61] usblp0: removed
[  284.471821][T11372] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  284.477166][T11372] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[  284.489513][T11374] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1680'.
[  284.551801][T11377] kvm: pic: level sensitive irq not supported
[  284.812040][T11397] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1689'.
[  285.417096][T11409] 8021q: VLANs not supported on ipvlan0
[  285.517856][T11417] FAULT_INJECTION: forcing a failure.
[  285.517856][T11417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.521952][T11417] CPU: 2 UID: 0 PID: 11417 Comm: syz.2.1696 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  285.521966][T11417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.521973][T11417] Call Trace:
[  285.521978][T11417]  <TASK>
[  285.521982][T11417]  dump_stack_lvl+0x16c/0x1f0
[  285.522002][T11417]  should_fail_ex+0x512/0x640
[  285.522019][T11417]  _copy_from_user+0x2e/0xd0
[  285.522035][T11417]  copy_msghdr_from_user+0x98/0x160
[  285.522050][T11417]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  285.522066][T11417]  ? kfree+0x24f/0x4d0
[  285.522078][T11417]  ? __pfx__kstrtoull+0x10/0x10
[  285.522092][T11417]  ___sys_sendmsg+0xfe/0x1d0
[  285.522107][T11417]  ? __pfx____sys_sendmsg+0x10/0x10
[  285.522134][T11417]  ? __pfx___might_resched+0x10/0x10
[  285.522151][T11417]  __sys_sendmmsg+0x200/0x420
[  285.522167][T11417]  ? __pfx___sys_sendmmsg+0x10/0x10
[  285.522186][T11417]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  285.522208][T11417]  ? fput+0x70/0xf0
[  285.522218][T11417]  ? ksys_write+0x1ac/0x250
[  285.522236][T11417]  ? __pfx_ksys_write+0x10/0x10
[  285.522251][T11417]  __x64_sys_sendmmsg+0x9c/0x100
[  285.522265][T11417]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.522280][T11417]  do_syscall_64+0xcd/0x4c0
[  285.522295][T11417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.522307][T11417] RIP: 0033:0x7fcd64d8e929
[  285.522326][T11417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.522338][T11417] RSP: 002b:00007fcd65b5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  285.522348][T11417] RAX: ffffffffffffffda RBX: 00007fcd64fb5fa0 RCX: 00007fcd64d8e929
[  285.522355][T11417] RDX: 0000000000034000 RSI: 00002000000008c0 RDI: 0000000000000004
[  285.522361][T11417] RBP: 00007fcd65b5b090 R08: 0000000000000000 R09: 0000000000000000
[  285.522367][T11417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  285.522373][T11417] R13: 0000000000000000 R14: 00007fcd64fb5fa0 R15: 00007ffdc2ee1d28
[  285.522387][T11417]  </TASK>
[  285.661604][T11421] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1698'.
[  285.712447][   T10] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  285.802315][   T40] audit: type=1326 audit(1751890692.781:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11427 comm="syz.6.1700" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f284c78e929 code=0x0
[  285.862407][   T10] usb 9-1: Using ep0 maxpacket: 8
[  285.865938][   T10] usb 9-1: config index 0 descriptor too short (expected 5924, got 36)
[  285.868876][   T10] usb 9-1: config 250 has an invalid interface number: 228 but max is -1
[  285.871513][   T10] usb 9-1: config 250 has 1 interface, different from the descriptor's value: 0
[  285.874509][   T10] usb 9-1: config 250 has no interface number 0
[  285.876505][   T10] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  285.880022][   T10] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  285.883397][   T10] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  285.886572][   T10] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  285.889810][   T10] usb 9-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  285.894070][   T10] usb 9-1: config 250 interface 228 has no altsetting 0
[  285.897781][   T10] usb 9-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  285.900668][   T10] usb 9-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  285.903444][   T10] usb 9-1: Product: syz
[  285.904873][   T10] usb 9-1: SerialNumber: syz
[  285.910703][   T10] hub 9-1:250.228: bad descriptor, ignoring hub
[  285.912832][   T10] hub 9-1:250.228: probe with driver hub failed with error -5
[  286.112692][   T10] usblp 9-1:250.228: usblp0: USB Bidirectional printer dev 12 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  286.219836][   T40] audit: type=1400 audit(1751890693.201:709): avc:  denied  { read } for  pid=11430 comm="syz.5.1701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  286.718325][T11441] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.722993][T11441] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.738728][   T40] audit: type=1400 audit(1751890693.721:710): avc:  denied  { write } for  pid=11439 comm="syz.6.1704" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  286.962492][   T61] usb 11-1: new full-speed USB device number 18 using dummy_hcd
[  287.016128][T11415] usb 9-1: reset high-speed USB device number 12 using dummy_hcd
[  287.081797][T11444] kvm: user requested TSC rate below hardware speed
[  287.103408][   T61] usb 11-1: device descriptor read/64, error -71
[  287.224915][T11449] [U] 
[  287.313227][T11453] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1709'.
[  287.352565][   T61] usb 11-1: new full-speed USB device number 19 using dummy_hcd
[  287.361081][T11453] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1709'.
[  287.482511][   T61] usb 11-1: device descriptor read/64, error -71
[  287.592767][   T61] usb usb11-port1: attempt power cycle
[  287.692637][ T6000] usb 9-1: USB disconnect, device number 12
[  287.697730][ T6000] usblp0: removed
[  287.913405][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  287.913419][   T40] audit: type=1326 audit(1751890694.901:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11459 comm="syz.5.1711" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9feb78e929 code=0x0
[  287.936289][   T61] usb 11-1: new full-speed USB device number 20 using dummy_hcd
[  287.953441][   T61] usb 11-1: device descriptor read/8, error -71
[  288.179092][   T40] audit: type=1400 audit(1751890695.161:713): avc:  denied  { setattr } for  pid=11464 comm="syz.4.1713" name="vcs" dev="devtmpfs" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  288.188757][T11465] xt_hashlimit: size too large, truncated to 1048576
[  288.212472][   T61] usb 11-1: new full-speed USB device number 21 using dummy_hcd
[  288.233786][   T61] usb 11-1: device descriptor read/8, error -71
[  288.326504][T11469] geneve1: entered allmulticast mode
[  288.342723][   T61] usb usb11-port1: unable to enumerate USB device
[  288.356213][   T40] audit: type=1400 audit(1751890695.341:714): avc:  denied  { listen } for  pid=11470 comm="syz.4.1715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  288.370163][   T40] audit: type=1400 audit(1751890695.341:715): avc:  denied  { accept } for  pid=11470 comm="syz.4.1715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  288.406399][T11474] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1716'.
[  288.790035][T11481] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1719'.
[  288.838456][T11481] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1719'.
[  289.242221][T11487] openvswitch: netlink: Duplicate key (type 0).
[  289.300314][T11488] netlink: 'syz.4.1721': attribute type 160 has an invalid length.
[  289.406188][T11494] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1724'.
[  289.411076][T11494] afs: Unknown parameter 'dynile0/../file0'
[  289.462980][   T61] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  289.495435][T11500] FAULT_INJECTION: forcing a failure.
[  289.495435][T11500] name failslab, interval 1, probability 0, space 0, times 0
[  289.499661][T11500] CPU: 2 UID: 0 PID: 11500 Comm: syz.4.1726 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  289.499675][T11500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.499682][T11500] Call Trace:
[  289.499686][T11500]  <TASK>
[  289.499691][T11500]  dump_stack_lvl+0x16c/0x1f0
[  289.499709][T11500]  should_fail_ex+0x512/0x640
[  289.499724][T11500]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  289.499740][T11500]  should_failslab+0xc2/0x120
[  289.499757][T11500]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  289.499771][T11500]  ? __alloc_skb+0x2b2/0x380
[  289.499786][T11500]  ? __pfx_avc_has_perm+0x10/0x10
[  289.499798][T11500]  __alloc_skb+0x2b2/0x380
[  289.499811][T11500]  ? __pfx___alloc_skb+0x10/0x10
[  289.499823][T11500]  ? do_raw_spin_lock+0x12c/0x2b0
[  289.499836][T11500]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  289.499852][T11500]  sock_wmalloc+0xd4/0x120
[  289.499866][T11500]  pppoe_sendmsg+0x2c3/0x7b0
[  289.499878][T11500]  ? __pfx_pppoe_sendmsg+0x10/0x10
[  289.499887][T11500]  ? __might_fault+0x13b/0x190
[  289.499905][T11500]  ____sys_sendmsg+0xa95/0xc70
[  289.499939][T11500]  ? copy_msghdr_from_user+0x10a/0x160
[  289.499953][T11500]  ? __pfx_____sys_sendmsg+0x10/0x10
[  289.499966][T11500]  ? kfree+0x24f/0x4d0
[  289.499975][T11500]  ? __pfx__kstrtoull+0x10/0x10
[  289.499990][T11500]  ___sys_sendmsg+0x134/0x1d0
[  289.500006][T11500]  ? __pfx____sys_sendmsg+0x10/0x10
[  289.500033][T11500]  ? __pfx___might_resched+0x10/0x10
[  289.500050][T11500]  __sys_sendmmsg+0x200/0x420
[  289.500066][T11500]  ? __pfx___sys_sendmmsg+0x10/0x10
[  289.500086][T11500]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  289.500111][T11500]  ? fput+0x70/0xf0
[  289.500124][T11500]  ? ksys_write+0x1ac/0x250
[  289.500145][T11500]  ? __pfx_ksys_write+0x10/0x10
[  289.500172][T11500]  __x64_sys_sendmmsg+0x9c/0x100
[  289.500196][T11500]  ? lockdep_hardirqs_on+0x7c/0x110
[  289.500218][T11500]  do_syscall_64+0xcd/0x4c0
[  289.500235][T11500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.500246][T11500] RIP: 0033:0x7f9b5db8e929
[  289.500255][T11500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.500266][T11500] RSP: 002b:00007f9b5e970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  289.500276][T11500] RAX: ffffffffffffffda RBX: 00007f9b5ddb5fa0 RCX: 00007f9b5db8e929
[  289.500283][T11500] RDX: 0000000000034000 RSI: 00002000000008c0 RDI: 0000000000000004
[  289.500289][T11500] RBP: 00007f9b5e970090 R08: 0000000000000000 R09: 0000000000000000
[  289.500295][T11500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  289.500301][T11500] R13: 0000000000000000 R14: 00007f9b5ddb5fa0 R15: 00007ffec58d5f38
[  289.500315][T11500]  </TASK>
[  289.575961][   T40] audit: type=1400 audit(1751890696.561:716): avc:  denied  { read } for  pid=11503 comm="syz.5.1728" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  289.632511][T11508] kvm: user requested TSC rate below hardware speed
[  289.632576][   T61] usb 7-1: Using ep0 maxpacket: 32
[  289.638799][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  289.643208][   T61] usb 7-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  289.647132][   T61] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.649835][   T61] usb 7-1: Product: syz
[  289.651238][   T61] usb 7-1: Manufacturer: syz
[  289.652809][   T61] usb 7-1: SerialNumber: syz
[  289.658490][   T61] usb 7-1: config 0 descriptor??
[  289.662923][   T61] gs_usb 7-1:0.0: Required endpoints not found
[  289.789070][   T40] audit: type=1400 audit(1751890696.771:717): avc:  denied  { read } for  pid=5350 comm="acpid" name="event4" dev="devtmpfs" ino=3098 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  289.789374][T11518] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11518 comm=syz.6.1734
[  289.796147][   T40] audit: type=1400 audit(1751890696.771:718): avc:  denied  { open } for  pid=5350 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3098 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  289.806885][   T40] audit: type=1400 audit(1751890696.771:719): avc:  denied  { ioctl } for  pid=5350 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3098 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  289.849471][   T40] audit: type=1400 audit(1751890696.831:720): avc:  denied  { map } for  pid=11521 comm="syz.4.1736" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  289.859992][   T40] audit: type=1400 audit(1751890696.831:721): avc:  denied  { execute } for  pid=11521 comm="syz.4.1736" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  290.625895][T11539] FAULT_INJECTION: forcing a failure.
[  290.625895][T11539] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  290.631118][T11539] CPU: 3 UID: 0 PID: 11539 Comm: syz.5.1741 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  290.631132][T11539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  290.631139][T11539] Call Trace:
[  290.631142][T11539]  <TASK>
[  290.631146][T11539]  dump_stack_lvl+0x16c/0x1f0
[  290.631165][T11539]  should_fail_ex+0x512/0x640
[  290.631182][T11539]  _copy_to_user+0x32/0xd0
[  290.631199][T11539]  simple_read_from_buffer+0xcb/0x170
[  290.631215][T11539]  proc_fail_nth_read+0x197/0x270
[  290.631229][T11539]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  290.631244][T11539]  ? rw_verify_area+0xcf/0x680
[  290.631256][T11539]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  290.631269][T11539]  vfs_read+0x1e1/0xc60
[  290.631283][T11539]  ? __pfx___mutex_lock+0x10/0x10
[  290.631299][T11539]  ? __pfx_vfs_read+0x10/0x10
[  290.631316][T11539]  ? __fget_files+0x20e/0x3c0
[  290.631335][T11539]  ksys_read+0x12a/0x250
[  290.631348][T11539]  ? __pfx_ksys_read+0x10/0x10
[  290.631365][T11539]  do_syscall_64+0xcd/0x4c0
[  290.631382][T11539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.631393][T11539] RIP: 0033:0x7f9feb78d33c
[  290.631406][T11539] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  290.631417][T11539] RSP: 002b:00007f9fec5ac030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  290.631427][T11539] RAX: ffffffffffffffda RBX: 00007f9feb9b5fa0 RCX: 00007f9feb78d33c
[  290.631434][T11539] RDX: 000000000000000f RSI: 00007f9fec5ac0a0 RDI: 000000000000000a
[  290.631441][T11539] RBP: 00007f9fec5ac090 R08: 0000000000000000 R09: 0000000000000000
[  290.631447][T11539] R10: 00000000000000c2 R11: 0000000000000246 R12: 0000000000000001
[  290.631453][T11539] R13: 0000000000000000 R14: 00007f9feb9b5fa0 R15: 00007ffe11f57818
[  290.631467][T11539]  </TASK>
[  290.817190][T11552] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1747'.
[  290.821004][T11552] tipc: Invalid UDP bearer configuration
[  290.821050][T11552] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  290.840795][T11553] FAULT_INJECTION: forcing a failure.
[  290.840795][T11553] name failslab, interval 1, probability 0, space 0, times 0
[  290.847152][T11553] CPU: 1 UID: 0 PID: 11553 Comm: syz.6.1746 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  290.847177][T11553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  290.847188][T11553] Call Trace:
[  290.847194][T11553]  <TASK>
[  290.847200][T11553]  dump_stack_lvl+0x16c/0x1f0
[  290.847247][T11553]  should_fail_ex+0x512/0x640
[  290.847275][T11553]  ? fs_reclaim_acquire+0xae/0x150
[  290.847295][T11553]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  290.847319][T11553]  should_failslab+0xc2/0x120
[  290.847345][T11553]  __kmalloc_noprof+0xd2/0x510
[  290.847365][T11553]  ? stack_depot_save_flags+0x28/0xa40
[  290.847395][T11553]  tomoyo_realpath_from_path+0xc2/0x6e0
[  290.847422][T11553]  ? tomoyo_profile+0x47/0x60
[  290.847452][T11553]  tomoyo_path_perm+0x274/0x460
[  290.847471][T11553]  ? tomoyo_path_perm+0x260/0x460
[  290.847493][T11553]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  290.847547][T11553]  ? do_raw_spin_lock+0x12c/0x2b0
[  290.847568][T11553]  ? find_held_lock+0x2b/0x80
[  290.847593][T11553]  security_inode_getattr+0x116/0x290
[  290.847617][T11553]  vfs_getattr+0x25/0x60
[  290.847644][T11553]  ovl_cache_update+0x79c/0xa50
[  290.847675][T11553]  ? __pfx_ovl_cache_update+0x10/0x10
[  290.847700][T11553]  ? fput+0xcf/0xf0
[  290.847742][T11553]  ovl_iterate+0x406/0xe40
[  290.847773][T11553]  ? __pfx_ovl_iterate+0x10/0x10
[  290.847797][T11553]  wrap_directory_iterator+0xa2/0xe0
[  290.847820][T11553]  iterate_dir+0x293/0xb40
[  290.847844][T11553]  __x64_sys_getdents+0x13c/0x2b0
[  290.847865][T11553]  ? __pfx___x64_sys_getdents+0x10/0x10
[  290.847884][T11553]  ? fput+0x70/0xf0
[  290.847922][T11553]  ? __pfx_filldir+0x10/0x10
[  290.847953][T11553]  do_syscall_64+0xcd/0x4c0
[  290.847980][T11553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.847998][T11553] RIP: 0033:0x7f284c78e929
[  290.848012][T11553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.848028][T11553] RSP: 002b:00007f284d5c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  290.848046][T11553] RAX: ffffffffffffffda RBX: 00007f284c9b5fa0 RCX: 00007f284c78e929
[  290.848057][T11553] RDX: 00000000000000b8 RSI: 0000200000001fc0 RDI: 0000000000000003
[  290.848068][T11553] RBP: 00007f284d5c3090 R08: 0000000000000000 R09: 0000000000000000
[  290.848079][T11553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  290.848089][T11553] R13: 0000000000000000 R14: 00007f284c9b5fa0 R15: 00007ffd9d59e5a8
[  290.848114][T11553]  </TASK>
[  290.848121][T11553] ERROR: Out of memory at tomoyo_realpath_from_path.
[  290.995304][T11558] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1749'.
[  291.047289][T11562] netlink: 209852 bytes leftover after parsing attributes in process `syz.6.1749'.
[  291.050245][T11562] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  291.061659][T11566] loop7: detected capacity change from 0 to 524255232
[  291.309505][T11586] xt_CT: You must specify a L4 protocol and not use inversions on it
[  291.473637][T11593] loop6: detected capacity change from 0 to 2098
[  291.662716][   T10] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  291.789976][T11606] netlink: 'syz.5.1765': attribute type 21 has an invalid length.
[  291.793971][T11606] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1765'.
[  291.833656][   T10] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  291.837165][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  291.840611][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  291.846145][   T10] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  291.850088][   T10] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  291.853420][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.863097][   T10] usb 9-1: config 0 descriptor??
[  291.865244][T11595] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  291.922100][T11612] IPv6: NLM_F_CREATE should be specified when creating new route
[  291.925067][T11612] IPv6: NLM_F_REPLACE set, but no existing node found!
[  292.033701][ T6000] usb 7-1: USB disconnect, device number 20
[  292.119067][T11625] Bluetooth: hci0: load_link_keys: too big key_count value 28530
[  292.189823][T11630] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1776'.
[  292.271217][   T10] plantronics 0003:047F:FFFF.0006: reserved main item tag 0xd
[  292.282096][   T10] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  292.547274][ T6038] usb 9-1: USB disconnect, device number 13
[  292.610457][T11645] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  292.744926][T11648] syzkaller0: entered promiscuous mode
[  292.747296][T11648] syzkaller0: entered allmulticast mode
[  292.976705][T11656] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1785'.
[  293.170785][T11658] loop6: detected capacity change from 0 to 2098
[  293.178476][T11662] pim6reg: entered allmulticast mode
[  293.182141][T11662] pim6reg: left allmulticast mode
[  293.310730][T11675] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1794'.
[  293.317883][T11672] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1793'.
[  293.327744][T11672] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  293.331586][T11672] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  293.335993][T11672] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  293.339513][T11672] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  293.347118][T11672] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1793'.
[  293.347215][T11673] syzkaller0: entered promiscuous mode
[  293.353297][T11673] syzkaller0: entered allmulticast mode
[  293.519312][T11689] netlink: 'syz.5.1800': attribute type 21 has an invalid length.
[  293.695866][T11691] loop6: detected capacity change from 0 to 2098
[  293.899358][T11704] FAULT_INJECTION: forcing a failure.
[  293.899358][T11704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.903553][T11704] CPU: 0 UID: 0 PID: 11704 Comm: syz.6.1805 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  293.903568][T11704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  293.903575][T11704] Call Trace:
[  293.903579][T11704]  <TASK>
[  293.903583][T11704]  dump_stack_lvl+0x16c/0x1f0
[  293.903602][T11704]  should_fail_ex+0x512/0x640
[  293.903619][T11704]  _copy_from_user+0x2e/0xd0
[  293.903634][T11704]  copy_msghdr_from_user+0x98/0x160
[  293.903650][T11704]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  293.903671][T11704]  ___sys_sendmsg+0xfe/0x1d0
[  293.903686][T11704]  ? __pfx____sys_sendmsg+0x10/0x10
[  293.903699][T11704]  ? __lock_acquire+0x622/0x1c90
[  293.903727][T11704]  __sys_sendmsg+0x16d/0x220
[  293.903741][T11704]  ? __pfx___sys_sendmsg+0x10/0x10
[  293.903765][T11704]  do_syscall_64+0xcd/0x4c0
[  293.903781][T11704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.903792][T11704] RIP: 0033:0x7f284c78e929
[  293.903801][T11704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.903812][T11704] RSP: 002b:00007f284d5c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  293.903822][T11704] RAX: ffffffffffffffda RBX: 00007f284c9b5fa0 RCX: 00007f284c78e929
[  293.903829][T11704] RDX: 0000000004040800 RSI: 0000200000000040 RDI: 0000000000000008
[  293.903835][T11704] RBP: 00007f284d5c3090 R08: 0000000000000000 R09: 0000000000000000
[  293.903841][T11704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.903847][T11704] R13: 0000000000000000 R14: 00007f284c9b5fa0 R15: 00007ffd9d59e5a8
[  293.903860][T11704]  </TASK>
[  294.042379][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  294.042398][   T40] audit: type=1326 audit(1751890701.021:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11698 comm="syz.4.1803" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b5db8e929 code=0x0
[  294.128610][   T40] audit: type=1400 audit(1751890701.111:727): avc:  denied  { mount } for  pid=11711 comm="syz.2.1808" name="/" dev="hugetlbfs" ino=37515 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  294.186678][   T40] audit: type=1400 audit(1751890701.171:728): avc:  denied  { unmount } for  pid=5962 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  294.216732][T11715] binder: 11714:11715 ioctl 7a0 0 returned -22
[  294.606715][T11724] loop6: detected capacity change from 0 to 2098
[  294.626336][T11733] dlm: non-version read from control device 0
[  294.630233][T11733] dlm: non-version read from control device 213
[  294.697646][T11737] __nla_validate_parse: 3 callbacks suppressed
[  294.697656][T11737] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1818'.
[  294.718183][T11742] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1819'.
[  294.743438][T11744] Bluetooth: hci0: load_link_keys: too big key_count value 28530
[  294.756228][T11746] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1818'.
[  295.150229][   T40] audit: type=1326 audit(1751890702.131:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11757 comm="syz.4.1827" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b5db8e929 code=0x0
[  295.166437][T11763] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  295.170650][T11763] SELinux: failed to load policy
[  295.171255][   T40] audit: type=1400 audit(1751890702.151:730): avc:  denied  { load_policy } for  pid=11762 comm="syz.5.1828" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  295.343828][T11766] loop6: detected capacity change from 0 to 2098
[  295.372505][T11772] FAULT_INJECTION: forcing a failure.
[  295.372505][T11772] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.376675][T11772] CPU: 1 UID: 0 PID: 11772 Comm: syz.6.1831 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  295.376690][T11772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.376697][T11772] Call Trace:
[  295.376702][T11772]  <TASK>
[  295.376706][T11772]  dump_stack_lvl+0x16c/0x1f0
[  295.376725][T11772]  should_fail_ex+0x512/0x640
[  295.376742][T11772]  _copy_from_user+0x2e/0xd0
[  295.376758][T11772]  copy_msghdr_from_user+0x98/0x160
[  295.376774][T11772]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  295.376791][T11772]  ? kfree+0x24f/0x4d0
[  295.376802][T11772]  ? __pfx__kstrtoull+0x10/0x10
[  295.376816][T11772]  ___sys_sendmsg+0xfe/0x1d0
[  295.376830][T11772]  ? __pfx____sys_sendmsg+0x10/0x10
[  295.376857][T11772]  ? __pfx___might_resched+0x10/0x10
[  295.376876][T11772]  __sys_sendmmsg+0x200/0x420
[  295.376892][T11772]  ? __pfx___sys_sendmmsg+0x10/0x10
[  295.376911][T11772]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  295.376932][T11772]  ? fput+0x70/0xf0
[  295.376941][T11772]  ? ksys_write+0x1ac/0x250
[  295.376954][T11772]  ? __pfx_ksys_write+0x10/0x10
[  295.376970][T11772]  __x64_sys_sendmmsg+0x9c/0x100
[  295.376984][T11772]  ? lockdep_hardirqs_on+0x7c/0x110
[  295.376998][T11772]  do_syscall_64+0xcd/0x4c0
[  295.377014][T11772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.377026][T11772] RIP: 0033:0x7f284c78e929
[  295.377035][T11772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.377047][T11772] RSP: 002b:00007f284d5c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  295.377058][T11772] RAX: ffffffffffffffda RBX: 00007f284c9b5fa0 RCX: 00007f284c78e929
[  295.377064][T11772] RDX: 0000000000034000 RSI: 00002000000008c0 RDI: 0000000000000003
[  295.377078][T11772] RBP: 00007f284d5c3090 R08: 0000000000000000 R09: 0000000000000000
[  295.377088][T11772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  295.377097][T11772] R13: 0000000000000000 R14: 00007f284c9b5fa0 R15: 00007ffd9d59e5a8
[  295.377119][T11772]  </TASK>
[  295.624997][T11791] FAULT_INJECTION: forcing a failure.
[  295.624997][T11791] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.630408][T11791] CPU: 1 UID: 0 PID: 11791 Comm: syz.5.1839 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  295.630444][T11791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.630455][T11791] Call Trace:
[  295.630462][T11791]  <TASK>
[  295.630469][T11791]  dump_stack_lvl+0x16c/0x1f0
[  295.630497][T11791]  should_fail_ex+0x512/0x640
[  295.630524][T11791]  _copy_from_user+0x2e/0xd0
[  295.630550][T11791]  copy_msghdr_from_user+0x98/0x160
[  295.630575][T11791]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  295.630602][T11791]  ? kfree+0x24f/0x4d0
[  295.630620][T11791]  ? __pfx__kstrtoull+0x10/0x10
[  295.630643][T11791]  ___sys_sendmsg+0xfe/0x1d0
[  295.630667][T11791]  ? __pfx____sys_sendmsg+0x10/0x10
[  295.630714][T11791]  ? __pfx___might_resched+0x10/0x10
[  295.630743][T11791]  __sys_sendmmsg+0x200/0x420
[  295.630769][T11791]  ? __pfx___sys_sendmmsg+0x10/0x10
[  295.630801][T11791]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  295.630837][T11791]  ? fput+0x70/0xf0
[  295.630852][T11791]  ? ksys_write+0x1ac/0x250
[  295.630873][T11791]  ? __pfx_ksys_write+0x10/0x10
[  295.630900][T11791]  __x64_sys_sendmmsg+0x9c/0x100
[  295.630922][T11791]  ? lockdep_hardirqs_on+0x7c/0x110
[  295.630945][T11791]  do_syscall_64+0xcd/0x4c0
[  295.630972][T11791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.630989][T11791] RIP: 0033:0x7f9feb78e929
[  295.631003][T11791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.631019][T11791] RSP: 002b:00007f9fec5ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  295.631036][T11791] RAX: ffffffffffffffda RBX: 00007f9feb9b5fa0 RCX: 00007f9feb78e929
[  295.631048][T11791] RDX: 0000000000034000 RSI: 00002000000008c0 RDI: 0000000000000004
[  295.631059][T11791] RBP: 00007f9fec5ac090 R08: 0000000000000000 R09: 0000000000000000
[  295.631074][T11791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  295.631085][T11791] R13: 0000000000000000 R14: 00007f9feb9b5fa0 R15: 00007ffe11f57818
[  295.631109][T11791]  </TASK>
[  295.660821][T11785] netlink: 'syz.6.1838': attribute type 2 has an invalid length.
[  295.704992][T11785] netlink: 46 bytes leftover after parsing attributes in process `syz.6.1838'.
[  295.710003][T11785] overlayfs: conflicting lowerdir path
[  295.733028][T11799] ref_ctr increment failed for inode: 0x934 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88801b87da00
[  295.733683][   T40] audit: type=1804 audit(1751890702.711:731): pid=11799 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1842" name="/newroot/416/file0" dev="tmpfs" ino=2356 res=1 errno=0
[  295.739453][T11798] uprobe: syz.2.1842:11798 failed to unregister, leaking uprobe
[  295.852697][T11811] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1847'.
[  296.072707][T11824] block nbd5: shutting down sockets
[  296.074755][   T40] audit: type=1400 audit(1751890703.061:732): avc:  denied  { read write } for  pid=11828 comm="syz.4.1854" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  296.076387][T11824] block nbd5: NBD_DISCONNECT
[  296.083836][T11824] block nbd5: Send disconnect failed -32
[  296.089173][T11824] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1852'.
[  296.094619][   T40] audit: type=1400 audit(1751890703.061:733): avc:  denied  { open } for  pid=11828 comm="syz.4.1854" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  296.097704][T11831] FAULT_INJECTION: forcing a failure.
[  296.097704][T11831] name failslab, interval 1, probability 0, space 0, times 0
[  296.106421][T11831] CPU: 0 UID: 0 PID: 11831 Comm: syz.6.1855 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  296.106436][T11831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  296.106443][T11831] Call Trace:
[  296.106447][T11831]  <TASK>
[  296.106451][T11831]  dump_stack_lvl+0x16c/0x1f0
[  296.106484][T11831]  should_fail_ex+0x512/0x640
[  296.106503][T11831]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  296.106520][T11831]  should_failslab+0xc2/0x120
[  296.106536][T11831]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  296.106550][T11831]  ? __alloc_skb+0x2b2/0x380
[  296.106567][T11831]  __alloc_skb+0x2b2/0x380
[  296.106580][T11831]  ? __pfx___alloc_skb+0x10/0x10
[  296.106595][T11831]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  296.106616][T11831]  netlink_alloc_large_skb+0x69/0x130
[  296.106627][T11831]  netlink_sendmsg+0x6a1/0xdd0
[  296.106639][T11831]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.106654][T11831]  ____sys_sendmsg+0xa95/0xc70
[  296.106666][T11831]  ? copy_msghdr_from_user+0x10a/0x160
[  296.106680][T11831]  ? __pfx_____sys_sendmsg+0x10/0x10
[  296.106697][T11831]  ___sys_sendmsg+0x134/0x1d0
[  296.106711][T11831]  ? __pfx____sys_sendmsg+0x10/0x10
[  296.106724][T11831]  ? __lock_acquire+0x622/0x1c90
[  296.106752][T11831]  __sys_sendmsg+0x16d/0x220
[  296.106767][T11831]  ? __pfx___sys_sendmsg+0x10/0x10
[  296.106790][T11831]  do_syscall_64+0xcd/0x4c0
[  296.106807][T11831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.106817][T11831] RIP: 0033:0x7f284c78e929
[  296.106827][T11831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.106837][T11831] RSP: 002b:00007f284d5c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.106847][T11831] RAX: ffffffffffffffda RBX: 00007f284c9b5fa0 RCX: 00007f284c78e929
[  296.106854][T11831] RDX: 0000000004040800 RSI: 0000200000000040 RDI: 0000000000000008
[  296.106860][T11831] RBP: 00007f284d5c3090 R08: 0000000000000000 R09: 0000000000000000
[  296.106866][T11831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.106872][T11831] R13: 0000000000000000 R14: 00007f284c9b5fa0 R15: 00007ffd9d59e5a8
[  296.106885][T11831]  </TASK>
[  296.204914][T11834] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1857'.
[  296.214008][T11836] usb usb8: usbfs: process 11836 (syz.6.1856) did not claim interface 0 before use
[  296.296601][T11840] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1859'.
[  296.305798][T11840] kvm: user requested TSC rate below hardware speed
[  296.451550][T11851] syzkaller0: entered promiscuous mode
[  296.453835][T11851] syzkaller0: entered allmulticast mode
[  296.575629][   T40] audit: type=1400 audit(1751890703.561:734): avc:  denied  { name_bind } for  pid=11858 comm="syz.4.1866" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  296.582430][   T40] audit: type=1400 audit(1751890703.561:735): avc:  denied  { block_suspend } for  pid=11858 comm="syz.4.1866" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  296.717740][T11861] binder: BINDER_SET_CONTEXT_MGR bad uid 60928 != 0
[  296.720138][T11861] binder: 11860:11861 ioctl 4018620d 200000000980 returned -1
[  297.711963][T11901] FAULT_INJECTION: forcing a failure.
[  297.711963][T11901] name failslab, interval 1, probability 0, space 0, times 0
[  297.717692][T11901] CPU: 2 UID: 0 PID: 11901 Comm: syz.6.1884 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  297.717715][T11901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  297.717726][T11901] Call Trace:
[  297.717732][T11901]  <TASK>
[  297.717739][T11901]  dump_stack_lvl+0x16c/0x1f0
[  297.717768][T11901]  should_fail_ex+0x512/0x640
[  297.717790][T11901]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  297.717817][T11901]  should_failslab+0xc2/0x120
[  297.717843][T11901]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  297.717865][T11901]  ? __alloc_skb+0x2b2/0x380
[  297.717888][T11901]  ? __pfx_avc_has_perm+0x10/0x10
[  297.717908][T11901]  __alloc_skb+0x2b2/0x380
[  297.717929][T11901]  ? __pfx___alloc_skb+0x10/0x10
[  297.717949][T11901]  ? do_raw_spin_lock+0x12c/0x2b0
[  297.717969][T11901]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  297.717997][T11901]  sock_wmalloc+0xd4/0x120
[  297.718019][T11901]  pppoe_sendmsg+0x2c3/0x7b0
[  297.718039][T11901]  ? __pfx_pppoe_sendmsg+0x10/0x10
[  297.718054][T11901]  ? __might_fault+0x13b/0x190
[  297.718083][T11901]  ____sys_sendmsg+0xa95/0xc70
[  297.718101][T11901]  ? copy_msghdr_from_user+0x10a/0x160
[  297.718130][T11901]  ? __pfx_____sys_sendmsg+0x10/0x10
[  297.718151][T11901]  ? kfree+0x24f/0x4d0
[  297.718167][T11901]  ? __pfx__kstrtoull+0x10/0x10
[  297.718191][T11901]  ___sys_sendmsg+0x134/0x1d0
[  297.718215][T11901]  ? __pfx____sys_sendmsg+0x10/0x10
[  297.718263][T11901]  ? __pfx___might_resched+0x10/0x10
[  297.718293][T11901]  __sys_sendmmsg+0x200/0x420
[  297.718320][T11901]  ? __pfx___sys_sendmmsg+0x10/0x10
[  297.718352][T11901]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  297.718388][T11901]  ? fput+0x70/0xf0
[  297.718404][T11901]  ? ksys_write+0x1ac/0x250
[  297.718426][T11901]  ? __pfx_ksys_write+0x10/0x10
[  297.718452][T11901]  __x64_sys_sendmmsg+0x9c/0x100
[  297.718475][T11901]  ? lockdep_hardirqs_on+0x7c/0x110
[  297.718497][T11901]  do_syscall_64+0xcd/0x4c0
[  297.718524][T11901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.718541][T11901] RIP: 0033:0x7f284c78e929
[  297.718555][T11901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.718572][T11901] RSP: 002b:00007f284d5c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  297.718589][T11901] RAX: ffffffffffffffda RBX: 00007f284c9b5fa0 RCX: 00007f284c78e929
[  297.718600][T11901] RDX: 0000000000034000 RSI: 00002000000008c0 RDI: 0000000000000003
[  297.718610][T11901] RBP: 00007f284d5c3090 R08: 0000000000000000 R09: 0000000000000000
[  297.718620][T11901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  297.718630][T11901] R13: 0000000000000000 R14: 00007f284c9b5fa0 R15: 00007ffd9d59e5a8
[  297.718654][T11901]  </TASK>
[  297.880340][T11909] tipc: Started in network mode
[  297.882774][T11909] tipc: Node identity 3add85752c66, cluster identity 4711
[  297.885419][T11909] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  297.889377][T11909] tipc: Resetting bearer <eth:syzkaller0>
[  297.897439][T11908] tipc: Disabling bearer <eth:syzkaller0>
[  297.902440][ T6000] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  298.036778][T11917] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  298.052547][ T6000] usb 10-1: device descriptor read/64, error -71
[  298.060479][T11922] netlink: 196 bytes leftover after parsing attributes in process `syz.4.1889'.
[  298.064258][T11922] netlink: 196 bytes leftover after parsing attributes in process `syz.4.1889'.
[  298.185735][T11936] cgroup: Need name or subsystem set
[  298.293108][ T6000] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  298.433321][ T6000] usb 10-1: device descriptor read/64, error -71
[  298.437653][T11962] kvm: user requested TSC rate below hardware speed
[  298.552685][ T6000] usb usb10-port1: attempt power cycle
[  298.602151][T11976] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  298.902626][ T6000] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  298.924803][ T6000] usb 10-1: device descriptor read/8, error -71
[  299.159074][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  299.159085][   T40] audit: type=1400 audit(1751890706.141:744): avc:  denied  { write } for  pid=11989 comm="syz.6.1916" lport=54044 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  299.172486][ T6000] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  299.192906][ T6000] usb 10-1: device descriptor read/8, error -71
[  299.312821][ T6000] usb usb10-port1: unable to enumerate USB device
[  299.846340][T12000] ------------[ cut here ]------------
[  299.848863][T12000] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/pcl812.c:1152:10
[  299.854340][T12000] shift exponent 67108869 is too large for 32-bit type 'int'
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  299.859013][T12000] CPU: 3 UID: 0 PID: 12000 Comm: syz.2.1919 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  299.859039][T12000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  299.859051][T12000] Call Trace:
[  299.859058][T12000]  <TASK>
[  299.859067][T12000]  dump_stack_lvl+0x16c/0x1f0
[  299.859119][T12000]  __ubsan_handle_shift_out_of_bounds+0x27f/0x420
[  299.859171][T12000]  pcl812_attach.cold+0x1a/0x1f
[  299.859202][T12000]  comedi_device_attach+0x3b3/0x900
[  299.859235][T12000]  do_devconfig_ioctl+0x1a7/0x580
[  299.859271][T12000]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  299.859315][T12000]  ? find_held_lock+0x2b/0x80
[  299.859347][T12000]  comedi_unlocked_ioctl+0x15bb/0x2e90
[  299.859375][T12000]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  299.859398][T12000]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  299.859419][T12000]  ? do_vfs_ioctl+0x523/0x1a60
[  299.859442][T12000]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  299.859470][T12000]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  299.859497][T12000]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  299.859524][T12000]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  299.859558][T12000]  ? hook_file_ioctl_common+0x145/0x410
[  299.859595][T12000]  ? selinux_file_ioctl+0x180/0x270
[  299.859619][T12000]  ? selinux_file_ioctl+0xb4/0x270
[  299.859645][T12000]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  299.859668][T12000]  __x64_sys_ioctl+0x18e/0x210
[  299.859691][T12000]  do_syscall_64+0xcd/0x4c0
[  299.859719][T12000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.859738][T12000] RIP: 0033:0x7fcd64d8e929
[  299.859753][T12000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.859771][T12000] RSP: 002b:00007fcd65b5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  299.859788][T12000] RAX: ffffffffffffffda RBX: 00007fcd64fb5fa0 RCX: 00007fcd64d8e929
[  299.859801][T12000] RDX: 0000200000000080 RSI: 0000000040946400 RDI: 0000000000000004
[  299.859837][T12000] RBP: 00007fcd64e10b39 R08: 0000000000000000 R09: 0000000000000000
[  299.859849][T12000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  299.859862][T12000] R13: 0000000000000000 R14: 00007fcd64fb5fa0 R15: 00007ffdc2ee1d28
[  299.859889][T12000]  </TASK>
[  299.859897][T12000] ---[ end trace ]---
[  299.958157][T12000] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  299.961185][T12000] CPU: 3 UID: 0 PID: 12000 Comm: syz.2.1919 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) 
[  299.965539][T12000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  299.970011][T12000] Call Trace:
[  299.971434][T12000]  <TASK>
[  299.972689][T12000]  dump_stack_lvl+0x3d/0x1f0
[  299.974601][T12000]  panic+0x71c/0x800
[  299.976255][T12000]  ? __pfx_panic+0x10/0x10
[  299.978172][T12000]  ? __pfx__printk+0x10/0x10
[  299.980168][T12000]  check_panic_on_warn+0xab/0xb0
[  299.982187][T12000]  __ubsan_handle_shift_out_of_bounds+0x2a6/0x420
[  299.984791][T12000]  pcl812_attach.cold+0x1a/0x1f
[  299.986839][T12000]  comedi_device_attach+0x3b3/0x900
[  299.989018][T12000]  do_devconfig_ioctl+0x1a7/0x580
[  299.991096][T12000]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  299.993474][T12000]  ? find_held_lock+0x2b/0x80
[  299.995450][T12000]  comedi_unlocked_ioctl+0x15bb/0x2e90
[  299.997717][T12000]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  300.000248][T12000]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  300.002725][T12000]  ? do_vfs_ioctl+0x523/0x1a60
[  300.004774][T12000]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  300.006899][T12000]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  300.009666][T12000]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  300.012419][T12000]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  300.015295][T12000]  ? hook_file_ioctl_common+0x145/0x410
[  300.017670][T12000]  ? selinux_file_ioctl+0x180/0x270
[  300.019878][T12000]  ? selinux_file_ioctl+0xb4/0x270
[  300.022053][T12000]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  300.024530][T12000]  __x64_sys_ioctl+0x18e/0x210
[  300.026571][T12000]  do_syscall_64+0xcd/0x4c0
[  300.028520][T12000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.031123][T12000] RIP: 0033:0x7fcd64d8e929
[  300.033042][T12000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.041216][T12000] RSP: 002b:00007fcd65b5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  300.044750][T12000] RAX: ffffffffffffffda RBX: 00007fcd64fb5fa0 RCX: 00007fcd64d8e929
[  300.048093][T12000] RDX: 0000200000000080 RSI: 0000000040946400 RDI: 0000000000000004
[  300.051421][T12000] RBP: 00007fcd64e10b39 R08: 0000000000000000 R09: 0000000000000000
[  300.054765][T12000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  300.058086][T12000] R13: 0000000000000000 R14: 00007fcd64fb5fa0 R15: 00007ffdc2ee1d28
[  300.061410][T12000]  </TASK>
[  300.063503][T12000] Kernel Offset: disabled
[  300.065435][T12000] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:18:26  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000001 RBX=ffff8880623b1698 RCX=ffffffff93e36380 RDX=0000000000000000
RSI=0000000000000001 RDI=ffffffff8de0bba3 RBP=0000000000000000 RSP=ffffc9000338fa20
R8 =ed5e7c3cc5520aac R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8b882510 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6718000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000008 CR3=0000000034393000 CR4=00352ef0
DR0=000003fffffffffe DR1=0000000000000ddb DR2=0000000000000006 DR3=0000000000000006 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffec58d62c0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9b5dc11b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9b5dc11b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9b5dc11b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9b5dc11b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9b5dc11bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9b5dc11c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
EAX=00007001 EBX=00000000 ECX=00000027 EDX=00000000
ESI=00000002 EDI=00000000 EBP=0000792c ESP=0000792e
EIP=0000018e EFL=00010002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
CS =0010 00000000 0000ffff 00009b00 DPL=0 CS16 [-RA]
SS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
DS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
FS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
GS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
LDT=0008 00001800 000007ff 00408200 DPL=0 LDT
TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy
GDT=     00001000 000007ff
IDT=     00003800 000001ff
CR0=00000031 CR2=00000000 CR3=00000000 CR4=00002040
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000001
FCW=037f FSW=0041 [ST=0] FTW=01 MXCSR=00001f80
FPR0=c000000000000000 ffff FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9fec5a9f70 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9feb811b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9feb811b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9feb811b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9feb811b2d
info registers vcpu 2

CPU#2
RAX=0000000000411a41 RBX=0000000000000002 RCX=ffffffff8b881c69 RDX=0000000000000000
RSI=ffffffff8de31064 RDI=ffffffff8c158660 RBP=ffffed1003bd6910 RSP=ffffc90000187df8
R8 =0000000000000001 R9 =ffffed100d4c6645 R10=ffff88806a63322b R11=0000000000000001
R12=0000000000000002 R13=ffff88801deb4880 R14=ffffffff90a97350 R15=0000000000000000
RIP=ffffffff8b8807cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6918000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c269819 CR3=0000000048555000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f284c811b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f284c811b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f284c811b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f284c811b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f284c811bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f284c811c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 803566e0200f300f 320fc0000080b966 13f67354280f0000 40003d80380f662e
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c8a66a2be0220f00 0000803566e0200f 300f320fc0000004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000040003d80380f 662e67ec00a0ba18 06b2f30f66659a1c 0f0f300f00000800
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855bb315 RDI=ffffffff9b0c22a0 RBP=ffffffff9b0c2260 RSP=ffffc900061174c0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000036 R14=ffffffff9b0c2260 R15=ffffffff855bb2b0
RIP=ffffffff855bb33f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fcd65b5b6c0 ffffffff 00c00000
GS =0000 ffff8880d6a18000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000293bb000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000010000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc2ee20b0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd64e11b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd64e11b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd64e11b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd64e11b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd64e11bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd64e11c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000