last executing test programs:

7.193271518s ago: executing program 2 (id=553):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000080000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
io_setup(0x800, &(0x7f0000000500)=<r4=>0x0)
io_submit(r4, 0x2, &(0x7f0000000240)=[&(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x3}])
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$loop(&(0x7f0000000400), 0x1000, 0x4000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r7}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
chdir(&(0x7f00000001c0)='./file0\x00')
r8 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r9 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
ioctl$SIOCAX25ADDUID(r9, 0x89e1, &(0x7f0000000240)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xffffffffffffffff})
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000140)={<r12=>0xffffffffffffffff}, 0x106, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(r8, &(0x7f0000000340)={0xa, 0x4, 0xfa00, {r12}}, 0xc)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r11, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x1}}, 0x3c)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r13 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
lseek(r13, 0x7ffffb, 0x0)

6.849974231s ago: executing program 1 (id=557):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0)
r0 = openat$sr(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x5390, &(0x7f0000001500)=ANY=[@ANYRES16=r0])

6.790593812s ago: executing program 2 (id=559):
socket$inet_udplite(0x2, 0x2, 0x88)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af24, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000f7ffff84000000a00000009500000000000000"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r4, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000200)="ad000000", 0x4)
sendmmsg$unix(r6, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

6.720722986s ago: executing program 1 (id=560):
socket$inet_udplite(0x2, 0x2, 0x88)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af24, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000f7ffff84000000a00000009500000000000000"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r4, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000200)="ad000000", 0x4)
sendmmsg$unix(r6, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

5.271476135s ago: executing program 3 (id=564):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.idle_time\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x2)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x4, 0x0, 0x0, 0x0, 0x300, 0x0, 0x0, 0x2, 0x0, @empty, @remote, {[@ra={0x94, 0x4}, @cipso={0x86, 0x25, 0x0, [{0x0, 0x10, "f79eb4cf48b5a5788fc15a45b5b1"}, {0x0, 0xf, "749018c9a54b61394327f11535"}]}]}}}}}}}, 0x0)

5.170303698s ago: executing program 3 (id=565):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000001280))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r4=>r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001240)=ANY=[@ANYRES8=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000012c0), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r7 = socket(0x80000000000000a, 0xa, 0x0)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2f, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
setsockopt$SO_J1939_SEND_PRIO(r6, 0x6b, 0x3, &(0x7f0000001200)=0x4, 0x4)
setsockopt$inet6_group_source_req(r7, 0x29, 0x0, &(0x7f0000000200)={0x400, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x10, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x179, 0x11, 0x100000}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096}, 0x70)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000180)={0x1f, 0xffff, 0x3}, 0x6)
write(r8, &(0x7f0000000000)="38000300010003", 0x7)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0)

4.251381298s ago: executing program 3 (id=569):
socket$inet_udplite(0x2, 0x2, 0x88)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af24, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000f7ffff84000000a00000009500000000000000"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r4, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000200)="ad000000", 0x4)
sendmmsg$unix(r6, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

4.193793028s ago: executing program 2 (id=570):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000000202020005000400000000000900030073797a3000000900010073797a3010000000"], 0x34}, 0x1, 0x40030000000000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000002c0)='rxrpc_client\x00', r0}, 0x10)
r2 = socket$kcm(0x21, 0x2, 0x2)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000140)={0x5, <r3=>0x0}, 0x8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000b80)={@map, 0x26, 0x0, 0x7, &(0x7f0000000240)=[0x0], 0x1, 0x0, &(0x7f0000000ac0)=[0x0], &(0x7f0000000b00)=[0x0, 0x0, 0x0], &(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0], <r4=>0x0}, 0x40)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000bc0)={r0, 0xffffffffffffffff, 0x1e, 0x0, @val=@tcx={@link_id=r3, r4}}, 0x40)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r6=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="300000002e000100000000000000000008000000", @ANYRES32=r6, @ANYBLOB="0b000080976b6b3dd4d630000c00df7f08000000ac141400", @ANYRES16], 0x30}, {&(0x7f00000002c0)={0x7e0, 0x27, 0x400, 0x70bd25, 0x25dfdbfd, "", [@typed={0xc, 0x5a, 0x0, 0x0, @u64=0xb}, @generic="9f5cbda8109e94b4e6ba608c1f346991ca300cc75380e51b391e243ee2b2d0aec1b9a58c7fe70ab608872f96328ce915c9069cfce068a744afe835b3f437744d25d4979a593e23f91fa40db78f3b308eeeefbcb56b9ab884ff340f15094bc22925f827272b3bce151497d61a3e1e414e3d8970a8a9d83055f37cd60f0e41d2c1d82c2797608271de03fac0b1820799bb6f9c5cdfbb1648a5224b73c54538319ca8dd54bb0cc68db51e691e4a756463b29c15d8abd99bbf1f8264ab63f5a9f32aa499145c37b9af", @typed={0x14, 0xd3, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @nested={0x1ea, 0xd3, 0x0, 0x1, [@generic="feca879d8419564e88431a5ed69e905171a59019e7afd263938461f26dde20a9", @generic="eb76ec63e5884315681d93e236cd54fb07affb5f3cf2f9e3c92ed59d3fc7a1e7b3db984e14dcee0b59332d19f7da9df83d7320c10ac6f7ffc7ca1c10aa27073b59f546140a8d60f09cff00926cda8a9a1559a2f8f232b83492d3cf7d7574f1f3108aa3e9ddc726968f7b7d2c490a4064f2c8edb84c18291ea69ea03843e63eeb77541c81d76eab09db68071a26444c8d7156a9a01aa1f50689cabe528f937cf3b4e471a50afa4c24aa928ae51c05536fbd2186147667c1c490eae82f46397f1fead5f1681a534c7b00211f", @generic="4378098ae82e5ae2855d44d8d38150a09283c392e8006d0b9d4f525ec2997e03ac4c1bd454e4e7e2290312c18634ba2aea184f21bc79814c6c399e7d7064b2be9cca9a31de913946c1c6019e621084a5331090649d79dc0a18b1569c63f17bc9a276021c09ff03f3", @generic="2ee7abb22a5e97c7150f16ea5de6ebfea66c1a96442cbcdf4aebae4ed12dbdad44109e2720c044fba279d66284fce84059274f6291ad10174f6c56ba8c88df3c1bfa65360013c79389fa79a161e12fbaa37e09e0889626212b4853f524937fa175c1453e1f64f09a29e6e4d1a98fe5c33e36580b1493b003c9eebc68341f444cd2bdc6b4311aeb45d75fa455c5a54b353893c1"]}, @nested={0x2f4, 0xb9, 0x0, 0x1, [@generic="939d6c3e38bb0cf0c8165122b92393e9caf5c3def689d821320ab47aa30e6b88263322166b6549b8479a7e3edcbe9b21f4d9ac4fc4b317656dacf0054efbb42a14a232071c031d57c463256a5ebaa796b44c5554d4a362f973f1eb581c5f3083f046513ffb1b725888470d4dd731bf381d57ba787f77e773aa6fbed859ddc7158e02101732ccadd13691e795db4026466c7c1bc8f4f602b6c95c67c61615f7661604", @generic="af9d8132a998e1126934f23fd4f8503bb34a05409960a9f9d7b32830e7c3ef1b684052e055142f7fa1082d1fc8ba7a4a3c21d8178add21b892bbaccdfd07a43aa6b3cb838fcaaec0caff07d1f4950cb33290acbd7fe34be9d671d7a89d87a450127abba1e6e407e0aab2a8e6e02ade94e25b2791bd1cdaed7776237c46e977c2682fe31b7f2f5f0c2ef4878e7aa3df37f179c020095e0f28c4ede15b73f89724b61c31b9ba27f1266d1d7392571b3b92053178394ac06a42313cf83746cf18e6bca3d00510403eb6def8af879d936c134fff5a3ab14a200e5d66796207700a9a3bf069bf16a95c55c9417a", @generic="aa48105ee717f757e8343d51abec9f8cac2c9170dec0e20dbe627a077330b97a7a7df5afa17421aa2c10fa15e71c9e6bc0664bca356226855f5066f24a6d5ca3a33a06168e240d12c2748f402f4ee00db51cc413845c14721d7be0e21e3d7a0d1ff3a7fd6d580c6e07cabb2f3507e4bc2896aeac320d9fae9eee67df515f3ec4a8d098656fdf3466867ca1eff1c74bd1c4077ac72dd021a2e01923d0823710f7ec40b02497173ac37b31caf5a8b9a866e9b79796cf86c5549447bc864d7c886fef9008e8560ce532ca89a810b1", @generic="54f69ef5f98e8b6c7a8dd61a06eefa24c6a2bfddd6dbba8be44c21671fe3a9b4fed25d0847f4b9ef27dea97f5a530f5735bdb1a15e16b01cf7570af3551c0632e9ae6668234a3d61b6a3dcd405f741f4604f8f8be3d0ac3a291d93fef8b981f87596f04d38e8826e825dd032323fd716ea374ebe74a420ffde3c187b804c7d74d670e8d74c200ba3ed039ad6adab6aa901ac1f7adde0"]}, @nested={0x1bf, 0x4d, 0x0, 0x1, [@generic="f0ed8170ffad6e0aff35f7dce0b3eccb6e49a876a290", @generic="2edf1010ea46c4f364e52885cf0fba82c51b012952dfb8ad435b73d5d09d7f3fb43293", @typed={0x8, 0xb1, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @generic="2eeb032dc0010ac3893df1ec13743c50f7923bde2a3652c587b7ab6659f204f9974dd771e72ed1a2f8550a19971240a9f69a8688ecef4b1e285053c918eccb8bdbce4ca67bebd9e25a183da14365757e86ad3842c4eedfdea16d0ba7a4e7dfd50b4cc75adb1df35f90f311eaf108164285954ded0cc5964b88e933a27de0c44a943aafe2b02628b77d8b4d7c55a87e924fab19", @generic="cfcfef4378f4d82b5446c24d3716d5931cfe3bbfee823d043ae577b29d305aee7f329d51c11cfe7b86e6c90c75c09c42a615161351ce9a0f68ecfd6ddcc768e6269f0f54d7b6d87568b41df0c737e2e015adaef32acbbe3c55f40d188d5ea7d99161d4b595e9b33f7566d9ab58774bc9c87951f3fd08ffa54a0af26cafacfd58677aa3bea37869b5632d18426300e5a4fe8096a95a8b7f7dc38630a744c4b2975368b93319864b6208e8629f006f3f84861ba4eda5e811d5721908643e3b3684d430ef3f4b072aec75278e86438c3863e3d96d2dd986357a01e6c306708dfc9afbca3b4a7ef536"]}, @typed={0x46, 0x4d, 0x0, 0x0, @binary="d95b8127601f9da391e59f62c786cd2ea844d45f9cd4af56dd03d6244ff21a2ca52e97b5ff5a3e04419866641effcee7fa17a0d002329ff8aa13c74b3cb71b1fc043"}]}, 0x7e0}], 0x2}, 0x0)

4.115026852s ago: executing program 2 (id=571):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r1 = syz_open_dev$audion(&(0x7f0000000040), 0x10000, 0x220040)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000180)={0x1, 0x0, [{0x6000, 0xd6, &(0x7f0000000080)=""/214}]})
r2 = syz_usb_connect$hid(0x5, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x20, 0x458, 0x5012, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x81, 0x1d0, 0xf3, [{{0x9, 0x4, 0x0, 0x7, 0x2, 0x3, 0x1, 0x2, 0x2a, {0x9, 0x21, 0x2f6, 0xe, 0x1, {0x22, 0x205}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0xc0, 0x1, 0xcd}}}}}]}}]}}, &(0x7f00000003c0)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x310, 0xd, 0x4, 0x2, 0xff, 0x10}, 0x50, &(0x7f0000000240)={0x5, 0xf, 0x50, 0x6, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x0, 0x2, 0x5}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x80, 0x2, 0x1}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0x6, 0xa, 0x2}, @ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x3, 0x6, 0x8b8}, @generic={0x23, 0x10, 0x4, "e278ed62b47de4a0901996a68507e97c737e651b0f883f80bb42f3c6a197b012"}]}, 0x3, [{0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x41f}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x42a}}, {0x60, &(0x7f0000000340)=@string={0x60, 0x3, "a20b948e3905337e4f6e2055b42c2b22b80febbbf588a84a56f20a1d2ca0c972a3ed2ca7cd45c9c1c3996aa2ac11927ad9bd0ff00a197a5db0ce95c5d9df60acd3622f9e60be8c886bcd13cc4162dbe0ddf299ea4b512e795718c322435e"}}]})
r3 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000400)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x1d34, 0xa, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x8, 0x20, 0x43, [{{0x9, 0x4, 0x0, 0xa2, 0x1, 0x3, 0x1, 0x2, 0x5c, {0x9, 0x21, 0x101, 0x3, 0x1, {0x22, 0x2e8}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x58, 0x5, 0x6}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0x8, 0xe8, 0xfb}}]}}}]}}]}}, &(0x7f0000000880)={0xa, &(0x7f0000000440)={0xa, 0x6, 0x250, 0x8c, 0x0, 0x6, 0x10}, 0x68, &(0x7f0000000480)={0x5, 0xf, 0x68, 0x5, [@ptm_cap={0x3}, @ssp_cap={0x10, 0x10, 0xa, 0x0, 0x1, 0x9, 0xf, 0x81, [0xc00f]}, @ssp_cap={0x18, 0x10, 0xa, 0x9, 0x3, 0x8, 0x0, 0x6, [0xf0, 0xc000, 0xff0030]}, @ssp_cap={0x24, 0x10, 0xa, 0xaa, 0x6, 0xfa, 0xff00, 0x400, [0x3f00, 0xffffc0, 0xc0, 0xff00c0, 0xffc00f, 0xc0c0]}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "4cbae794a51b9c49b6c4fc1bfa76c753"}]}, 0x8, [{0xc5, &(0x7f0000000500)=@string={0xc5, 0x3, "9f72cd32af07453f9c3326a5f876ef5fe8b97971e6bc0b3a11a407e0ed0fff675bda11d3bb4eb5db2a8921a2f3332c446196ddc8fca1064b574d28b1a683999aa8788e1e1b5af3a3757c93459d9844c7f1dc20a21644cfcaa924e5a4670a3d73dcc911eacd6fb74aef56a222c14dc6eee75126082a1aefd9ac54be53bfcd716c6dd85701a5b198bb9f09eb9c06221e671e2f4bcfd60aa9f94061e4a60c3277787a838882e80eee28aaaf9db833ed35aa45655d29dec96371a2068034c214da8590b818"}}, {0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0xf0ff}}, {0x19, &(0x7f0000000640)=@string={0x19, 0x3, "0c5c25f37167b84c02f2a46f3d830b44305319e3d377e4"}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x41a}}, {0xe1, &(0x7f00000006c0)=@string={0xe1, 0x3, "25e75ff5e1dd3f11a9b4dc0da1ca31522087b755330a963b5587056b0d2cee69e74e2587f5c0162a571e70bdc8ebd7e38eb95652dba8a94fdd35ce1c28617a08febf946de77363cef7ed242819f88af24219dea515b6e170662eeb5a9d4c83a8afdb3fe0d137816bdde32db1e8dc59df5cf96dfeda7334cd57b2920a7b852c789522b4bcade1201f28a7644b81cb8125d1c5a45489c5eaad3b18935c03051a7bfcbf61ce7bc092c6e648dec852739c170fd3e3db22bc133ec54e2269dc9692cd0bff35e8b0f37e8a88daaa49e871c2f4e5e3f4016c26e21b31c32cca85c16f"}}, {0x4, &(0x7f00000007c0)=@lang_id={0x4, 0x3, 0x3c0a}}, {0x4, &(0x7f0000000800)=@lang_id={0x4, 0x3, 0x457}}, {0x4, &(0x7f0000000840)=@lang_id={0x4, 0x3, 0xc09}}]})
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000900)=[@sack_perm, @window={0x3, 0x4, 0x6}, @sack_perm, @timestamp, @window={0x3, 0x100, 0x3}, @window={0x3, 0x1}, @window={0x3, 0x0, 0xffff}, @mss={0x2, 0x345bd691}], 0x8)
r4 = syz_usb_connect(0x4, 0xa6c, &(0x7f0000000940)={{0x12, 0x1, 0x200, 0x70, 0x52, 0x23, 0x40, 0x2cb7, 0x1a0, 0xd6ec, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa5a, 0x2, 0xfe, 0x0, 0xc0, 0x8, [{{0x9, 0x4, 0x4e, 0x0, 0x9, 0xff, 0xff, 0xf6, 0x1, [@generic={0xad, 0x22, "9f04882527d73b4198d56b54bae5ae46725f9280197aed8852a6f5700a63bd4aa9494a587fae0fe3bbaf8ea0f58f1042fb63c93ae09c9fc3f38ade7d286e630843798e7c61973b8df43076fa20f186bc62abf38a741a096f971de90357673e6de12bfc6c97af60aa460beb1e1c5b008e6ff016eb97f72edc539df2f8e711388974239ecdbe72228740d10d909affb6441d709a969754cf986ef17ac8c4ac672c755158436c6bce27aff19e"}], [{{0x9, 0x5, 0xb, 0x0, 0x3ff, 0x10, 0x8, 0xff, [@generic={0xb9, 0xd, "fc2bbf1e68f61650e47d20caa15c48744242e797cdd1ba257fa2eb528e5149d6ee1134aef34d11e5574b822fca1c4884b681c371400403affe41ce3c0fc15111febbc9faee2846fc64358c7c407cbae19483eb47e614dde36e32b438cd72645109a151fd9a55a357d6ff7771e6be678664444e9e336bafb4aada41eb702a7658ba769787612e506e55bfde6ef5b56e0fa1929e914bd997e47887661545777e3719d4326fea5f74e306093ba6034c1af0b2722b9bb56c6d"}, @generic={0x47, 0x22, "325a23ac2f4cad3e7c9240da772d2921da97a4d92abc4237ef06209b41b52f5fb30aa3f30a0dc4e6ebcdfd80e72cdf7619fc920ca69711499eb52d8257844bc80a52b3fa2d"}]}}, {{0x9, 0x5, 0x0, 0x3, 0x3e7, 0x35, 0x9, 0xe7, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x1, 0x100}]}}, {{0x9, 0x5, 0x80, 0x10, 0x200, 0x4, 0xcf, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x9, 0x7}]}}, {{0x9, 0x5, 0x5, 0x10, 0x8, 0x9, 0xd, 0x55, [@uac_iso={0x7, 0x25, 0x1, 0x86, 0x5, 0xfffa}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x7, 0x1}]}}, {{0x9, 0x5, 0x6, 0x2, 0x40, 0x7f, 0x9, 0x8, [@generic={0xcc, 0x30, "bff5c210660d5356dbe4e818de5abbcab7ee8af4b8d09bbec153fa40caa7d208db5f43952d3f6d7b8b46e9283743eb558531c6e261bcfe2083191f8dfe3a7d3cc9fa86c904bc971b8d7b655a6d695db7a61de7f178159af57ffcbb1680f689b5e50c533e462f791f5c576b3689557658b83f4272116793837ca0e67c8a8f8bdbbe98da54d510115e73492aaf1e3499dfd098ec5a6dff06af8e46f4c33d0026f99fd0b0d25109fa068807c6a750095ef7fc9539b24d6ba91772babb58636ce871cc59649f522c56fcfe23"}]}}, {{0x9, 0x5, 0x80, 0x10, 0x200, 0x9, 0x4, 0x5c, [@generic={0x14, 0x5, "e190218c22e0b0d896ddf4daf023d52a04d1"}]}}, {{0x9, 0x5, 0x489b638c590001c7, 0x1, 0x20, 0x2, 0x3, 0x1, [@generic={0x83, 0xa, "5b436e90ef6e12ad443a9a54d92d2c888f90436bbc00bc65bd1652591e82f95f5c822498ab04411e5ad5bd5eee88dfbc05938eeaa764180e62913ae4835a4ab3c37e03c2b35023025440614901dc68e039dc67a54a2571ed3bdf8a70ea2d56d6f39744bc99535f9c3352d21766e77aa5d1dde11fe72b595dbcc00195048aac9b31"}]}}, {{0x9, 0x5, 0xe, 0x0, 0x20, 0x9, 0xfc, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x8, 0xff7a}]}}, {{0x9, 0x5, 0xe, 0xc, 0x400, 0x0, 0x2, 0x81, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x7, 0x3000}]}}]}}, {{0x9, 0x4, 0x8d, 0x4, 0xc, 0xff, 0xff, 0xff, 0x7, [@cdc_ncm={{0x7, 0x24, 0x6, 0x0, 0x1, "53b5"}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x6, 0x80, 0x9}, {0x6, 0x24, 0x1a, 0x878, 0xa}, [@call_mgmt={0x5, 0x24, 0x1, 0x0, 0x1}]}], [{{0x9, 0x5, 0xf, 0x2, 0x8, 0x7, 0x5, 0x7, [@generic={0x101, 0xb, "5442dd1c6d7e2a318d50532fe2006ed599783a75a6beb82a2a5f4caba7938da9b0daf217fc5cd98f5dc1af6067d3f6bc7f0ec895a3bfc01e45d4e212e66591d38bb789c18e9df68d9687831d476c4f84e2d7bd85980787721bee107c7cc1fab9546d5b56db5aee21574e11fa7b718dc5fa0d0fb7aaa9c9662f1afc09159b49c7c352d685a99465104bbf8ad5751660084084694934e8ec887ea6428060e8ffa17107196045425de4b14755505cfc9af8edbd5f394ba60a04cac8f1b4cc1fd679911486a3c17b61a472221517e81c2d3a09dd9a0f588a939d1035df95cde749e4dce9db9ba947d9f192724d2f5fa318150c3d0d9322e858de73c0617e66cb3c"}]}}, {{0x9, 0x5, 0x7, 0x4, 0x40, 0x1, 0x4, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x3}, @generic={0xfb, 0x7, "9c3ad95e9e1840a0af5e61ca333a83de9e4a8e300239e8dafcd58f250be95ec2f0c9a4fc6efec2194a31a3ca0216e254c789072078bc18ad5c3ab5ec6efc19eac0261bd2a991b3f0c1226e335863413f9927f189c11f28d7bf6dcd08408d00ab9c61b9a96f1cd024e8266752d2452188cf41b92b8a1720ac3d664d389d7f8b299985fc0cf2160bd0edad011c60425b61ccc709d748534b46777f37a4025fb16e5938be7b3dc7d89e2f5ba754efbf0ce03aa0e6665f26b24255e44351d14633fdfd423249ad1fe218db7706b9c5dc751db50e6146fc5fc9bc7c9f66e0bc5b64f077bf54df57fc6060aa1cb29ec64fec8d13407d942956d5b853"}]}}, {{0x9, 0x5, 0x0, 0x2, 0x8, 0xff, 0x80, 0xe, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0x5}]}}, {{0x9, 0x5, 0x7, 0xc, 0x10, 0x0, 0x2, 0x24, [@generic={0x15, 0x30, "58f27a1de8cb321064aaac403036c9fc22025e"}]}}, {{0x9, 0x5, 0x1, 0x59ca3584f6765f89, 0x3ff, 0x4, 0x10, 0xc, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xe5, 0x200}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x5, 0x3}]}}, {{0x9, 0x5, 0x0, 0x0, 0x400, 0x7, 0x7, 0x83, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0xc, 0x9}]}}, {{0x9, 0x5, 0xc, 0x4, 0x400, 0x40, 0x4a, 0x3, [@generic={0xfa, 0x3, "ae37ed48a6831bf39f3d80fbb88a3ce244d0a9a3a6006edca50860dcc707021f02b913701cf67f1d505f8a7d41bc7084f9f32b1738932fae258730c3b2248e8da0a2eb298c6235c3713fbd1ebbf52d537c86e373b113080e0a64704cdac04ded0fff0d8483818e3a70304129911bc1de2f573a89d0d3514b96003bbac01432010ba785bfb435541b7e42a4a8639aa067c37e9eba5d48bb041c1374164b844db985a3250936ae02db43129a2a578f78384e686621d7c65f0ec2b256bfac773922e4d13f086c4c1831ff89dc3e402217ddba7c9ea5da092a12e495a84d724f472b571fa7470ef61f6db1b64b35ec30fe54652031cfdd49e941"}]}}, {{0x9, 0x5, 0xd, 0x3, 0x20, 0x1, 0xab, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0xd, 0x1}]}}, {{0x9, 0x5, 0x3, 0x4, 0x8, 0x4, 0x1, 0x3, [@generic={0x92, 0xa, "4a0ef07c2b799c7eb961a729bae03c91aa0306e52d820e41b0606426b2d2a6a7b3a9a8b28699dbd65ba839bbbfb7fb29d6a910553e071b56d7c8d6650c4269c482adfd9addb88832f58f02650a89ec3be5109618a963498d204caac3e1fa27330de1c52190c26075151fef417f925d33991da268a66369ec8cd81823d2dfecd98e02b5b78c13ecebc1e9253e70f2e523"}]}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x3, 0x9, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x0, 0x700}, @uac_iso={0x7, 0x25, 0x1, 0x5, 0x7, 0xb64c}]}}, {{0x9, 0x5, 0x0, 0x3, 0x200, 0xf4, 0x2, 0x9c, [@generic={0x29, 0x21, "0faf38d24bdb4a6763a23045c67bb80dbd6c275c08a898968544f187ca0ee84c85c754217c5ba5"}, @generic={0xf0, 0xd, "0b92ce0173e1ccea6edc835a9a5c35e4cca7bd420054399acfb4a981a169f3c730340f156941166e189450ac31ea57669773489aa4cf2c511c6a58743773e0e26ff2b8af9ff0c293cb295e6f54ddb79aa86e11724c8d4e78ee5d2f7e36654f58f3d66b897c476ef9740ef997cfec19c0f4d0cd5741b545def773031605bacec4a5245f03d8aad568937c7ca866bb2bed8cb23b787b00dfa64e5979197147ab782ad477f466407d76842ec531ede9edbe664490976b18a53204e10b0c76cc6b88b68ec9f4c57818ebad83f98b24379c1a460547cf1e521b244e3ed6c81dc28723d8026b060733cdd76d14c9bd265e"}]}}, {{0x9, 0x5, 0xc, 0x10, 0x200, 0xc, 0xf7, 0x1, [@generic={0x52, 0x22, "30df0959965c173162992fc8fd0080feb8721d946c64aeed71bd92fcf6aaaa3f53b21718d974d823a9ffca82fff8c41d011de9f97abe454e61e95aaf7a8ef5ff087fa91cbeb5ff46d948b19991e1b2e0"}, @generic={0xe4, 0xf, "fb8ce252f8e5aff4092de8967c0981f11a0204973f062b81e5dc264b91241a3a7ff3192a68c6c615994bcf628f56783e13919ed3be9328e87bcf29d4bf6515966119a4b06f5ba7e766c6602438e8987d0e2e4834d6237fbc6e4bc238417f53459c03cefdd1b5ff2b0840d8a06a837f78dc62ac6f75148c72dd527e0fa11e2fc3d17953a41707f5b43f5a9d992184475b084cac525b9e2e93c6e33fb5327e0241794cca5ebf7d57f6723da271bad35e67cda024b22b7bc06b1d4d921334a60b5004ae757a2f61a3b1447feed6a22ad1d64a7a662b927cee9bc61ec100645e3b2d4526"}]}}]}}]}}]}}, &(0x7f0000001480)={0xa, &(0x7f00000013c0)={0xa, 0x6, 0x201, 0x8, 0x5, 0xf2, 0x40}, 0x2a, &(0x7f0000001400)={0x5, 0xf, 0x2a, 0x3, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x1, 0x9, 0x8, 0x8}, @ss_container_id={0x14, 0x10, 0x4, 0x4a, "ba83ddcad96fb5acf69124366977026a"}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x5, 0x4, 0x9}]}, 0x1, [{0x4, &(0x7f0000001440)=@lang_id={0x4, 0x3, 0x438}}]})
syz_usb_control_io$uac1(r4, &(0x7f0000001580)={0x14, &(0x7f00000014c0)={0x40, 0x3, 0x5a, {0x5a, 0x0, "47d936904e31a791c36cc62c1dbef8f3dc4152becf8da6e425fef73a7695232912f6c92845cc27a229475cff6614dfc720f1de563da93b09934fc86cc047f707f265b60b4376e31ba9dabcb7c01b2d861fbb480169528988"}}, &(0x7f0000001540)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x427}}}, &(0x7f00000017c0)={0x44, &(0x7f00000015c0)={0x40, 0x16, 0x21, "6e7006a5b099e56397511a279640b03eb9f6376ac948df5fb3a08a2de31f29c0a5"}, &(0x7f0000001600)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000001640)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000001680)={0x20, 0x81, 0x3, "98d6da"}, &(0x7f00000016c0)={0x20, 0x82, 0x3, "ea4443"}, &(0x7f0000001700)={0x20, 0x83, 0x2, "fd22"}, &(0x7f0000001740)={0x20, 0x84, 0x1, '9'}, &(0x7f0000001780)={0x20, 0x85, 0x3, "890e3d"}})
dup2(r1, r0)
r5 = syz_open_dev$usbmon(&(0x7f0000001840), 0x7, 0x402200)
writev(r5, &(0x7f0000001a00)=[{&(0x7f0000001880)="73fd9f22ef242763ed62cb2bf5fa8083d5725e6c9fe85c2a99fad0f3c45bb22e58cb0d72e974ababf8a05e4a377141fd5763cbf26026fb1ca55cd28991b0ffe5e6b709760efabd5c500cf63dcec26624d02d32ed034d7f4498e3230d0f54c702d6f91786cbcc9147bf06e4fad5ef376c0b6e7e23f34a453f3638f78f328f315c8ddb30db07ef76d31bf9e38baadc9253ddf96abb753cd587733531ba1d58004ec7792a7a91d0591443f2b806c1962947a0d5d1f043fbe8b77d918e466eb8dcc7fda83a8fc2b7f2f2f6519c8450f125e1f09b89c295757d05cef874dd60f4cc16e9b092a7cf3d71bdfe34592275d1c0534e6e164d40af57", 0xf7}, {&(0x7f0000001980)="93806a793d874d3c2b926ba27d27934b8a6fb489a5b682a87ee59188976454299808ce45650cb9319852f1ed154c7db590bb231b0e5c8cf884662ff22e2e88c27acd00e367d322", 0x47}], 0x2)
syz_usb_control_io$printer(r4, &(0x7f0000001b40)={0x14, &(0x7f0000001a40)={0x40, 0x5, 0xa4, {0xa4, 0xb, "cc246688fb88a2e7803781112a6cbc40a051aaf72617232bd40c7f859db2ff428fb97762fe2e2bd4d1854d00ea34bf56daff29ec683f23f5817405d820049c9302d13c3b9c52fc51acfcaf3df80382beca593c1a5c3af9aa6b78a16cbd84f07bcb00b3a8d3aa17ae01b7ba451a8731196477a3290408a8d3ff9cd96a0b51732c7597a1562f3c697b82108db27a8101acce667e21fbb72a908c3e1a9fb2020ea17a24"}}, &(0x7f0000001b00)={0x0, 0x3, 0x11, @string={0x11, 0x3, "9a31b5b67aa48f6ccf50b78d7ebf69"}}}, &(0x7f0000001d00)={0x34, &(0x7f0000001b80)={0x20, 0x16, 0xd, "ba8fb723614168407ad94240d5"}, &(0x7f0000001bc0)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000001c00)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000001c40)={0x20, 0x0, 0x24, {0x22, "b526b866b92e00c676afed301f53644f43e1d7b6ea3b3dc6c224afda9fe51947b0c5"}}, &(0x7f0000001c80)={0x20, 0x1, 0x1, 0x9}, &(0x7f0000001cc0)={0x20, 0x0, 0x1, 0xc5}})
ioctl$PPPIOCDISCONN(r1, 0x7439)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000001d40)={<r6=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000001f40)={r6, 0x3})
r7 = creat(&(0x7f0000002f40)='./file0\x00', 0xa)
ioctl$VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000002f80)={0x9, 0x6})
pwrite64(r7, &(0x7f0000002fc0)="e4c61040e9e0ca3a4a3d331347204b633809db4abf22e79353b091f0b664760ce9694a1f158b60f786d4835e552ba4fc927d287bc213b4bdec26b585ba7484f3529d62db4b12934000530d7db423de1f2e8643aa83cf5cee76f38b15c62b8488e4933d7254b2049483550e7e2a2b6bea1013d00eae50b99b45c2e8a5b9f43b3af6d610aa0e769447e0282ab76c908fe1ae8354de7e87c83577ad5490228d972d424ea62147d94e", 0xa7, 0x2)
lsetxattr$trusted_overlay_origin(&(0x7f0000003080)='./file0\x00', &(0x7f00000030c0), &(0x7f0000003100), 0x2, 0x2)
getresgid(&(0x7f0000003140), &(0x7f0000003180), &(0x7f00000031c0))
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0)
r8 = getpgid(0x0)
process_vm_readv(r8, &(0x7f0000003240)=[{&(0x7f0000003200)=""/17, 0x11}], 0x1, &(0x7f00000034c0)=[{&(0x7f0000003280)=""/68, 0x44}, {&(0x7f0000003300)=""/41, 0x29}, {&(0x7f0000003340)=""/80, 0x50}, {&(0x7f00000033c0)=""/52, 0x34}, {&(0x7f0000003400)=""/19, 0x13}, {&(0x7f0000003440)=""/10, 0xa}, {&(0x7f0000003480)=""/39, 0x27}], 0x7, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$cdc_ncm(0x5, 0x12a, &(0x7f0000003540)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x118, 0x2, 0x1, 0x96, 0x60, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x9, 0x24, 0x6, 0x0, 0x1, "be52500a"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x3, 0x9, 0x23}, {0x6, 0x24, 0x1a, 0xffff, 0x3e}, [@network_terminal={0x7, 0x24, 0xa, 0x7, 0x4, 0xa9, 0x1}, @mdlm_detail={0x28, 0x24, 0x13, 0xff, "e48be8dcb5edafd461b1fffdb042529a7a2cec2fc389be229fd5458604b0f1edd7b4df87"}, @mdlm_detail={0x89, 0x24, 0x13, 0x1, "c23f925d584d7ba798835016d6c1226ecaf3fb05db065b7354eefd51c2a181852d99884d5f22eb5f6f46e713488eddda29e914a9016361d09905759cd6eb4d749e0820e5f110eb043be7c27559310ed0ca23dd3bbfecf226aef2d593acc1137b3796fd618a6f63aca0eb91d17aa57bc89558178109f866e2fcec218eb5641832dcf8cb4975"}]}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x8, 0xff}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200, 0x7f, 0x61, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x3, 0x6d, 0x2}}}}}}}]}}, &(0x7f00000037c0)={0xa, &(0x7f0000003680)={0xa, 0x6, 0x200, 0x1, 0x7, 0x5, 0x10, 0x4}, 0x68, &(0x7f00000036c0)={0x5, 0xf, 0x68, 0x6, [@ss_container_id={0x14, 0x10, 0x4, 0x9, "59ccd0ef8ee0ccc69897a7ccef197d5e"}, @ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x7, 0x0, 0xb, 0x80}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0x78, 0x7d, 0x8}, @ssp_cap={0x24, 0x10, 0xa, 0x80, 0x6, 0x3, 0x0, 0x1ff, [0xff3f, 0xff0000, 0x3f30, 0xc00f, 0x0, 0xc0]}, @ss_container_id={0x14, 0x10, 0x4, 0x10, "25c950121c4dcb39ff4ed662db6fa7c9"}]}, 0x2, [{0x4, &(0x7f0000003740)=@lang_id={0x4, 0x3, 0xc1a}}, {0x4, &(0x7f0000003780)=@lang_id={0x4, 0x3, 0xf8ff}}]})
syz_usb_control_io$hid(r2, &(0x7f0000003900)={0x24, &(0x7f0000003800)={0x20, 0x21, 0x39, {0x39, 0xd, "8fb7684bd6366ad80851a320ee63cfccce9802f8ce68913d0d51ca10a6c6e53c8ebd2daacd7d0b53f390fb2c17104554756476f6d09899"}}, &(0x7f0000003840)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x415}}, &(0x7f0000003880)={0x0, 0x22, 0xd, {[@local=@item_012={0x1, 0x2, 0x5, "15"}, @local=@item_012={0x0, 0x2, 0x9}, @local=@item_012={0x1, 0x2, 0x8, 'e'}, @local=@item_012={0x2, 0x2, 0x9, "f373"}, @main=@item_4={0x3, 0x0, 0x9, "cc86bd82"}]}}, &(0x7f00000038c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0xfff7, 0x0, 0x1, {0x22, 0x477}}}}, &(0x7f0000003b80)={0x2c, &(0x7f0000003940)={0x0, 0x7, 0xbf, "b159e0e9b7640c0a32f51f5977ebfa8dc4143a74d17a3d0c42a6e053b17397ed903a048ae182ef151914affccebdada13d3a030d1e184501008ce34f8c6dab34ffc3f9715541e70a453b0b77798735dab6d8c8ddc640d288430822fd6718924571a8bc50955ad149e55b3b1dca142545e58ef39d11b09abe94645dd9e1e1112103cdc24dc7542f101a51453b2681069d9f869f09862b1ba61793e7baa0b9beabf856d358bf05506bad0240df4894d8aabc74e2867901d3ad49b4044e34e854"}, &(0x7f0000003a40)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000003a80)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000003ac0)={0x20, 0x1, 0x43, "725482f6655322098f4523d8e5fc759aab4bae5679cc252d3d47611e54c40babb7a7725c345e4414239966ae59cc4e767968283061493115f154e6d049118e5c0e7c72"}, &(0x7f0000003b40)={0x20, 0x3, 0x1, 0x5}})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000003bc0))
ioctl$sock_bt_hci(r7, 0x400448e3, &(0x7f0000003c00)="a7280de084d3cddb96a47f0b560536568b0baa56b4a3114971682667e246c9767b9f2f4f4ad11aba789a852e7b857b6bf7609e53b39767873e9497720c63b2a89d82e5aa117fa683cd0f0633d96d943b5b4c6f0f2cf71481e331e58ce369f11a67993732a8e9e7ef421c5d4b5739bbd53090285d578d50487614432d0ac3980ea10fcef1a4af146370adb5434a17b70e25775a5aca33707711a99dea91c0e63fe814b8906ca1c4a80ee94a538ffff4e8cbb15a2bba64d11424aeb4e07bfd71")
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000003cc0), 0x2, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000003e00)={0x24, &(0x7f0000003d00)={0x40, 0x22, 0x29, {0x29, 0x23, "6b45d51590cb756a83d9e7ca5a7e35a8d53c8cb7c76d00e09a0edf5ea7c626036e0664350a7af2"}}, &(0x7f0000003d40)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x447}}, &(0x7f0000003d80)={0x0, 0x22, 0x17, {[@local=@item_4={0x3, 0x2, 0x5, "0cd34013"}, @main=@item_012={0x2, 0x0, 0xc, "53d3"}, @main=@item_4={0x3, 0x0, 0xa, "8cd5f900"}, @main=@item_4={0x3, 0x0, 0xb, "2e541778"}, @global=@item_4={0x3, 0x1, 0xb, "e178cf2d"}]}}, &(0x7f0000003dc0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x9, 0x7, 0x1, {0x22, 0x662}}}}, &(0x7f0000004080)={0x2c, &(0x7f0000003e40)={0x20, 0x1, 0x83, "1be53b12980b431939b225c5702096ba1ed094c26494e1f4fd4aebbcb8d45a48ffa05354fbb275a389d5333cab44927adf6bebb2e5f0f659395af4b7eea86248958854d9bb1a9bff5f9915cb74237d0d7b820da0814edde89b163a012e88bb1d741c2a57cb1fcd6d32624cf223aba85c820a76c46f2c03037c82a527afe853a24362aa"}, &(0x7f0000003f00)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000003f40)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000003f80)={0x20, 0x1, 0x87, "58ddf4aa4841b963a469537ecd75ca3bc3791f9e8b82f385dde6d35f1ce625623a1b8eb8c658dd1d51a107b4056d423ed3e96af516a4dc4b3d7b8b2a68e183e9d5f519db158df01c326da862631c096654ba4ef9efce92b6b446aac3ed4012691887483ea1e53ee462ade315b0a70d0e9dab9bcc9b8ef3ef80c6eb975d2b4960c18d0402a3b88c"}, &(0x7f0000004040)={0x20, 0x3, 0x1, 0x5}})

4.109978217s ago: executing program 1 (id=572):
socket$inet_udplite(0x2, 0x2, 0x88)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af24, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000f7ffff84000000a00000009500000000000000"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r3, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad000000", 0x4)

2.409538547s ago: executing program 2 (id=578):
socket$inet_udplite(0x2, 0x2, 0x88)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af24, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000f7ffff84000000a00000009500000000000000"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r4, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000200)="ad000000", 0x4)
sendmmsg$unix(r6, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

1.330642933s ago: executing program 3 (id=582):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) (async)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) (async)
mmap(&(0x7f0000ff5000/0xa000)=nil, 0xa000, 0x7800007, 0x10, r0, 0x16abf000)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) (async, rerun: 32)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) (rerun: 64)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xff2e) (async, rerun: 64)
syz_open_pts(r3, 0x0) (rerun: 64)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(0xffffffffffffffff, 0xc0605345, &(0x7f0000004a80)={0x0, 0x0, {0x0, 0x0, 0x401, 0x0, 0x1ff}}) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x8, 0x9, &(0x7f0000000040)=@raw=[@map_idx_val={0x18, 0x9, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0xd7e}, @ldst={0x0, 0x0, 0x6, 0x7, 0x9, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffff801}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0x20009}, @exit, @exit], &(0x7f0000000240)='syzkaller\x00', 0x4, 0x71, &(0x7f0000000480)=""/113, 0x41000, 0x9, '\x00', 0x0, 0x26, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x3, 0x5, 0x1e1f}, 0x10, 0xffffffffffffffff, r0, 0x0, &(0x7f00000002c0)=[0xffffffffffffffff, 0xffffffffffffffff, r2, r2, r2, r2, r2, 0xffffffffffffffff], 0x0, 0x10, 0x7}, 0x90) (async)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000340)={0x0, 0x0, 0x0, 0xffffffbf, 0x0, "9931f1000025c9c3a91efe14dc853fcbacd591"}) (async)
syz_open_procfs(0x0, &(0x7f0000001080)='smaps_rollup\x00') (async)
symlinkat(&(0x7f00000001c0)='./file2\x00', 0xffffffffffffff9c, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58)
r6 = accept$alg(r5, 0x0, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000003b0007010000000000f800000004000000f4c29b7ae7409b4a8946b1fa000000"], 0x24}}, 0x0) (async)
sendmmsg$alg(r6, &(0x7f0000000b80)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)='v', 0xf4240}], 0x1}], 0x1, 0x8004) (async)
ppoll(&(0x7f00000001c0)=[{r4}], 0x1, 0x0, 0x0, 0x0)
socket$kcm(0x11, 0x3, 0x0)

1.221147705s ago: executing program 3 (id=583):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r1 = getpid()
r2 = getpid()
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000540)="005ccb94032f063723365368ba6242533ca8b7123af7b4eb6d287b4850eef9659d7f1813ba29675a5fca69f7132cd06f67964ba05a5a2bdbfb562b3c31be9f11881b15de8ea70736d55525464a4574a2270a942b09282cee602a708505892e85c8f24606cb9b990b9383c89a9063e135d3ea84a0a770fb4e862dc4a2b4e47680039e426567eb3f51767f18dd59124e66b09967", 0x1, 0x44, 0x0, 0x52)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, 0x0, 0x0)
sendmmsg$inet(r3, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000680)='I', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001980)}], 0x1}}], 0x2, 0x4008095)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
io_setup(0x9, &(0x7f00000002c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, r1)
capset(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)={0x0, 0x4})
setrlimit(0x8, &(0x7f00000003c0)={0x3})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000480)="1f395fad157e8a6d4dd84df94192e5984429a27898360f7cf2b138d29e4bbdf85fb0b573977d0d4598ab379a69fbe82f3d18fc1e2fb9a7c6f5a031c217be946bcce35537caea3c366ecf7a624fd80eced97235af4ad8c82b8cf4f483c4bce5a127a55cb4fce85af3ccb30a608a39777446968117dd35cda835aa3c10f60b3204e9", 0x81)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r8, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r5, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r7, 0x0, <r9=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r5, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32315d})
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)=""/117, &(0x7f0000000100)=0x75)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

1.058645436s ago: executing program 1 (id=584):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, <r2=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000100)={0x30, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r2}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@dev}]}]}, 0x30}], 0x1, 0x0, 0x0, 0x976b6408}, 0x0)

895.359256ms ago: executing program 1 (id=585):
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r1, 0x84, 0x84, 0x0, &(0x7f0000000000))

894.830775ms ago: executing program 1 (id=586):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x0, 0xc9, 0x0, 0x1}, {0xb769, 0x9, 0x0, 0x1}]})
r1 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4"], 0x125)
r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x80100, 0x0, 0x39}, 0x18)
fcntl$setownex(r2, 0xf, &(0x7f00000000c0))
open_tree(r2, &(0x7f0000000100)='./file0\x00', 0x0)
socket$inet6(0xa, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x40000000000ead}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
preadv(r4, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/30, 0x1e}], 0x1, 0x80000001, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(fcrypt)\x00'}, 0x58)
r5 = syz_open_dev$video(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_G_SELECTION(r5, 0xc040565e, &(0x7f00000002c0)={0xa, 0x1})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000008e97cdaaf284d3f3340cecb6c476e5c4ff62378f3f4ead943b17ea088c344fd000ac362a342b73b0d8f431832fea87f362cc4b47224f7ec933d638588c2ffc1922ab547312a57733d8a041c6308b4447221f26518b9d64c476af7d6cb23c3eb0a0ae5f85a6c4efb606d9175b4948d836e2312d1ef4174ea967bad4b20096cac97602bf39ed93d08003ed08c9f95dba6ac45e0f0f2f6d8eae47439cb9b89bd54b2c33"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)

699.349048ms ago: executing program 0 (id=587):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200))
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r0, 0xc02464bb, &(0x7f0000000240)={0x2, r2, 0x0, 0x0, 0xddffffff})

631.373629ms ago: executing program 0 (id=588):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000000202020005000400000000000900030073797a3000000900010073797a3010000000"], 0x34}, 0x1, 0x40030000000000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000002c0)='rxrpc_client\x00', r0}, 0x10)
r2 = socket$kcm(0x21, 0x2, 0x2)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000140)={0x5, <r3=>0x0}, 0x8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000b80)={@map, 0x26, 0x0, 0x7, &(0x7f0000000240)=[0x0], 0x1, 0x0, &(0x7f0000000ac0)=[0x0], &(0x7f0000000b00)=[0x0, 0x0, 0x0], &(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0], <r4=>0x0}, 0x40)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000bc0)={r0, 0xffffffffffffffff, 0x1e, 0x0, @val=@tcx={@link_id=r3, r4}}, 0x40)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r6=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="300000002e000100000000000000000008000000", @ANYRES32=r6, @ANYBLOB="0b000080976b6b3dd4d630000c00df7f08000000ac141400", @ANYRES16], 0x30}, {&(0x7f00000002c0)={0x7e0, 0x27, 0x400, 0x70bd25, 0x25dfdbfd, "", [@typed={0xc, 0x5a, 0x0, 0x0, @u64=0xb}, @generic="9f5cbda8109e94b4e6ba608c1f346991ca300cc75380e51b391e243ee2b2d0aec1b9a58c7fe70ab608872f96328ce915c9069cfce068a744afe835b3f437744d25d4979a593e23f91fa40db78f3b308eeeefbcb56b9ab884ff340f15094bc22925f827272b3bce151497d61a3e1e414e3d8970a8a9d83055f37cd60f0e41d2c1d82c2797608271de03fac0b1820799bb6f9c5cdfbb1648a5224b73c54538319ca8dd54bb0cc68db51e691e4a756463b29c15d8abd99bbf1f8264ab63f5a9f32aa499145c37b9af", @typed={0x14, 0xd3, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @nested={0x1ea, 0xd3, 0x0, 0x1, [@generic="feca879d8419564e88431a5ed69e905171a59019e7afd263938461f26dde20a9", @generic="eb76ec63e5884315681d93e236cd54fb07affb5f3cf2f9e3c92ed59d3fc7a1e7b3db984e14dcee0b59332d19f7da9df83d7320c10ac6f7ffc7ca1c10aa27073b59f546140a8d60f09cff00926cda8a9a1559a2f8f232b83492d3cf7d7574f1f3108aa3e9ddc726968f7b7d2c490a4064f2c8edb84c18291ea69ea03843e63eeb77541c81d76eab09db68071a26444c8d7156a9a01aa1f50689cabe528f937cf3b4e471a50afa4c24aa928ae51c05536fbd2186147667c1c490eae82f46397f1fead5f1681a534c7b00211f", @generic="4378098ae82e5ae2855d44d8d38150a09283c392e8006d0b9d4f525ec2997e03ac4c1bd454e4e7e2290312c18634ba2aea184f21bc79814c6c399e7d7064b2be9cca9a31de913946c1c6019e621084a5331090649d79dc0a18b1569c63f17bc9a276021c09ff03f3", @generic="2ee7abb22a5e97c7150f16ea5de6ebfea66c1a96442cbcdf4aebae4ed12dbdad44109e2720c044fba279d66284fce84059274f6291ad10174f6c56ba8c88df3c1bfa65360013c79389fa79a161e12fbaa37e09e0889626212b4853f524937fa175c1453e1f64f09a29e6e4d1a98fe5c33e36580b1493b003c9eebc68341f444cd2bdc6b4311aeb45d75fa455c5a54b353893c1"]}, @nested={0x2f4, 0xb9, 0x0, 0x1, [@generic="939d6c3e38bb0cf0c8165122b92393e9caf5c3def689d821320ab47aa30e6b88263322166b6549b8479a7e3edcbe9b21f4d9ac4fc4b317656dacf0054efbb42a14a232071c031d57c463256a5ebaa796b44c5554d4a362f973f1eb581c5f3083f046513ffb1b725888470d4dd731bf381d57ba787f77e773aa6fbed859ddc7158e02101732ccadd13691e795db4026466c7c1bc8f4f602b6c95c67c61615f7661604", @generic="af9d8132a998e1126934f23fd4f8503bb34a05409960a9f9d7b32830e7c3ef1b684052e055142f7fa1082d1fc8ba7a4a3c21d8178add21b892bbaccdfd07a43aa6b3cb838fcaaec0caff07d1f4950cb33290acbd7fe34be9d671d7a89d87a450127abba1e6e407e0aab2a8e6e02ade94e25b2791bd1cdaed7776237c46e977c2682fe31b7f2f5f0c2ef4878e7aa3df37f179c020095e0f28c4ede15b73f89724b61c31b9ba27f1266d1d7392571b3b92053178394ac06a42313cf83746cf18e6bca3d00510403eb6def8af879d936c134fff5a3ab14a200e5d66796207700a9a3bf069bf16a95c55c9417a", @generic="aa48105ee717f757e8343d51abec9f8cac2c9170dec0e20dbe627a077330b97a7a7df5afa17421aa2c10fa15e71c9e6bc0664bca356226855f5066f24a6d5ca3a33a06168e240d12c2748f402f4ee00db51cc413845c14721d7be0e21e3d7a0d1ff3a7fd6d580c6e07cabb2f3507e4bc2896aeac320d9fae9eee67df515f3ec4a8d098656fdf3466867ca1eff1c74bd1c4077ac72dd021a2e01923d0823710f7ec40b02497173ac37b31caf5a8b9a866e9b79796cf86c5549447bc864d7c886fef9008e8560ce532ca89a810b1", @generic="54f69ef5f98e8b6c7a8dd61a06eefa24c6a2bfddd6dbba8be44c21671fe3a9b4fed25d0847f4b9ef27dea97f5a530f5735bdb1a15e16b01cf7570af3551c0632e9ae6668234a3d61b6a3dcd405f741f4604f8f8be3d0ac3a291d93fef8b981f87596f04d38e8826e825dd032323fd716ea374ebe74a420ffde3c187b804c7d74d670e8d74c200ba3ed039ad6adab6aa901ac1f7adde0"]}, @nested={0x1bf, 0x4d, 0x0, 0x1, [@generic="f0ed8170ffad6e0aff35f7dce0b3eccb6e49a876a290", @generic="2edf1010ea46c4f364e52885cf0fba82c51b012952dfb8ad435b73d5d09d7f3fb43293", @typed={0x8, 0xb1, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @generic="2eeb032dc0010ac3893df1ec13743c50f7923bde2a3652c587b7ab6659f204f9974dd771e72ed1a2f8550a19971240a9f69a8688ecef4b1e285053c918eccb8bdbce4ca67bebd9e25a183da14365757e86ad3842c4eedfdea16d0ba7a4e7dfd50b4cc75adb1df35f90f311eaf108164285954ded0cc5964b88e933a27de0c44a943aafe2b02628b77d8b4d7c55a87e924fab19", @generic="cfcfef4378f4d82b5446c24d3716d5931cfe3bbfee823d043ae577b29d305aee7f329d51c11cfe7b86e6c90c75c09c42a615161351ce9a0f68ecfd6ddcc768e6269f0f54d7b6d87568b41df0c737e2e015adaef32acbbe3c55f40d188d5ea7d99161d4b595e9b33f7566d9ab58774bc9c87951f3fd08ffa54a0af26cafacfd58677aa3bea37869b5632d18426300e5a4fe8096a95a8b7f7dc38630a744c4b2975368b93319864b6208e8629f006f3f84861ba4eda5e811d5721908643e3b3684d430ef3f4b072aec75278e86438c3863e3d96d2dd986357a01e6c306708dfc9afbca3b4a7ef536"]}, @typed={0x46, 0x4d, 0x0, 0x0, @binary="d95b8127601f9da391e59f62c786cd2ea844d45f9cd4af56dd03d6244ff21a2ca52e97b5ff5a3e04419866641effcee7fa17a0d002329ff8aa13c74b3cb71b1fc043"}]}, 0x7e0}], 0x2}, 0x0)

551.216646ms ago: executing program 0 (id=589):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x7, 0x0)
setsockopt$bt_l2cap_L2CAP_CONNINFO(r2, 0x6, 0x2, &(0x7f0000000040)={0x1, "7cc1c6"}, 0x6)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000440)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000180)=""/132, 0x84}], 0x1}, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = inotify_init1(0x0)
fcntl$setown(r5, 0x8, 0xffffffffffffffff)
fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
r7 = syz_open_procfs(r6, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r7, 0xc020660b, &(0x7f0000000180)={@id={0x2, 0x6000000, @auto="00f0ffffff0f00002fce2d54fbd909e4"}})
close(r3)
r8 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x4000)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x6, [<r9=>0x0], [0x0, 0x2, 0x5, 0xfffffffe], [0xffffffed, 0xe, 0x10010000, 0x2624], [0x0, 0x9, 0xba10, 0x1]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r3, 0xc06864b8, &(0x7f00000004c0)={0x0, 0xae, 0x8, 0x434, 0x2, [r9], [0xffff6091], [0x0, 0x0, 0x0, 0x7], [0x7fffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc]})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x3})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000140))
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x408000, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000540)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r11, 0x0)

480.75286ms ago: executing program 0 (id=590):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x3a0ffffffff)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = gettid()
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000300)=r1)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000006c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000080)={r2, 0x3, 0x6, @broadcast}, 0x10)
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r4)
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
getsockname$packet(r4, &(0x7f0000000400)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0xebe3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0xa, @remote={0xac, 0x1c}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0xa000000, 0x8, {r5, @empty}}}], 0x20, 0x2000000}}], 0x1, 0x0)

391.355368ms ago: executing program 0 (id=591):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000280)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000200)={0x1f, 0x2, @any, 0x400}, 0xe)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
ftruncate(r1, 0xc17c)
read$FUSE(r0, &(0x7f0000008300)={0x2020}, 0x2020)
write$FUSE_LK(r1, &(0x7f00000002c0)={0x28, 0x0, 0x0, {{0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x28)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xb0000)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x5)
unshare(0xc040400)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r4=>r3, {0x2}}, './file0\x00'})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000000c0)={{{@in=@multicast1, @in6=@mcast2}}, {{@in=@broadcast}, 0x0, @in6=@local}}, &(0x7f00000001c0)=0xe4)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call]}, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
ioctl$KVM_NMI(r7, 0xae9a)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x5, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
fcntl$notify(r4, 0x402, 0x3d)
symlinkat(&(0x7f0000000140)='./file1\x00', r3, &(0x7f0000000180)='./file0\x00')
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000640)={{@my=0x1}, @hyper, 0x0, 0x2925, 0x0, 0x20000000, 0x4})

1.009353ms ago: executing program 3 (id=592):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x7fff8, 0x8, 0x0, 0x1}, 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
syz_io_uring_setup(0x2000094c, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0xfffffffc, 0x3a9}, &(0x7f0000000100), &(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

413.765µs ago: executing program 2 (id=593):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r1 = getpid()
r2 = getpid()
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000540)="005ccb94032f063723365368ba6242533ca8b7123af7b4eb6d287b4850eef9659d7f1813ba29675a5fca69f7132cd06f67964ba05a5a2bdbfb562b3c31be9f11881b15de8ea70736d55525464a4574a2270a942b09282cee602a708505892e85c8f24606cb9b990b9383c89a9063e135d3ea84a0a770fb4e862dc4a2b4e47680039e426567eb3f51767f18dd59124e66b09967", 0x1, 0x44, 0x0, 0x52)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, 0x0, 0x0)
sendmmsg$inet(r3, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000680)='I', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001980)}], 0x1}}], 0x2, 0x4008095)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
io_setup(0x9, &(0x7f00000002c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, r1)
capset(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)={0x0, 0x4})
setrlimit(0x8, &(0x7f00000003c0)={0x3})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000480)="1f395fad157e8a6d4dd84df94192e5984429a27898360f7cf2b138d29e4bbdf85fb0b573977d0d4598ab379a69fbe82f3d18fc1e2fb9a7c6f5a031c217be946bcce35537caea3c366ecf7a624fd80eced97235af4ad8c82b8cf4f483c4bce5a127a55cb4fce85af3ccb30a608a39777446968117dd35cda835aa3c10f60b3204e9", 0x81)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r8, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r5, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r7, 0x0, <r9=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r5, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32315d})
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)=""/117, &(0x7f0000000100)=0x75)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

0s ago: executing program 0 (id=594):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002400)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007500000000000000c40000000000000095"], &(0x7f0000000100)='GPL\x00'}, 0x90)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x7f)
write$binfmt_script(r0, &(0x7f0000000680)={'#! ', './file1', [{}]}, 0xc)
ioctl$UI_SET_PHYS(0xffffffffffffffff, 0x4008556c, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEYRING(r2, 0x110, 0x2, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000001640)={0x8, 0x0, &(0x7f0000001500)=[@register_looper, @enter_looper], 0x0, 0x0, 0x0})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f00000001c0)={0x28, 0x5, 0x0, 0x0, 0x9, 0xde25, 0xfffffffffffffffd})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40042, 0x1fe)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000002"], &(0x7f0000000000)='GPL\x00', 0x1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002c80)={0x18, 0x39, 0x107, 0x0, 0x0, {0x2, 0x7c}, [@generic="9d"]}, 0x18}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000beae000c0000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x46}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
prlimit64(0x0, 0x7, &(0x7f00000003c0)={0x2}, 0x0)
ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000200)={0x4})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)

kernel console output (not intermixed with test programs):

with an up link
[   58.303874][ T5344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.341621][ T5349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.394104][ T5341] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.397318][ T5341] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.400375][ T5341] bridge_slave_0: entered allmulticast mode
[   58.404541][ T5341] bridge_slave_0: entered promiscuous mode
[   58.414195][ T5344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.448284][ T5341] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.451526][ T5341] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.455118][ T5341] bridge_slave_1: entered allmulticast mode
[   58.459141][ T5341] bridge_slave_1: entered promiscuous mode
[   58.518667][ T5349] team0: Port device team_slave_0 added
[   58.590657][ T5344] team0: Port device team_slave_0 added
[   58.614648][ T5349] team0: Port device team_slave_1 added
[   58.619054][ T5341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.626305][ T5344] team0: Port device team_slave_1 added
[   58.673049][ T5341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.716614][ T5345] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.719673][ T5345] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.722524][ T5345] bridge_slave_0: entered allmulticast mode
[   58.725361][ T5345] bridge_slave_0: entered promiscuous mode
[   58.775609][ T5344] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.778713][ T5344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.790434][ T5344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.806999][ T5345] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.810015][ T5345] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.813594][ T5345] bridge_slave_1: entered allmulticast mode
[   58.817262][ T5345] bridge_slave_1: entered promiscuous mode
[   58.820316][ T5349] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.823279][ T5349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.833411][ T5349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.840300][ T5349] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.844744][ T5349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.853761][ T5349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.876707][ T5344] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.879385][ T5344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.888835][ T5344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.940348][ T5341] team0: Port device team_slave_0 added
[   58.947265][ T5341] team0: Port device team_slave_1 added
[   58.996716][ T5345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.001967][ T5345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.023250][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.025637][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.035556][ T5341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.129112][ T5345] team0: Port device team_slave_0 added
[   59.132910][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.136036][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.147619][ T5341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.154989][ T5344] hsr_slave_0: entered promiscuous mode
[   59.157511][ T5344] hsr_slave_1: entered promiscuous mode
[   59.181030][ T5345] team0: Port device team_slave_1 added
[   59.213028][ T5349] hsr_slave_0: entered promiscuous mode
[   59.215682][ T5349] hsr_slave_1: entered promiscuous mode
[   59.217930][ T5349] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   59.220727][ T5349] Cannot create hsr debugfs directory
[   59.295649][ T5345] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.298406][ T5345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.308313][ T5345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.315482][ T5345] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.318506][ T5345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.329334][ T5345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.443471][ T5357] Bluetooth: hci3: command tx timeout
[   59.444130][   T66] Bluetooth: hci2: command tx timeout
[   59.466601][ T5341] hsr_slave_0: entered promiscuous mode
[   59.469736][ T5341] hsr_slave_1: entered promiscuous mode
[   59.472120][ T5341] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   59.475445][ T5341] Cannot create hsr debugfs directory
[   59.522798][   T66] Bluetooth: hci0: command tx timeout
[   59.522827][ T5357] Bluetooth: hci1: command tx timeout
[   59.545239][ T5345] hsr_slave_0: entered promiscuous mode
[   59.547980][ T5345] hsr_slave_1: entered promiscuous mode
[   59.550297][ T5345] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   59.554886][ T5345] Cannot create hsr debugfs directory
[   59.903010][ T5349] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   59.913231][ T5349] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   59.917776][ T5349] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   59.923805][ T5349] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   59.973200][ T5341] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   59.980495][ T5341] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   59.987912][ T5341] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   59.996897][ T5341] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   60.053939][ T5344] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   60.060645][ T5344] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   60.070522][ T5344] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   60.077506][ T5344] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   60.136729][ T5345] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   60.149119][ T5345] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   60.155086][ T5345] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   60.160331][ T5345] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   60.270590][ T5349] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.279819][ T5341] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.289641][ T5344] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.312045][ T5349] 8021q: adding VLAN 0 to HW filter on device team0
[   60.325890][ T5341] 8021q: adding VLAN 0 to HW filter on device team0
[   60.340067][ T5344] 8021q: adding VLAN 0 to HW filter on device team0
[   60.351164][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.354376][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.360158][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.362733][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.368183][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.370688][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.391174][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.393659][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.400956][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.403922][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.422391][ T5341] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   60.426403][ T5341] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   60.453016][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.456280][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.528066][ T5345] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.548337][ T5344] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   60.574514][ T5345] 8021q: adding VLAN 0 to HW filter on device team0
[   60.589152][ T5384] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.592366][ T5384] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.598258][ T5384] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.601369][ T5384] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.631726][ T5341] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.696134][ T5341] veth0_vlan: entered promiscuous mode
[   60.712183][ T5341] veth1_vlan: entered promiscuous mode
[   60.737772][ T5344] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.745687][ T5349] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.781985][ T5341] veth0_macvtap: entered promiscuous mode
[   60.795434][ T5341] veth1_macvtap: entered promiscuous mode
[   60.824662][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_0
[   60.838003][ T5349] veth0_vlan: entered promiscuous mode
[   60.844522][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_1
[   60.872800][ T5344] veth0_vlan: entered promiscuous mode
[   60.876409][ T5341] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   60.880349][ T5341] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   60.885943][ T5341] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   60.889549][ T5341] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   60.905207][ T5349] veth1_vlan: entered promiscuous mode
[   60.926879][ T5345] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.933499][ T5344] veth1_vlan: entered promiscuous mode
[   60.971883][ T5349] veth0_macvtap: entered promiscuous mode
[   60.998871][ T5349] veth1_macvtap: entered promiscuous mode
[   61.004091][ T1111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.007914][ T1111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.039140][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.043917][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.049107][ T5349] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.057531][ T5344] veth0_macvtap: entered promiscuous mode
[   61.067783][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.071357][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.085641][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.090288][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.097373][ T5349] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.107098][ T5349] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.110862][ T5349] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.115285][ T5349] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.119092][ T5349] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.129184][ T5344] veth1_macvtap: entered promiscuous mode
[   61.152517][ T5345] veth0_vlan: entered promiscuous mode
[   61.164177][ T5344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.172635][ T5344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.176979][ T5344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.181429][ T5344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.201675][ T5344] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.206209][ T5345] veth1_vlan: entered promiscuous mode
[   61.224707][ T5344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.230131][ T5344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.234742][ T5344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.238882][ T5344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.245508][ T5344] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.268401][ T5408] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   61.271373][ T5344] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.277396][ T5344] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.281009][ T5344] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.285335][ T5344] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.314625][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.318086][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.369122][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.375957][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.383705][ T5345] veth0_macvtap: entered promiscuous mode
[   61.390018][ T5345] veth1_macvtap: entered promiscuous mode
[   61.417568][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.422135][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.427615][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.432045][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.443104][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.447727][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.456387][ T5345] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.463774][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.467610][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.471653][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.477342][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.481289][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.486039][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.492267][ T5345] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.515932][ T5345] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.520386][ T5345] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.524899][ T5345] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.525089][ T5357] Bluetooth: hci3: command tx timeout
[   61.528680][ T5345] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.531398][ T5357] Bluetooth: hci2: command tx timeout
[   61.564318][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.569782][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.608611][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.612361][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.612786][   T66] Bluetooth: hci0: command tx timeout
[   61.616245][ T5357] Bluetooth: hci1: command tx timeout
[   61.635120][   T39] kauditd_printk_skb: 29 callbacks suppressed
[   61.635132][   T39] audit: type=1400 audit(1722591593.674:144): avc:  denied  { create } for  pid=5411 comm="syz.0.1" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   61.645902][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.649673][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.652631][   T39] audit: type=1400 audit(1722591593.684:145): avc:  denied  { ioctl } for  pid=5411 comm="syz.0.1" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=6422 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   61.664484][   T39] audit: type=1400 audit(1722591593.704:146): avc:  denied  { create } for  pid=5411 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   61.669736][ T5412] Zero length message leads to an empty skb
[   61.672762][   T39] audit: type=1400 audit(1722591593.704:147): avc:  denied  { create } for  pid=5411 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   61.687320][   T39] audit: type=1400 audit(1722591593.704:148): avc:  denied  { write } for  pid=5411 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   61.700909][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.706152][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.709111][   T39] audit: type=1400 audit(1722591593.744:149): avc:  denied  { create } for  pid=5411 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   61.730679][   T39] audit: type=1400 audit(1722591593.764:150): avc:  denied  { create } for  pid=5411 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   61.763605][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   61.766987][ T5414] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   61.775757][   T39] audit: type=1400 audit(1722591593.814:151): avc:  denied  { ioctl } for  pid=5413 comm="syz.3.4" path="socket:[7647]" dev="sockfs" ino=7647 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   61.785827][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   61.804629][   T39] audit: type=1400 audit(1722591593.844:152): avc:  denied  { map } for  pid=5411 comm="syz.0.1" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=9506 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   61.823092][   T39] audit: type=1400 audit(1722591593.844:153): avc:  denied  { read write } for  pid=5411 comm="syz.0.1" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=9506 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   61.976246][ T5420] trusted_key: syz.1.2 sent an empty control message without MSG_MORE.
[   62.255755][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   62.292856][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   62.463025][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   62.503496][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   62.679669][ T5430] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9'.
[   63.571183][ T5440] netlink: 'syz.1.10': attribute type 1 has an invalid length.
[   63.583258][ T5440] netlink: 'syz.1.10': attribute type 1 has an invalid length.
[   63.593457][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   63.603578][ T5357] Bluetooth: hci2: command tx timeout
[   63.603604][   T66] Bluetooth: hci3: command tx timeout
[   63.680081][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   63.682801][   T66] Bluetooth: hci0: command tx timeout
[   63.684120][ T5357] Bluetooth: hci1: command tx timeout
[   63.922025][ T5454] syz.0.14 uses obsolete (PF_INET,SOCK_PACKET)
[   64.422648][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   64.601631][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   65.641173][ T5486] 9pnet_fd: p9_fd_create_tcp (5486): problem connecting socket to 127.0.0.1
[   65.682887][   T66] Bluetooth: hci3: command tx timeout
[   65.682927][ T5357] Bluetooth: hci2: command tx timeout
[   65.782894][ T5357] Bluetooth: hci1: command tx timeout
[   65.782913][   T66] Bluetooth: hci0: command tx timeout
[   66.780169][   T39] kauditd_printk_skb: 48 callbacks suppressed
[   66.780184][   T39] audit: type=1400 audit(1722591598.814:202): avc:  denied  { read } for  pid=5503 comm="syz.1.30" name="loop-control" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   66.845408][   T39] audit: type=1400 audit(1722591598.814:203): avc:  denied  { open } for  pid=5503 comm="syz.1.30" path="/dev/loop-control" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   66.867188][   T39] audit: type=1400 audit(1722591598.824:204): avc:  denied  { ioctl } for  pid=5503 comm="syz.1.30" path="/dev/loop-control" dev="devtmpfs" ino=659 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   66.882247][   T39] audit: type=1400 audit(1722591598.834:205): avc:  denied  { setopt } for  pid=5503 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   66.892782][   T39] audit: type=1400 audit(1722591598.864:206): avc:  denied  { ioctl } for  pid=5503 comm="syz.1.30" path="socket:[8648]" dev="sockfs" ino=8648 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   66.960067][   T39] audit: type=1400 audit(1722591598.994:207): avc:  denied  { getopt } for  pid=5505 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   66.985939][   T39] audit: type=1400 audit(1722591598.994:208): avc:  denied  { setopt } for  pid=5505 comm="syz.0.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   67.116226][   T39] audit: type=1326 audit(1722591599.144:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.0.33" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c84b773b9 code=0x0
[   67.259072][ T5517] netlink: 36 bytes leftover after parsing attributes in process `syz.3.36'.
[   67.314822][   T39] audit: type=1400 audit(1722591599.354:210): avc:  denied  { bind } for  pid=5516 comm="syz.3.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   67.333446][   T39] audit: type=1400 audit(1722591599.374:211): avc:  denied  { write } for  pid=5516 comm="syz.3.36" path="socket:[6574]" dev="sockfs" ino=6574 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   67.374210][ T5525] capability: warning: `syz.2.35' uses 32-bit capabilities (legacy support in use)
[   67.515568][    C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   67.698685][ T5534] 9pnet_fd: p9_fd_create_tcp (5534): problem connecting socket to 127.0.0.1
[   69.012400][ T5558] team0: Port device virt_wifi0 added
[   69.809992][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   70.083589][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   70.261590][ T5592] team0: Port device virt_wifi0 added
[   71.286439][ T5611] syzkaller1: entered promiscuous mode
[   71.288816][ T5611] syzkaller1: entered allmulticast mode
[   71.298629][ T5611] netlink: 20 bytes leftover after parsing attributes in process `syz.1.60'.
[   71.592909][    T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   71.792700][    T9] usb 8-1: Using ep0 maxpacket: 32
[   71.799244][    T9] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   71.808612][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   71.825770][    T9] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   71.835427][ T5620] netlink: 20 bytes leftover after parsing attributes in process `syz.0.63'.
[   71.838987][    T9] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   71.842393][    T9] usb 8-1: Product: syz
[   71.845200][ T5620] overlay: ./file0 is not a directory
[   71.847927][    T9] usb 8-1: Manufacturer: syz
[   71.849637][    T9] usb 8-1: SerialNumber: syz
[   71.858013][    T9] usb 8-1: config 0 descriptor??
[   72.044591][   T39] kauditd_printk_skb: 86 callbacks suppressed
[   72.044601][   T39] audit: type=1400 audit(1722591604.084:298): avc:  denied  { read } for  pid=5626 comm="syz.0.64" name="binder-control" dev="binder" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   72.049118][ T5627] FAULT_INJECTION: forcing a failure.
[   72.049118][ T5627] name failslab, interval 1, probability 0, space 0, times 1
[   72.058217][   T39] audit: type=1400 audit(1722591604.084:299): avc:  denied  { open } for  pid=5626 comm="syz.0.64" path="/dev/binderfs/binder-control" dev="binder" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   72.063718][ T5627] CPU: 2 UID: 0 PID: 5627 Comm: syz.0.64 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[   72.074865][   T39] audit: type=1400 audit(1722591604.084:300): avc:  denied  { ioctl } for  pid=5626 comm="syz.0.64" path="/dev/binderfs/binder-control" dev="binder" ino=2 ioctlcmd=0xae46 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   72.078632][ T5627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.078648][ T5627] Call Trace:
[   72.078656][ T5627]  <TASK>
[   72.078664][ T5627]  dump_stack_lvl+0x16c/0x1f0
[   72.078713][ T5627]  should_fail_ex+0x497/0x5b0
[   72.078745][ T5627]  ? fs_reclaim_acquire+0xae/0x160
[   72.078765][ T5627]  should_failslab+0xc2/0x120
[   72.078787][ T5627]  __kmalloc_noprof+0xcb/0x400
[   72.078808][ T5627]  ? d_absolute_path+0x137/0x1b0
[   72.078828][ T5627]  tomoyo_encode2+0x100/0x3e0
[   72.078855][ T5627]  tomoyo_encode+0x29/0x50
[   72.078879][ T5627]  tomoyo_realpath_from_path+0x19d/0x720
[   72.078912][ T5627]  tomoyo_path_number_perm+0x245/0x590
[   72.078934][ T5627]  ? tomoyo_path_number_perm+0x232/0x590
[   72.078957][ T5627]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   72.078986][ T5627]  ? __fget_files+0x256/0x400
[   72.079013][ T5627]  security_file_ioctl+0x75/0xc0
[   72.079039][ T5627]  __x64_sys_ioctl+0xbb/0x220
[   72.093029][    T9] usb 8-1: USB disconnect, device number 2
[   72.094475][ T5627]  do_syscall_64+0xcd/0x250
[   72.094505][ T5627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.094529][ T5627] RIP: 0033:0x7f1c84b76fbb
[   72.094543][ T5627] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[   72.147666][ T5627] RSP: 002b:00007f1c8589c4a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   72.151199][ T5627] RAX: ffffffffffffffda RBX: 00007f1c8589cbf0 RCX: 00007f1c84b76fbb
[   72.154683][ T5627] RDX: 00007f1c8589cbf0 RSI: 000000004020ae46 RDI: 0000000000000006
[   72.158155][ T5627] RBP: 0000000000000006 R08: 0000000000000001 R09: 0000000000000000
[   72.161656][ T5627] R10: 0000000000000006 R11: 0000000000000246 R12: 000000000000000b
[   72.165177][ T5627] R13: 0000000020ff1000 R14: 0000000020fe6000 R15: 00000000fec00000
[   72.168153][ T5627]  </TASK>
[   72.171575][ T5627] ERROR: Out of memory at tomoyo_realpath_from_path.
[   72.446189][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   72.962225][   T39] audit: type=1400 audit(1722591604.994:301): avc:  denied  { open } for  pid=5644 comm="syz.1.69" path="/dev/ptyq7" dev="devtmpfs" ino=136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[   74.772576][    C1] sched: RT throttling activated
[   76.010896][   T39] audit: type=1400 audit(1722591608.044:302): avc:  denied  { write } for  pid=5661 comm="syz.3.73" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   76.033404][   T39] audit: type=1400 audit(1722591608.044:303): avc:  denied  { read write } for  pid=5661 comm="syz.3.73" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   76.061971][   T39] audit: type=1400 audit(1722591608.044:304): avc:  denied  { open } for  pid=5661 comm="syz.3.73" path="/dev/sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   76.167391][   T39] audit: type=1400 audit(1722591608.204:305): avc:  denied  { write } for  pid=5661 comm="syz.3.73" name="fib_trie" dev="proc" ino=4026533049 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   76.325127][   T39] audit: type=1400 audit(1722591608.364:306): avc:  denied  { write } for  pid=5669 comm="syz.2.75" name="001" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   76.373565][   T39] audit: type=1400 audit(1722591608.364:307): avc:  denied  { setattr } for  pid=5669 comm="syz.2.75" name="RAW" dev="sockfs" ino=8808 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   76.402361][ T5671] syzkaller1: entered promiscuous mode
[   76.405892][ T5671] syzkaller1: entered allmulticast mode
[   76.460258][ T5671] netlink: 20 bytes leftover after parsing attributes in process `syz.0.74'.
[   76.969727][ T1381] ieee802154 phy0 wpan0: encryption failed: -22
[   77.034566][ T1381] ieee802154 phy1 wpan1: encryption failed: -22
[   77.408172][   T39] kauditd_printk_skb: 1 callbacks suppressed
[   77.408187][   T39] audit: type=1400 audit(1722591609.444:309): avc:  denied  { read write } for  pid=5685 comm="syz.1.80" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   77.422104][   T39] audit: type=1400 audit(1722591609.444:310): avc:  denied  { open } for  pid=5685 comm="syz.1.80" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   77.459575][   T39] audit: type=1400 audit(1722591609.494:311): avc:  denied  { write } for  pid=5689 comm="syz.2.81" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   77.587435][ T5687] could not allocate digest TFM handle tgr160
[   77.664687][   T39] audit: type=1400 audit(1722591609.694:312): avc:  denied  { create } for  pid=5689 comm="syz.2.81" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   77.666269][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   77.684995][   T39] audit: type=1400 audit(1722591609.694:313): avc:  denied  { ioctl } for  pid=5689 comm="syz.2.81" path="socket:[9756]" dev="sockfs" ino=9756 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   77.695577][   T39] audit: type=1326 audit(1722591609.724:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5689 comm="syz.2.81" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f59771773b9 code=0x0
[   78.351100][   T39] audit: type=1400 audit(1722591610.384:315): avc:  denied  { mounton } for  pid=5706 comm="syz.2.85" path="/22/bus" dev="tmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   78.360886][   T39] audit: type=1400 audit(1722591610.394:316): avc:  denied  { unlink } for  pid=5706 comm="syz.2.85" name="#1" dev="tmpfs" ino=144 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   78.370547][   T39] audit: type=1400 audit(1722591610.394:317): avc:  denied  { mount } for  pid=5706 comm="syz.2.85" name="/" dev="overlay" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   78.502319][   T39] audit: type=1400 audit(1722591610.534:318): avc:  denied  { unmount } for  pid=5341 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   78.608600][ T5710] Bluetooth: MGMT ver 1.23
[   78.611071][ T5710] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes
[   78.705813][ T5713] overlay: ./file0 is not a directory
[   78.891780][ T5723] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   79.219881][ T5727] Invalid ELF header len 18
[   80.122043][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   80.775117][ T5752] overlay: ./file0 is not a directory
[   81.456575][ T5767] team0: Port device virt_wifi0 added
[   82.118631][   T57] cfg80211: failed to load regulatory.db
[   82.413748][ T5790] netlink: 16 bytes leftover after parsing attributes in process `syz.3.110'.
[   82.487471][   T39] kauditd_printk_skb: 24 callbacks suppressed
[   82.487486][   T39] audit: type=1400 audit(1722591614.524:343): avc:  denied  { create } for  pid=5789 comm="syz.3.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   82.500397][   T39] audit: type=1400 audit(1722591614.534:344): avc:  denied  { bind } for  pid=5789 comm="syz.3.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   83.363152][  T984] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   83.556209][  T984] usb 6-1: config 0 has no interfaces?
[   83.564201][  T984] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   83.572815][  T984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   83.576562][  T984] usb 6-1: SerialNumber: syz
[   83.591333][  T984] usb 6-1: config 0 descriptor??
[   83.806317][   T39] audit: type=1400 audit(1722591615.844:345): avc:  denied  { execute } for  pid=5796 comm="syz.1.112" path="/27/cgroup.stat" dev="tmpfs" ino=164 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   83.811453][ T5384] usb 6-1: USB disconnect, device number 2
[   84.454838][   T39] audit: type=1400 audit(1722591616.494:346): avc:  denied  { read } for  pid=5813 comm="syz.1.117" name="ppp" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   84.466018][   T39] audit: type=1400 audit(1722591616.494:347): avc:  denied  { open } for  pid=5813 comm="syz.1.117" path="/dev/ppp" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   84.477748][   T39] audit: type=1400 audit(1722591616.494:348): avc:  denied  { ioctl } for  pid=5813 comm="syz.1.117" path="/dev/ppp" dev="devtmpfs" ino=716 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   84.520056][ T5816] netlink: 4 bytes leftover after parsing attributes in process `syz.1.117'.
[   84.567054][   T39] audit: type=1400 audit(1722591616.604:349): avc:  denied  { setopt } for  pid=5813 comm="syz.1.117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   84.909549][   T39] audit: type=1400 audit(1722591616.944:350): avc:  denied  { write } for  pid=5822 comm="syz.1.119" path="/dev/vhci" dev="devtmpfs" ino=1107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   85.050878][   T39] audit: type=1326 audit(1722591617.084:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5825 comm="syz.0.120" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c84b773b9 code=0x0
[   85.983039][   T39] audit: type=1400 audit(1722591618.014:352): avc:  denied  { bind } for  pid=5839 comm="syz.2.124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   86.186513][    T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   86.428140][    T9] usb 5-1: config 0 has no interfaces?
[   86.437377][    T9] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   86.443628][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   86.447095][    T9] usb 5-1: SerialNumber: syz
[   86.454533][    T9] usb 5-1: config 0 descriptor??
[   86.563157][   T35] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   86.676782][    T9] usb 5-1: USB disconnect, device number 2
[   86.752658][   T35] usb 7-1: Using ep0 maxpacket: 8
[   86.758636][   T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   86.763566][   T35] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   86.767442][   T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.781055][   T35] usb 7-1: config 0 descriptor??
[   87.040297][   T35] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   87.416737][ T5864] Invalid ELF header len 18
[   87.470377][    C0] vkms_vblank_simulate: vblank timer overrun
[   88.088419][ T5871] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[   88.907300][   T39] kauditd_printk_skb: 4 callbacks suppressed
[   88.907314][   T39] audit: type=1400 audit(1722591620.944:357): avc:  denied  { mount } for  pid=5879 comm="syz.3.136" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   89.021674][   T39] audit: type=1400 audit(1722591621.054:358): avc:  denied  { unmount } for  pid=5344 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   89.077571][    C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   89.286992][   T25] usb 7-1: USB disconnect, device number 2
[   89.296619][   T25] iowarrior 7-1:0.0: I/O-Warror #0 now disconnected
[   89.463589][ T5891] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   90.664583][   T39] audit: type=1400 audit(1722591622.704:359): avc:  denied  { ioctl } for  pid=5908 comm="syz.1.144" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=9957 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   91.491808][ T5930] process 'syz.3.149' launched './file1' with NULL argv: empty string added
[   91.503061][   T39] audit: type=1400 audit(1722591623.534:360): avc:  denied  { create } for  pid=5927 comm="syz.3.149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   92.376248][   T39] audit: type=1400 audit(1722591624.414:361): avc:  denied  { setopt } for  pid=5936 comm="syz.2.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   92.402833][   T39] audit: type=1400 audit(1722591624.434:362): avc:  denied  { map } for  pid=5936 comm="syz.2.151" path="socket:[11358]" dev="sockfs" ino=11358 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   92.417819][   T39] audit: type=1400 audit(1722591624.444:363): avc:  denied  { read write } for  pid=5936 comm="syz.2.151" path="socket:[11358]" dev="sockfs" ino=11358 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   92.444040][ T5937] netlink: 'syz.2.151': attribute type 7 has an invalid length.
[   92.447465][ T5937] netlink: 36 bytes leftover after parsing attributes in process `syz.2.151'.
[   93.465270][ T5955] team0: Device ipvlan0 failed to register rx_handler
[   93.491250][ T5955] syz.2.156 (5955): attempted to duplicate a private mapping with mremap.  This is not supported.
[   93.940846][ T5964] netlink: 20 bytes leftover after parsing attributes in process `syz.2.158'.
[   93.946364][ T5964] netlink: 20 bytes leftover after parsing attributes in process `syz.2.158'.
[   93.963112][ T5964] overlay: ./file0 is not a directory
[   94.063043][   T35] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   94.145863][   T39] audit: type=1400 audit(1722591626.184:364): avc:  denied  { create } for  pid=5968 comm="syz.2.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   94.154749][   T39] audit: type=1400 audit(1722591626.184:365): avc:  denied  { getopt } for  pid=5968 comm="syz.2.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   94.202249][   T39] audit: type=1400 audit(1722591626.234:366): avc:  denied  { getopt } for  pid=5968 comm="syz.2.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   94.263106][   T35] usb 8-1: Using ep0 maxpacket: 16
[   94.278075][   T35] usb 8-1: config 1 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   94.292973][   T35] usb 8-1: config 1 interface 0 has no altsetting 0
[   94.300346][   T35] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   94.311728][   T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.315431][   T35] usb 8-1: Product: 嘖༖箔㊆윹〶ꬮ都沃돝駱鱄욥獄ﲜ卂˩霣౓븞࢚䣅銰ꚥ㘷ᚺ뾖í鬳郠쑖㚓恡堅鷔坉岶混畦袼㫓둖孮⧞쾱㏄ᛲ浳콣ដ巽⮸䌧팃횴㙑揑䰹䅊팕螫︱⻩᮸﵈濣
[   94.325347][   T35] usb 8-1: Manufacturer: 岋曂麍졕ⱄ䃂Ắᗦ䒭望欬駍٪ꮋ蒗꾅￀ⶨꂃ⯇｠ᘊ뙆㈑ﷴ砱슰햽꛿馨塻킡孂ᰉ鮇㥢퉭ꝃᎮⵣ岋덒⠅僀ퟱᝢᙐힲ꿲䯆㍱곅頳Ѯ渚璼婥捞뽡䷲瑃홃샹珫ͷ㱞ៅ뚐⶗✛㟪笨㥆䀊ᢈ潐烹
[   94.336372][   T35] usb 8-1: SerialNumber: 
[   94.369575][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   94.530643][   T39] audit: type=1400 audit(1722591626.564:367): avc:  denied  { create } for  pid=5981 comm="syz.2.163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   94.558691][   T39] audit: type=1400 audit(1722591626.564:368): avc:  denied  { read } for  pid=5981 comm="syz.2.163" path="socket:[11472]" dev="sockfs" ino=11472 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   94.586441][   T35] usb 8-1: USB disconnect, device number 3
[   95.122113][ T6000] netlink: 20 bytes leftover after parsing attributes in process `syz.2.168'.
[   95.126154][ T6000] netlink: 20 bytes leftover after parsing attributes in process `syz.2.168'.
[   95.130661][ T6000] overlay: ./file0 is not a directory
[   95.149438][ T6003] FAULT_INJECTION: forcing a failure.
[   95.149438][ T6003] name failslab, interval 1, probability 0, space 0, times 0
[   95.156243][ T6003] CPU: 0 UID: 0 PID: 6003 Comm: syz.3.169 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[   95.160938][ T6003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.166015][ T6003] Call Trace:
[   95.167463][ T6003]  <TASK>
[   95.168757][ T6003]  dump_stack_lvl+0x16c/0x1f0
[   95.171219][ T6003]  should_fail_ex+0x497/0x5b0
[   95.173241][ T6003]  should_failslab+0xc2/0x120
[   95.175296][ T6003]  kmem_cache_alloc_noprof+0x6e/0x2f0
[   95.178210][ T6003]  ? skb_clone+0x190/0x3f0
[   95.180119][ T6003]  skb_clone+0x190/0x3f0
[   95.181897][ T6003]  netlink_deliver_tap+0xab3/0xd90
[   95.184094][ T6003]  netlink_unicast+0x606/0x830
[   95.186217][ T6003]  ? __pfx_netlink_unicast+0x10/0x10
[   95.189112][ T6003]  netlink_sendmsg+0x8b8/0xd70
[   95.191681][ T6003]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.194250][ T6003]  ? __import_iovec+0x1fd/0x6e0
[   95.196579][ T6003]  ____sys_sendmsg+0xab5/0xc90
[   95.198993][ T6003]  ? copy_msghdr_from_user+0x10b/0x160
[   95.201780][ T6003]  ? __pfx_____sys_sendmsg+0x10/0x10
[   95.204328][ T6003]  ? find_held_lock+0x2d/0x110
[   95.206423][ T6003]  ? __pfx___lock_acquire+0x10/0x10
[   95.208744][ T6003]  ___sys_sendmsg+0x135/0x1e0
[   95.210784][ T6003]  ? __pfx____sys_sendmsg+0x10/0x10
[   95.212948][ T6003]  ? ksys_write+0x21c/0x260
[   95.214816][ T6003]  ? __fget_light+0x173/0x210
[   95.216622][ T6003]  __sys_sendmsg+0x117/0x1f0
[   95.218451][ T6003]  ? __pfx___sys_sendmsg+0x10/0x10
[   95.220386][ T6003]  do_syscall_64+0xcd/0x250
[   95.222133][ T6003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.224809][ T6003] RIP: 0033:0x7f6f663773b9
[   95.226536][ T6003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.235302][ T6003] RSP: 002b:00007f6f67069048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.239079][ T6003] RAX: ffffffffffffffda RBX: 00007f6f66505f80 RCX: 00007f6f663773b9
[   95.242466][ T6003] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005
[   95.245675][ T6003] RBP: 00007f6f670690a0 R08: 0000000000000000 R09: 0000000000000000
[   95.249046][ T6003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.252147][ T6003] R13: 000000000000000b R14: 00007f6f66505f80 R15: 00007ffe3e7b8af8
[   95.255246][ T6003]  </TASK>
[   95.260735][ T6003] netlink: 'syz.3.169': attribute type 7 has an invalid length.
[   95.264326][ T6003] netlink: 36 bytes leftover after parsing attributes in process `syz.3.169'.
[   95.451640][   T39] audit: type=1326 audit(1722591627.484:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6004 comm="syz.3.170" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f663773b9 code=0x0
[   95.808878][    C3] vkms_vblank_simulate: vblank timer overrun
[   96.115004][   T39] audit: type=1400 audit(1722591628.154:370): avc:  denied  { read } for  pid=6031 comm="syz.2.177" name="fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   96.125828][   T39] audit: type=1400 audit(1722591628.154:371): avc:  denied  { open } for  pid=6031 comm="syz.2.177" path="/dev/fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   96.125873][   T39] audit: type=1400 audit(1722591628.154:372): avc:  denied  { ioctl } for  pid=6031 comm="syz.2.177" path="/dev/fb0" dev="devtmpfs" ino=639 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   96.252748][ T6036] netlink: 'syz.3.178': attribute type 4 has an invalid length.
[   96.317296][ T6035] netlink: 20 bytes leftover after parsing attributes in process `syz.2.179'.
[   96.321578][ T6035] netlink: 20 bytes leftover after parsing attributes in process `syz.2.179'.
[   96.330141][ T6035] overlay: ./file0 is not a directory
[   96.379824][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   96.470190][ T6051] netlink: 8 bytes leftover after parsing attributes in process `syz.2.183'.
[   96.613624][   T39] audit: type=1400 audit(1722591628.644:373): avc:  denied  { mount } for  pid=6050 comm="syz.2.183" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   96.865252][   T57] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   97.095362][   T57] usb 8-1: Using ep0 maxpacket: 8
[   97.100604][   T57] usb 8-1: unable to get BOS descriptor or descriptor too short
[   97.105593][   T57] usb 8-1: unable to read config index 0 descriptor/start: -61
[   97.108729][   T57] usb 8-1: can't read configurations, error -61
[   97.272984][   T57] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   97.358329][ T6068] FAULT_INJECTION: forcing a failure.
[   97.358329][ T6068] name failslab, interval 1, probability 0, space 0, times 0
[   97.364856][ T6068] CPU: 1 UID: 0 PID: 6068 Comm: syz.2.188 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[   97.369931][ T6068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.375667][ T6068] Call Trace:
[   97.387127][ T6068]  <TASK>
[   97.388458][ T6068]  dump_stack_lvl+0x16c/0x1f0
[   97.390657][ T6068]  should_fail_ex+0x497/0x5b0
[   97.393297][ T6068]  ? fs_reclaim_acquire+0xae/0x160
[   97.395911][ T6068]  should_failslab+0xc2/0x120
[   97.398000][ T6068]  __kmalloc_noprof+0xcb/0x400
[   97.400258][ T6068]  ? __pfx_lock_acquire+0x10/0x10
[   97.402459][ T6068]  tomoyo_realpath_from_path+0xb9/0x720
[   97.404817][ T6068]  ? tomoyo_profile+0x47/0x60
[   97.406815][ T6068]  tomoyo_path_number_perm+0x245/0x590
[   97.409113][ T6068]  ? tomoyo_path_number_perm+0x232/0x590
[   97.411465][ T6068]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   97.413846][ T6068]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   97.416035][ T6068]  ? __fget_files+0x256/0x400
[   97.417919][ T6068]  security_file_ioctl+0x75/0xc0
[   97.420066][ T6068]  __x64_sys_ioctl+0xbb/0x220
[   97.422175][ T6068]  do_syscall_64+0xcd/0x250
[   97.424217][ T6068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.426738][ T6068] RIP: 0033:0x7f59771773b9
[   97.428639][ T6068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.437285][ T6068] RSP: 002b:00007f5977ffd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.441054][ T6068] RAX: ffffffffffffffda RBX: 00007f5977305f80 RCX: 00007f59771773b9
[   97.444605][ T6068] RDX: 0000000000000000 RSI: 000000000000b101 RDI: 0000000000000003
[   97.447552][ T6068] RBP: 00007f5977ffd0a0 R08: 0000000000000000 R09: 0000000000000000
[   97.451025][ T6068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.454682][ T6068] R13: 000000000000000b R14: 00007f5977305f80 R15: 00007ffe115cdc78
[   97.458485][ T6068]  </TASK>
[   97.463364][ T6068] ERROR: Out of memory at tomoyo_realpath_from_path.
[   97.502948][   T57] usb 8-1: Using ep0 maxpacket: 8
[   97.511914][   T57] usb 8-1: unable to get BOS descriptor or descriptor too short
[   97.529028][   T57] usb 8-1: unable to read config index 0 descriptor/start: -61
[   97.532540][   T57] usb 8-1: can't read configurations, error -61
[   97.541331][   T57] usb usb8-port1: attempt power cycle
[   97.967966][   T57] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   97.992758][   T58] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   98.020660][   T57] usb 8-1: Using ep0 maxpacket: 8
[   98.027906][   T57] usb 8-1: unable to get BOS descriptor or descriptor too short
[   98.033412][   T57] usb 8-1: unable to read config index 0 descriptor/start: -61
[   98.037378][   T57] usb 8-1: can't read configurations, error -61
[   98.192141][   T58] usb 5-1: config 0 has no interfaces?
[   98.196820][   T58] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   98.201319][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   98.205252][   T58] usb 5-1: SerialNumber: syz
[   98.217308][   T57] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[   98.231059][   T58] usb 5-1: config 0 descriptor??
[   98.254105][   T57] usb 8-1: Using ep0 maxpacket: 8
[   98.263028][   T57] usb 8-1: unable to get BOS descriptor or descriptor too short
[   98.274701][   T57] usb 8-1: unable to read config index 0 descriptor/start: -61
[   98.284077][   T57] usb 8-1: can't read configurations, error -61
[   98.288285][   T57] usb usb8-port1: unable to enumerate USB device
[   98.488877][  T984] usb 5-1: USB disconnect, device number 3
[   98.802161][    C3] vkms_vblank_simulate: vblank timer overrun
[   98.985450][ T6092] warning: `syz.1.192' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   99.641970][ T6104] netlink: 20 bytes leftover after parsing attributes in process `syz.3.196'.
[   99.652518][   T39] kauditd_printk_skb: 10 callbacks suppressed
[   99.652534][   T39] audit: type=1326 audit(1722591631.684:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6103 comm="syz.3.196" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6f663773b9 code=0x0
[  100.276891][ T6115] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=6115 comm=syz.2.199
[  100.283209][ T6115] netlink: 64 bytes leftover after parsing attributes in process `syz.2.199'.
[  100.288205][   T39] audit: type=1400 audit(1722591632.324:385): avc:  denied  { ioctl } for  pid=6114 comm="syz.2.199" path="socket:[11660]" dev="sockfs" ino=11660 ioctlcmd=0x9439 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  100.299614][ T6115] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6115 comm=syz.2.199
[  100.398610][   T39] audit: type=1400 audit(1722591632.434:386): avc:  denied  { write } for  pid=6116 comm="syz.2.200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  100.706820][   T39] audit: type=1400 audit(1722591632.734:387): avc:  denied  { write } for  pid=6120 comm="syz.3.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  100.842952][   T57] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  101.057422][   T57] usb 7-1: config 0 has no interfaces?
[  101.061624][   T57] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  101.068501][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  101.072341][   T57] usb 7-1: SerialNumber: syz
[  101.078387][   T57] usb 7-1: config 0 descriptor??
[  101.308686][   T58] usb 7-1: USB disconnect, device number 3
[  101.748507][   T39] audit: type=1400 audit(1722591633.774:388): avc:  denied  { create } for  pid=6133 comm="syz.3.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  102.539070][ T6146] netlink: 20 bytes leftover after parsing attributes in process `syz.2.206'.
[  102.543840][ T6146] netlink: 20 bytes leftover after parsing attributes in process `syz.2.206'.
[  102.557361][ T6146] overlay: ./file0 is not a directory
[  102.912205][ T6152] netlink: 'syz.1.210': attribute type 3 has an invalid length.
[  103.694266][ T5357] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  103.698855][ T5357] Bluetooth: hci2: Injecting HCI hardware error event
[  103.702768][   T66] Bluetooth: hci2: hardware error 0x00
[  103.756911][   T39] audit: type=1400 audit(1722591635.794:389): avc:  denied  { setopt } for  pid=6163 comm="syz.3.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  103.758665][ T6164] netlink: 20 bytes leftover after parsing attributes in process `syz.3.213'.
[  103.774218][   T39] audit: type=1400 audit(1722591635.814:390): avc:  denied  { read } for  pid=6163 comm="syz.3.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  103.821955][   T39] audit: type=1326 audit(1722591635.854:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6165 comm="syz.0.214" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c84b773b9 code=0x0
[  104.359440][ T6177] netlink: 20 bytes leftover after parsing attributes in process `syz.1.217'.
[  104.364167][ T6177] netlink: 20 bytes leftover after parsing attributes in process `syz.1.217'.
[  104.389680][ T6177] overlay: ./file0 is not a directory
[  104.807192][ T6185] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  105.150065][ T6190] netlink: 20 bytes leftover after parsing attributes in process `syz.1.220'.
[  105.160837][ T6190] netlink: 20 bytes leftover after parsing attributes in process `syz.1.220'.
[  105.167082][ T6190] overlay: ./file0 is not a directory
[  105.772832][   T66] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  106.802619][   T39] audit: type=1326 audit(1722591638.834:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.1.225" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f13ab7773b9 code=0x0
[  106.956879][   T39] audit: type=1326 audit(1722591638.994:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6209 comm="syz.3.227" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f663773b9 code=0x0
[  107.138497][ T6223] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  107.889083][ T6237] netlink: 12 bytes leftover after parsing attributes in process `syz.2.233'.
[  107.896878][   T39] audit: type=1400 audit(1722591639.934:394): avc:  denied  { create } for  pid=6236 comm="syz.2.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  107.905152][   T39] audit: type=1400 audit(1722591639.934:395): avc:  denied  { write } for  pid=6236 comm="syz.2.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  107.920489][ T6237] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=6237 comm=syz.2.233
[  109.165329][ T6254] netlink: 'syz.2.238': attribute type 13 has an invalid length.
[  109.168560][ T6254] netlink: 'syz.2.238': attribute type 58 has an invalid length.
[  109.171715][ T6254] netlink: 152 bytes leftover after parsing attributes in process `syz.2.238'.
[  109.449490][   T39] audit: type=1400 audit(1722591641.484:396): avc:  denied  { mount } for  pid=6257 comm="syz.2.239" name="/" dev="rpc_pipefs" ino=11163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  109.461380][   T39] audit: type=1400 audit(1722591641.484:397): avc:  denied  { watch } for  pid=6257 comm="syz.2.239" path="/66/file0" dev="rpc_pipefs" ino=11163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=dir permissive=1
[  109.490822][   T39] audit: type=1400 audit(1722591641.524:398): avc:  denied  { unmount } for  pid=6257 comm="syz.2.239" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  109.578333][   T39] audit: type=1400 audit(1722591641.614:399): avc:  denied  { read } for  pid=6265 comm="syz.0.241" name="vhost-net" dev="devtmpfs" ino=1117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  109.595794][   T39] audit: type=1400 audit(1722591641.614:400): avc:  denied  { open } for  pid=6265 comm="syz.0.241" path="/dev/vhost-net" dev="devtmpfs" ino=1117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  109.609199][   T39] audit: type=1400 audit(1722591641.614:401): avc:  denied  { ioctl } for  pid=6265 comm="syz.0.241" path="/dev/vhost-net" dev="devtmpfs" ino=1117 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  109.857711][ T6272] netlink: 12 bytes leftover after parsing attributes in process `syz.0.243'.
[  109.874270][ T6272] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=6272 comm=syz.0.243
[  110.937394][ T6286] netlink: 20 bytes leftover after parsing attributes in process `syz.0.247'.
[  110.942829][ T6286] netlink: 20 bytes leftover after parsing attributes in process `syz.0.247'.
[  110.949897][ T6286] overlay: ./file0 is not a directory
[  111.142107][ T6293] netlink: 36 bytes leftover after parsing attributes in process `syz.0.249'.
[  111.454166][ T6303] netlink: 12 bytes leftover after parsing attributes in process `syz.2.252'.
[  111.496740][ T6303] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=6303 comm=syz.2.252
[  111.846706][   T39] kauditd_printk_skb: 2 callbacks suppressed
[  111.846721][   T39] audit: type=1400 audit(1722591643.884:404): avc:  denied  { create } for  pid=6319 comm="syz.1.258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  111.864372][   T39] audit: type=1400 audit(1722591643.884:405): avc:  denied  { ioctl } for  pid=6319 comm="syz.1.258" path="socket:[11257]" dev="sockfs" ino=11257 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  111.985545][   T39] audit: type=1400 audit(1722591644.024:406): avc:  denied  { read write } for  pid=6326 comm="syz.2.261" name="uinput" dev="devtmpfs" ino=866 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  111.999632][   T39] audit: type=1400 audit(1722591644.024:407): avc:  denied  { open } for  pid=6326 comm="syz.2.261" path="/dev/uinput" dev="devtmpfs" ino=866 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  112.868739][ T6341] FAULT_INJECTION: forcing a failure.
[  112.868739][ T6341] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  112.875505][ T6341] CPU: 2 UID: 0 PID: 6341 Comm: syz.0.265 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[  112.879663][ T6341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.884614][ T6341] Call Trace:
[  112.886341][ T6341]  <TASK>
[  112.887626][ T6341]  dump_stack_lvl+0x16c/0x1f0
[  112.889588][ T6341]  should_fail_ex+0x497/0x5b0
[  112.891191][ T6341]  strncpy_from_user+0x38/0x320
[  112.893166][ T6341]  getname_flags.part.0+0x8f/0x550
[  112.895335][ T6341]  getname+0x8d/0xe0
[  112.897011][ T6341]  __x64_sys_execve+0x72/0xb0
[  112.898826][ T6341]  do_syscall_64+0xcd/0x250
[  112.900710][ T6341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.904216][ T6341] RIP: 0033:0x7f1c84b773b9
[  112.905865][ T6341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.914483][ T6341] RSP: 002b:00007f1c8589e048 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  112.917943][ T6341] RAX: ffffffffffffffda RBX: 00007f1c84d05f80 RCX: 00007f1c84b773b9
[  112.920925][ T6341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  112.923310][ T6341] RBP: 00007f1c8589e0a0 R08: 0000000000000000 R09: 0000000000000000
[  112.925613][ T6341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.928966][ T6341] R13: 000000000000000b R14: 00007f1c84d05f80 R15: 00007fff0c744d78
[  112.932810][ T6341]  </TASK>
[  113.487005][   T66] Bluetooth: min 2 > max 0
[  113.773624][ T6354] netlink: 20 bytes leftover after parsing attributes in process `syz.2.270'.
[  113.778100][ T6354] netlink: 20 bytes leftover after parsing attributes in process `syz.2.270'.
[  113.788464][ T6354] overlay: ./file0 is not a directory
[  113.937961][   T39] audit: type=1400 audit(1722591645.974:408): avc:  denied  { ioctl } for  pid=6357 comm="syz.2.271" path="/dev/uinput" dev="devtmpfs" ino=866 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  113.942911][ T6358] input: syz0 as /devices/virtual/input/input5
[  113.992491][   T39] audit: type=1400 audit(1722591646.024:409): avc:  denied  { read } for  pid=4813 comm="acpid" name="event4" dev="devtmpfs" ino=2408 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  114.006321][   T39] audit: type=1400 audit(1722591646.024:410): avc:  denied  { open } for  pid=4813 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2408 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  114.016728][   T39] audit: type=1400 audit(1722591646.024:411): avc:  denied  { ioctl } for  pid=4813 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2408 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  115.191718][   T39] audit: type=1400 audit(1722591647.224:412): avc:  denied  { setopt } for  pid=6386 comm="syz.1.278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  115.200952][   T39] audit: type=1400 audit(1722591647.224:413): avc:  denied  { listen } for  pid=6386 comm="syz.1.278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  115.522804][   T66] Bluetooth: hci3: command tx timeout
[  116.268165][   T66] Bluetooth: min 2 > max 0
[  116.469257][ T6405] netlink: 'syz.3.283': attribute type 3 has an invalid length.
[  117.542080][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  118.147873][   T39] kauditd_printk_skb: 4 callbacks suppressed
[  118.147888][   T39] audit: type=1400 audit(1722591650.184:418): avc:  denied  { create } for  pid=6439 comm="syz.3.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  118.322755][   T66] Bluetooth: hci1: command tx timeout
[  119.220668][ T6460] netlink: 20 bytes leftover after parsing attributes in process `syz.2.298'.
[  119.231257][   T39] audit: type=1400 audit(1722591651.264:419): avc:  denied  { mounton } for  pid=6459 comm="syz.2.298" path="/81/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  119.330826][ T6462] FAULT_INJECTION: forcing a failure.
[  119.330826][ T6462] name failslab, interval 1, probability 0, space 0, times 0
[  119.336791][ T6462] CPU: 3 UID: 0 PID: 6462 Comm: syz.2.299 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[  119.341257][ T6462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.345792][ T6462] Call Trace:
[  119.347065][ T6462]  <TASK>
[  119.348220][ T6462]  dump_stack_lvl+0x16c/0x1f0
[  119.350086][ T6462]  should_fail_ex+0x497/0x5b0
[  119.352102][ T6462]  ? fs_reclaim_acquire+0xae/0x160
[  119.354268][ T6462]  should_failslab+0xc2/0x120
[  119.356332][ T6462]  __kmalloc_noprof+0xcb/0x400
[  119.358394][ T6462]  tomoyo_encode2+0x100/0x3e0
[  119.360260][ T6462]  tomoyo_encode+0x29/0x50
[  119.362276][ T6462]  tomoyo_realpath_from_path+0x19d/0x720
[  119.364713][ T6462]  ? tomoyo_profile+0x47/0x60
[  119.366767][ T6462]  tomoyo_path_number_perm+0x245/0x590
[  119.369209][ T6462]  ? tomoyo_path_number_perm+0x232/0x590
[  119.371895][ T6462]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  119.374418][ T6462]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  119.376772][ T6462]  ? __fget_files+0x256/0x400
[  119.378802][ T6462]  security_file_ioctl+0x75/0xc0
[  119.380907][ T6462]  __x64_sys_ioctl+0xbb/0x220
[  119.382959][ T6462]  do_syscall_64+0xcd/0x250
[  119.384832][ T6462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.387374][ T6462] RIP: 0033:0x7f59771773b9
[  119.389339][ T6462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.397644][ T6462] RSP: 002b:00007f5977ffd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  119.401313][ T6462] RAX: ffffffffffffffda RBX: 00007f5977305f80 RCX: 00007f59771773b9
[  119.404775][ T6462] RDX: 0000000020000040 RSI: 000000004008b100 RDI: 0000000000000003
[  119.408224][ T6462] RBP: 00007f5977ffd0a0 R08: 0000000000000000 R09: 0000000000000000
[  119.411437][ T6462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.414785][ T6462] R13: 000000000000000b R14: 00007f5977305f80 R15: 00007ffe115cdc78
[  119.418203][ T6462]  </TASK>
[  119.421288][ T6462] ERROR: Out of memory at tomoyo_realpath_from_path.
[  121.354517][   T66] Bluetooth: min 2 > max 0
[  121.552674][ T6488] netlink: 20 bytes leftover after parsing attributes in process `syz.1.307'.
[  121.961487][ T6490] mmap: syz.3.308 (6490): VmData 25886720 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  122.362887][    C2] vkms_vblank_simulate: vblank timer overrun
[  123.283674][   T66] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  123.287665][   T66] Bluetooth: hci0: Injecting HCI hardware error event
[  123.292591][ T5357] Bluetooth: hci0: hardware error 0x00
[  123.363687][   T66] Bluetooth: hci0: command tx timeout
[  123.589251][   T39] audit: type=1400 audit(1722591655.624:420): avc:  denied  { read } for  pid=6520 comm="syz.3.316" name="usbmon0" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  123.599429][   T39] audit: type=1400 audit(1722591655.624:421): avc:  denied  { open } for  pid=6520 comm="syz.3.316" path="/dev/usbmon0" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  123.661150][   T39] audit: type=1400 audit(1722591655.654:422): avc:  denied  { ioctl } for  pid=6520 comm="syz.3.316" path="/dev/usbmon0" dev="devtmpfs" ino=723 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  123.672750][   T39] audit: type=1400 audit(1722591655.654:423): avc:  denied  { create } for  pid=6520 comm="syz.3.316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  123.813162][   T39] audit: type=1400 audit(1722591655.854:424): avc:  denied  { write } for  pid=6520 comm="syz.3.316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  124.259221][   T39] audit: type=1400 audit(1722591656.294:425): avc:  denied  { ioctl } for  pid=6532 comm="syz.1.319" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x63a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  124.391191][ T6546] netlink: 12 bytes leftover after parsing attributes in process `syz.0.324'.
[  124.399939][ T6546] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=6546 comm=syz.0.324
[  124.785969][   T39] audit: type=1400 audit(1722591656.824:426): avc:  denied  { mount } for  pid=6553 comm="syz.2.326" name="/" dev="ramfs" ino=15082 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  124.795564][   T39] audit: type=1400 audit(1722591656.824:427): avc:  denied  { unmount } for  pid=6553 comm="syz.2.326" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  124.812262][   T39] audit: type=1400 audit(1722591656.844:428): avc:  denied  { mount } for  pid=6553 comm="syz.2.326" name="/" dev="configfs" ino=2094 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  124.837206][   T39] audit: type=1400 audit(1722591656.864:429): avc:  denied  { search } for  pid=6553 comm="syz.2.326" name="/" dev="configfs" ino=2094 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  125.442940][ T5357] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  125.605256][ T5357] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  125.609589][ T5357] Bluetooth: hci1: Injecting HCI hardware error event
[  125.617730][ T5357] Bluetooth: hci1: hardware error 0x00
[  126.084882][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  126.132910][ T6569] netpci0: tun_chr_ioctl cmd 1074025677
[  126.135764][ T6569] netpci0: linktype set to 804
[  127.683014][ T5357] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  128.032664][   T57] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  128.134451][ T6607] netlink: 68 bytes leftover after parsing attributes in process `syz.1.342'.
[  128.230191][   T57] usb 7-1: config 0 has no interfaces?
[  128.241996][   T57] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  128.247518][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  128.251622][   T57] usb 7-1: SerialNumber: syz
[  128.270428][   T57] usb 7-1: config 0 descriptor??
[  128.415354][ T6611] FAULT_INJECTION: forcing a failure.
[  128.415354][ T6611] name failslab, interval 1, probability 0, space 0, times 0
[  128.442752][ T6611] CPU: 2 UID: 0 PID: 6611 Comm: syz.3.343 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[  128.447804][ T6611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  128.452537][ T6611] Call Trace:
[  128.453865][ T6611]  <TASK>
[  128.455008][ T6611]  dump_stack_lvl+0x16c/0x1f0
[  128.457220][ T6611]  should_fail_ex+0x497/0x5b0
[  128.459271][ T6611]  ? fs_reclaim_acquire+0xae/0x160
[  128.461456][ T6611]  should_failslab+0xc2/0x120
[  128.463528][ T6611]  __kmalloc_noprof+0xcb/0x400
[  128.465623][ T6611]  memcg_list_lru_alloc+0x24d/0xa90
[  128.467865][ T6611]  ? rcu_read_unlock+0x17/0x60
[  128.470474][ T6611]  ? __pfx_memcg_list_lru_alloc+0x10/0x10
[  128.472980][ T6611]  __memcg_slab_post_alloc_hook+0x12c/0x9c0
[  128.475501][ T6611]  ? kasan_save_track+0x14/0x30
[  128.477576][ T6611]  kmem_cache_alloc_lru_noprof+0x2c1/0x2f0
[  128.480071][ T6611]  ? __d_alloc+0x31/0xaa0
[  128.481907][ T6611]  __d_alloc+0x31/0xaa0
[  128.483794][ T6611]  d_alloc_pseudo+0x1c/0xc0
[  128.485791][ T6611]  alloc_file_pseudo_noaccount+0xdc/0x210
[  128.488262][ T6611]  ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10
[  128.490982][ T6611]  bdev_file_open_by_dev+0x13e/0x210
[  128.493668][ T6611]  ? __pfx_ocfs2_fill_super+0x10/0x10
[  128.495959][ T6611]  setup_bdev_super+0x39b/0x730
[  128.497871][ T6611]  ? __pfx_ocfs2_fill_super+0x10/0x10
[  128.499913][ T6611]  mount_bdev+0x1b8/0x2d0
[  128.501569][ T6611]  ? __pfx_mount_bdev+0x10/0x10
[  128.503716][ T6611]  ? selinux_sb_eat_lsm_opts+0x594/0x700
[  128.506139][ T6611]  ? cap_capable+0x1cf/0x240
[  128.508197][ T6611]  ? __pfx_ocfs2_mount+0x10/0x10
[  128.510437][ T6611]  legacy_get_tree+0x109/0x220
[  128.512446][ T6611]  vfs_get_tree+0x8f/0x380
[  128.527480][ T6611]  path_mount+0x14e6/0x1f20
[  128.529448][ T6611]  ? __pfx_path_mount+0x10/0x10
[  128.531595][ T6611]  ? putname+0x12e/0x170
[  128.533610][ T6611]  ? putname+0x12e/0x170
[  128.535632][ T6611]  __x64_sys_mount+0x294/0x320
[  128.537669][ T6611]  ? __pfx___x64_sys_mount+0x10/0x10
[  128.539939][ T6611]  do_syscall_64+0xcd/0x250
[  128.542139][ T6611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.545519][ T6611] RIP: 0033:0x7f6f663773b9
[  128.547562][ T6611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.555404][ T6611] RSP: 002b:00007f6f67069048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  128.560019][ T6611] RAX: ffffffffffffffda RBX: 00007f6f66505f80 RCX: 00007f6f663773b9
[  128.564274][ T6611] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 0000000020000040
[  128.567863][ T6611] RBP: 00007f6f670690a0 R08: 0000000020000140 R09: 0000000000000000
[  128.571380][ T6611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  128.574588][ T6611] R13: 000000000000000b R14: 00007f6f66505f80 R15: 00007ffe3e7b8af8
[  128.577678][ T6611]  </TASK>
[  128.596413][   T56] usb 7-1: USB disconnect, device number 4
[  128.809389][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  129.044596][ T6634] team0: Port device virt_wifi0 added
[  129.170902][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  129.170914][   T39] audit: type=1400 audit(1722591661.204:433): avc:  denied  { create } for  pid=6642 comm="syz.2.351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  129.184396][   T39] audit: type=1400 audit(1722591661.214:434): avc:  denied  { ioctl } for  pid=6642 comm="syz.2.351" path="socket:[13875]" dev="sockfs" ino=13875 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  129.989278][ T6653] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  129.994608][ T6653] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  130.173014][ T6655] netlink: 16 bytes leftover after parsing attributes in process `syz.3.355'.
[  130.401073][ T6663] netlink: 68 bytes leftover after parsing attributes in process `syz.0.357'.
[  130.402213][   T39] audit: type=1400 audit(1722591662.434:435): avc:  denied  { execute } for  pid=6664 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  130.417462][   T39] audit: type=1400 audit(1722591662.434:436): avc:  denied  { execute_no_trans } for  pid=6664 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  130.440375][   T39] audit: type=1400 audit(1722591662.474:437): avc:  denied  { bind } for  pid=6665 comm="syz.2.358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  130.628814][   T39] audit: type=1400 audit(1722591662.654:438): avc:  denied  { mounton } for  pid=6673 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  130.665129][   T66] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  130.669278][   T66] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  130.685217][   T66] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  130.691142][   T66] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  130.702155][   T66] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  130.714270][   T66] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  130.734318][   T39] audit: type=1400 audit(1722591662.774:439): avc:  denied  { mounton } for  pid=6673 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  130.767563][   T30] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  130.924887][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  130.935718][   T64] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.953756][ T6673] chnl_net:caif_netlink_parms(): no params data found
[  130.966913][   T30] usb 7-1: Using ep0 maxpacket: 16
[  130.971849][   T30] usb 7-1: config 1 descriptor has 1 excess byte, ignoring
[  130.979279][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.989726][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.999708][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  131.005057][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  131.009529][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  131.013571][   T30] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  131.017306][   T30] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  131.027481][   T30] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  131.031192][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  131.035557][   T30] usb 7-1: SerialNumber: syz
[  131.065340][   T30] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[  131.108658][   T64] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.241420][   T64] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.270215][   T30] usb 7-1: USB disconnect, device number 5
[  131.312543][   T64] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.319942][ T6673] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.322205][ T6673] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.325743][ T6673] bridge_slave_0: entered allmulticast mode
[  131.329015][ T6673] bridge_slave_0: entered promiscuous mode
[  131.336896][ T6673] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.340056][ T6673] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.345202][ T6673] bridge_slave_1: entered allmulticast mode
[  131.348989][ T6673] bridge_slave_1: entered promiscuous mode
[  131.406073][ T6673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.415716][ T6673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.476380][ T6673] team0: Port device team_slave_0 added
[  131.481368][ T6673] team0: Port device team_slave_1 added
[  131.526108][   T39] audit: type=1400 audit(1722591663.554:440): avc:  denied  { read } for  pid=5048 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  131.574304][ T6673] batman_adv: batadv0: Adding interface: batadv_slave_0
[  131.577346][ T6673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.588447][ T6673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  131.600251][   T39] audit: type=1400 audit(1722591663.634:441): avc:  denied  { search } for  pid=5048 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  131.600807][ T6673] batman_adv: batadv0: Adding interface: batadv_slave_1
[  131.611442][ T6673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.614840][   T39] audit: type=1400 audit(1722591663.634:442): avc:  denied  { read } for  pid=5048 comm="dhcpcd" name="n71" dev="tmpfs" ino=3104 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  131.640785][ T6673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  131.675709][   T64] bridge_slave_1: left allmulticast mode
[  131.677603][   T64] bridge_slave_1: left promiscuous mode
[  131.681060][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.690137][   T64] bridge_slave_0: left allmulticast mode
[  131.692488][   T64] bridge_slave_0: left promiscuous mode
[  131.697822][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.182830][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  132.217751][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  132.238801][   T64] bond0 (unregistering): Released all slaves
[  132.534235][ T6673] hsr_slave_0: entered promiscuous mode
[  132.540411][ T6673] hsr_slave_1: entered promiscuous mode
[  132.550342][ T6673] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.555749][ T6673] Cannot create hsr debugfs directory
[  132.802772][ T5357] Bluetooth: hci1: command tx timeout
[  133.308014][   T64] hsr_slave_0: left promiscuous mode
[  133.324068][   T64] hsr_slave_1: left promiscuous mode
[  133.327400][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  133.330594][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  133.351752][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  133.355026][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.391663][   T64] veth1_macvtap: left promiscuous mode
[  133.394733][   T64] veth0_macvtap: left promiscuous mode
[  133.396970][   T64] veth1_vlan: left promiscuous mode
[  133.399485][   T64] veth0_vlan: left promiscuous mode
[  133.825576][   T64] team0 (unregistering): Port device virt_wifi0 removed
[  133.902674][   T30] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  134.108888][   T30] usb 7-1: Using ep0 maxpacket: 8
[  134.114890][   T30] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  134.118926][   T30] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  134.125444][   T30] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  134.129817][   T30] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.139212][   T30] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  134.144255][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.384741][   T30] usb 7-1: GET_CAPABILITIES returned 0
[  134.387546][   T30] usbtmc 7-1:16.0: can't read capabilities
[  134.485273][   T64] team0 (unregistering): Port device team_slave_1 removed
[  134.561490][   T64] team0 (unregistering): Port device team_slave_0 removed
[  134.648114][    C0] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.661011][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.669311][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.673096][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.677071][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.680756][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.685033][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.688799][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.692724][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.699178][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.702294][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.706718][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.711194][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.714796][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.718141][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.721474][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  134.731730][   T57] usb 7-1: USB disconnect, device number 6
[  134.883070][ T5357] Bluetooth: hci1: command tx timeout
[  135.485450][ T6738] xt_CT: You must specify a L4 protocol and not use inversions on it
[  135.505595][   T39] kauditd_printk_skb: 18 callbacks suppressed
[  135.505626][   T39] audit: type=1400 audit(1722591667.544:461): avc:  denied  { name_bind } for  pid=6726 comm="syz.3.370" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  135.533785][   T39] audit: type=1400 audit(1722591667.564:462): avc:  denied  { nlmsg_write } for  pid=6726 comm="syz.3.370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  136.138358][ T6673] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  136.150830][ T6673] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  136.169462][ T6673] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  136.192415][ T6673] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  136.306878][ T6673] 8021q: adding VLAN 0 to HW filter on device bond0
[  136.330044][ T6673] 8021q: adding VLAN 0 to HW filter on device team0
[  136.341276][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.344568][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.371344][ T5390] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.374532][ T5390] bridge0: port 2(bridge_slave_1) entered forwarding state
[  136.410939][ T6673] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  136.415779][ T6673] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  136.660284][ T6673] 8021q: adding VLAN 0 to HW filter on device batadv0
[  136.736693][ T6673] veth0_vlan: entered promiscuous mode
[  136.748128][ T6673] veth1_vlan: entered promiscuous mode
[  136.779255][ T6673] veth0_macvtap: entered promiscuous mode
[  136.786914][ T6673] veth1_macvtap: entered promiscuous mode
[  136.808939][ T6673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.814013][ T6673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.818614][ T6673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.824692][ T6673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.829361][ T6673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.834100][ T6673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.840228][ T6673] batman_adv: batadv0: Interface activated: batadv_slave_0
[  136.853686][ T6673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.857693][ T6673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.861367][ T6673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.869964][ T6673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.874411][ T6673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.878447][ T6673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.884544][ T6673] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.903110][ T6673] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.906490][ T6673] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.910037][ T6673] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.914162][ T6673] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.942868][   T56] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  136.962729][ T5357] Bluetooth: hci1: command tx timeout
[  137.008863][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.012531][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.015189][ T6795] FAULT_INJECTION: forcing a failure.
[  137.015189][ T6795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.025880][ T6795] CPU: 3 UID: 0 PID: 6795 Comm: syz.2.380 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[  137.029801][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.030373][ T6795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.030387][ T6795] Call Trace:
[  137.030394][ T6795]  <TASK>
[  137.040182][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.040524][ T6795]  dump_stack_lvl+0x16c/0x1f0
[  137.047582][ T6795]  should_fail_ex+0x497/0x5b0
[  137.049591][ T6795]  _copy_from_user+0x30/0xf0
[  137.051520][ T6795]  copy_msghdr_from_user+0x99/0x160
[  137.053465][   T39] audit: type=1400 audit(1722591669.084:463): avc:  denied  { mounton } for  pid=6673 comm="syz-executor" path="/syzkaller.b4kPi8/syz-tmp" dev="sda1" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  137.053838][ T6795]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  137.065866][ T6795]  ? __lock_acquire+0x1620/0x3cb0
[  137.068045][ T6795]  ___sys_sendmsg+0xff/0x1e0
[  137.070333][ T6795]  ? __pfx____sys_sendmsg+0x10/0x10
[  137.072441][ T6795]  ? handle_mm_fault+0x4c9/0x7b0
[  137.074420][ T6795]  ? __pfx___might_resched+0x10/0x10
[  137.076698][ T6795]  ? __might_fault+0xe3/0x190
[  137.078091][   T39] audit: type=1400 audit(1722591669.084:464): avc:  denied  { mount } for  pid=6673 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  137.078679][ T6795]  __sys_sendmmsg+0x1a1/0x450
[  137.078706][ T6795]  ? __pfx___sys_sendmmsg+0x10/0x10
[  137.078728][ T6795]  ? vfs_write+0x14d/0x1140
[  137.090801][   T39] audit: type=1400 audit(1722591669.084:465): avc:  denied  { mount } for  pid=6673 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  137.092048][ T6795]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  137.105502][ T6795]  ? fput+0x32/0x390
[  137.107115][ T6795]  ? ksys_write+0x1ab/0x260
[  137.108965][ T6795]  ? __pfx_ksys_write+0x10/0x10
[  137.111155][ T6795]  __x64_sys_sendmmsg+0x9c/0x100
[  137.113410][ T6795]  ? lockdep_hardirqs_on+0x7c/0x110
[  137.115761][ T6795]  do_syscall_64+0xcd/0x250
[  137.117782][ T6795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.120230][ T6795] RIP: 0033:0x7f59771773b9
[  137.122222][ T6795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.130489][ T6795] RSP: 002b:00007f5977fdc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  137.133741][ T6795] RAX: ffffffffffffffda RBX: 00007f5977306058 RCX: 00007f59771773b9
[  137.136964][ T6795] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000005
[  137.140073][ T6795] RBP: 00007f5977fdc0a0 R08: 0000000000000000 R09: 0000000000000000
[  137.143203][ T6795] R10: 0000000000000a1a R11: 0000000000000246 R12: 0000000000000002
[  137.146555][ T6795] R13: 000000000000006e R14: 00007f5977306058 R15: 00007ffe115cdc78
[  137.149747][ T6795]  </TASK>
[  137.166144][   T39] audit: type=1400 audit(1722591669.204:466): avc:  denied  { mounton } for  pid=6673 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2389 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  137.176195][   T39] audit: type=1400 audit(1722591669.204:467): avc:  denied  { mount } for  pid=6673 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  137.263284][   T56] usb 8-1: Using ep0 maxpacket: 8
[  137.273925][   T56] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  137.278221][   T56] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  137.282305][   T56] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  137.286772][   T56] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  137.292536][   T56] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  137.301947][   T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.512757][   T30] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  137.550597][   T56] usb 8-1: GET_CAPABILITIES returned 0
[  137.553168][   T56] usbtmc 8-1:16.0: can't read capabilities
[  137.712314][   T30] usb 6-1: config 0 has no interfaces?
[  137.725754][   T30] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  137.730408][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  137.737599][   T30] usb 6-1: SerialNumber: syz
[  137.744628][   T30] usb 6-1: config 0 descriptor??
[  137.754033][    C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  137.759716][  T830] usb 8-1: USB disconnect, device number 8
[  137.961752][ T6802] netlink: 20 bytes leftover after parsing attributes in process `syz.2.382'.
[  137.965928][ T6802] netlink: 20 bytes leftover after parsing attributes in process `syz.2.382'.
[  138.034631][   T58] usb 6-1: USB disconnect, device number 3
[  138.194711][   T39] audit: type=1400 audit(1722591670.234:468): avc:  denied  { connect } for  pid=6808 comm="syz.2.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  138.202862][   T39] audit: type=1400 audit(1722591670.234:469): avc:  denied  { write } for  pid=6808 comm="syz.2.383" path="socket:[18451]" dev="sockfs" ino=18451 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  138.403006][   T39] audit: type=1326 audit(1722591670.444:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6814 comm="syz.0.385" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c84b773b9 code=0x7ffc0000
[  138.416262][ T1381] ieee802154 phy0 wpan0: encryption failed: -22
[  138.419145][ T1381] ieee802154 phy1 wpan1: encryption failed: -22
[  138.453273][ T6815] netlink: 24 bytes leftover after parsing attributes in process `syz.0.385'.
[  138.584476][ T5357] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  138.978891][ T6831] ipvlan0: entered promiscuous mode
[  139.042851][ T5357] Bluetooth: hci1: command tx timeout
[  140.926296][    C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  142.623719][   T39] kauditd_printk_skb: 58 callbacks suppressed
[  142.623735][   T39] audit: type=1326 audit(1722591674.664:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  142.673673][   T39] audit: type=1326 audit(1722591674.664:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  142.691030][   T39] audit: type=1326 audit(1722591674.674:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  142.701226][   T39] audit: type=1326 audit(1722591674.674:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  142.710569][   T39] audit: type=1326 audit(1722591674.674:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  142.721212][   T39] audit: type=1326 audit(1722591674.674:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  142.733746][   T39] audit: type=1326 audit(1722591674.674:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  142.743792][   T39] audit: type=1326 audit(1722591674.674:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  142.756704][   T39] audit: type=1326 audit(1722591674.674:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  142.768060][   T39] audit: type=1326 audit(1722591674.674:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.3.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f663773b9 code=0x7ffc0000
[  143.610499][ T6918] team0: Port device virt_wifi0 added
[  145.531619][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  145.902695][   T56] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  146.091167][   T56] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  146.096457][   T56] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  146.100566][   T56] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  146.104923][   T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.121792][ T6946] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  146.131741][   T56] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  146.515524][   T56] usb 8-1: USB disconnect, device number 9
[  146.838068][ T6961] netlink: 20 bytes leftover after parsing attributes in process `syz.0.429'.
[  146.842145][ T6961] netlink: 20 bytes leftover after parsing attributes in process `syz.0.429'.
[  146.848813][ T6961] overlay: ./file0 is not a directory
[  149.176994][ T7002] netlink: 12 bytes leftover after parsing attributes in process `syz.1.438'.
[  149.188650][ T7002] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7002 comm=syz.1.438
[  149.434180][ T7005] netlink: 20 bytes leftover after parsing attributes in process `syz.1.439'.
[  149.438462][ T7005] netlink: 20 bytes leftover after parsing attributes in process `syz.1.439'.
[  149.444294][ T7005] overlay: ./file0 is not a directory
[  149.534471][ T7013] netlink: 144 bytes leftover after parsing attributes in process `syz.2.442'.
[  149.656160][ T7019] netlink: 12 bytes leftover after parsing attributes in process `syz.2.445'.
[  149.677988][ T7019] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7019 comm=syz.2.445
[  150.241574][ T7026] netlink: 12 bytes leftover after parsing attributes in process `syz.0.447'.
[  150.257242][ T7026] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7026 comm=syz.0.447
[  150.359194][   T39] kauditd_printk_skb: 111 callbacks suppressed
[  150.359209][   T39] audit: type=1400 audit(1722591682.394:650): avc:  denied  { read } for  pid=7028 comm="syz.0.448" name="/" dev="configfs" ino=2094 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  150.370241][   T39] audit: type=1400 audit(1722591682.394:651): avc:  denied  { open } for  pid=7028 comm="syz.0.448" path="/120/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  150.373672][ T7029] FAULT_INJECTION: forcing a failure.
[  150.373672][ T7029] name failslab, interval 1, probability 0, space 0, times 0
[  150.386353][ T7029] CPU: 0 UID: 0 PID: 7029 Comm: syz.0.448 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[  150.390733][ T7029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.395152][ T7029] Call Trace:
[  150.396587][ T7029]  <TASK>
[  150.397871][ T7029]  dump_stack_lvl+0x16c/0x1f0
[  150.400009][ T7029]  should_fail_ex+0x497/0x5b0
[  150.402229][ T7029]  ? fs_reclaim_acquire+0xae/0x160
[  150.404525][ T7029]  should_failslab+0xc2/0x120
[  150.406534][ T7029]  __kmalloc_noprof+0xcb/0x400
[  150.408558][ T7029]  ? find_held_lock+0x2d/0x110
[  150.410471][ T7029]  ovl_cache_entry_new+0x3d/0x730
[  150.412458][ T7029]  ? __pfx_lock_release+0x10/0x10
[  150.414695][ T7029]  ? do_raw_spin_lock+0x12d/0x2c0
[  150.416957][ T7029]  ovl_fill_merge+0x2b5/0xa80
[  150.419040][ T7029]  ? __pfx_ovl_fill_merge+0x10/0x10
[  150.421330][ T7029]  offset_readdir+0x41e/0xb70
[  150.423323][ T7029]  ? __pfx_offset_readdir+0x10/0x10
[  150.425601][ T7029]  iterate_dir+0x53e/0xb60
[  150.427516][ T7029]  ovl_dir_read_merged+0x3f1/0x5d0
[  150.429773][ T7029]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[  150.432017][ T7029]  ? __pfx_ovl_fill_merge+0x10/0x10
[  150.434375][ T7029]  ? kasan_save_track+0x14/0x30
[  150.436565][ T7029]  ovl_iterate+0x885/0xe60
[  150.438594][ T7029]  ? down_read_killable+0xcc/0x380
[  150.440882][ T7029]  ? __pfx_down_read_killable+0x10/0x10
[  150.443175][ T7029]  ? __pfx_ovl_iterate+0x10/0x10
[  150.445140][ T7029]  wrap_directory_iterator+0xa5/0xe0
[  150.447449][ T7029]  iterate_dir+0x53e/0xb60
[  150.449368][ T7029]  __x64_sys_getdents64+0x14f/0x2e0
[  150.451591][ T7029]  ? __pfx___x64_sys_getdents64+0x10/0x10
[  150.454070][ T7029]  ? __pfx_filldir64+0x10/0x10
[  150.456109][ T7029]  do_syscall_64+0xcd/0x250
[  150.458252][ T7029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.460820][ T7029] RIP: 0033:0x7f1c84b773b9
[  150.462823][ T7029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.471062][ T7029] RSP: 002b:00007f1c8589e048 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  150.474549][ T7029] RAX: ffffffffffffffda RBX: 00007f1c84d05f80 RCX: 00007f1c84b773b9
[  150.477641][ T7029] RDX: 0000000001000000 RSI: 0000000000000000 RDI: 0000000000000005
[  150.480950][ T7029] RBP: 00007f1c8589e0a0 R08: 0000000000000000 R09: 0000000000000000
[  150.484175][ T7029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  150.487426][ T7029] R13: 000000000000000b R14: 00007f1c84d05f80 R15: 00007fff0c744d78
[  150.490679][ T7029]  </TASK>
[  150.588463][ T7033] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  150.592008][ T7033] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  150.598076][ T7033] vhci_hcd vhci_hcd.0: Device attached
[  150.606401][ T7031] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(10)
[  150.609147][ T7031] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  150.612477][ T7031] vhci_hcd vhci_hcd.0: Device attached
[  150.617220][ T7031] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  150.623324][ T5357] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  150.624317][ T5357] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  150.802839][  T988] vhci_hcd: vhci_device speed not set
[  150.893684][  T988] usb 13-1: new full-speed USB device number 2 using vhci_hcd
[  151.304516][ T7036] vhci_hcd: connection closed
[  151.310386][ T1111] vhci_hcd: stop threads
[  151.316026][ T7034] vhci_hcd: connection reset by peer
[  151.320433][ T1111] vhci_hcd: release socket
[  151.323900][ T1111] vhci_hcd: disconnect device
[  151.326503][ T1111] vhci_hcd: stop threads
[  151.328447][ T1111] vhci_hcd: release socket
[  151.330799][ T1111] vhci_hcd: disconnect device
[  152.235547][ T7062] netlink: 12 bytes leftover after parsing attributes in process `syz.1.456'.
[  152.253608][ T7062] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7062 comm=syz.1.456
[  152.928357][    C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  152.941238][ T7078] netlink: 20 bytes leftover after parsing attributes in process `syz.0.460'.
[  152.945913][ T7078] netlink: 20 bytes leftover after parsing attributes in process `syz.0.460'.
[  152.951548][ T7078] overlay: ./file0 is not a directory
[  153.228552][   T39] audit: type=1400 audit(1722591685.264:652): avc:  denied  { getopt } for  pid=7091 comm="syz.2.464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  153.300000][ T7095] netlink: 12 bytes leftover after parsing attributes in process `syz.0.466'.
[  153.348200][ T7095] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7095 comm=syz.0.466
[  153.350326][ T7089] 9pnet_fd: p9_fd_create_tcp (7089): problem connecting socket to 127.0.0.1
[  153.415907][ T7102] netlink: 12 bytes leftover after parsing attributes in process `syz.0.467'.
[  153.451875][ T7102] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7102 comm=syz.0.467
[  153.666348][ T7114] FAULT_INJECTION: forcing a failure.
[  153.666348][ T7114] name failslab, interval 1, probability 0, space 0, times 0
[  153.672246][ T7114] CPU: 0 UID: 0 PID: 7114 Comm: syz.2.470 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[  153.676702][ T7114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.681383][ T7114] Call Trace:
[  153.682914][ T7114]  <TASK>
[  153.684232][ T7114]  dump_stack_lvl+0x16c/0x1f0
[  153.686313][ T7114]  should_fail_ex+0x497/0x5b0
[  153.688428][ T7114]  should_failslab+0xc2/0x120
[  153.690399][ T7114]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  153.692563][ T7114]  ? skb_clone+0x190/0x3f0
[  153.694519][ T7114]  skb_clone+0x190/0x3f0
[  153.696360][ T7114]  dev_queue_xmit_nit+0x38f/0xba0
[  153.698426][ T7114]  dev_hard_start_xmit+0x56/0x790
[  153.700393][ T7114]  ? __kasan_slab_alloc+0x89/0x90
[  153.702655][ T7114]  __dev_queue_xmit+0x7c7/0x4300
[  153.704788][ T7114]  ? __pfx___dev_queue_xmit+0x10/0x10
[  153.706879][ T7114]  ? __asan_memcpy+0x3c/0x60
[  153.708678][ T7114]  ? __asan_memcpy+0x3c/0x60
[  153.710376][ T7114]  ? __skb_clone+0x570/0x760
[  153.712014][ T7114]  netlink_deliver_tap+0xa7d/0xd90
[  153.714021][ T7114]  netlink_unicast+0x606/0x830
[  153.715910][ T7114]  ? __pfx_netlink_unicast+0x10/0x10
[  153.718198][ T7114]  netlink_sendmsg+0x8b8/0xd70
[  153.720257][ T7114]  ? __pfx_netlink_sendmsg+0x10/0x10
[  153.722636][ T7114]  ? __import_iovec+0x1fd/0x6e0
[  153.724824][ T7114]  ____sys_sendmsg+0xab5/0xc90
[  153.727179][ T7114]  ? copy_msghdr_from_user+0x10b/0x160
[  153.729958][ T7114]  ? __pfx_____sys_sendmsg+0x10/0x10
[  153.732298][ T7114]  ? find_held_lock+0x2d/0x110
[  153.734447][ T7114]  ? __pfx___lock_acquire+0x10/0x10
[  153.736827][ T7114]  ___sys_sendmsg+0x135/0x1e0
[  153.738758][ T7114]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.740991][ T7114]  ? ksys_write+0x21c/0x260
[  153.742975][ T7114]  ? __fget_light+0x173/0x210
[  153.745023][ T7114]  __sys_sendmsg+0x117/0x1f0
[  153.746932][ T7114]  ? __pfx___sys_sendmsg+0x10/0x10
[  153.748943][ T7114]  do_syscall_64+0xcd/0x250
[  153.750727][ T7114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.753082][ T7114] RIP: 0033:0x7f59771773b9
[  153.754885][ T7114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.762551][ T7114] RSP: 002b:00007f5977ffd048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  153.766052][ T7114] RAX: ffffffffffffffda RBX: 00007f5977305f80 RCX: 00007f59771773b9
[  153.769652][ T7114] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005
[  153.773199][ T7114] RBP: 00007f5977ffd0a0 R08: 0000000000000000 R09: 0000000000000000
[  153.776715][ T7114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.779949][ T7114] R13: 000000000000000b R14: 00007f5977305f80 R15: 00007ffe115cdc78
[  153.783527][ T7114]  </TASK>
[  153.786966][ T7114] netlink: 'syz.2.470': attribute type 7 has an invalid length.
[  153.790451][ T7114] netlink: 36 bytes leftover after parsing attributes in process `syz.2.470'.
[  154.203439][ T5390] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  154.392407][ T7131] netlink: 12 bytes leftover after parsing attributes in process `syz.0.475'.
[  154.401542][ T7131] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7131 comm=syz.0.475
[  154.401631][ T5390] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  154.416763][ T7089] 9pnet_fd: p9_fd_create_tcp (7089): problem connecting socket to 127.0.0.1
[  154.424241][ T5390] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.429739][ T5390] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.436723][ T5390] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  154.448584][ T5390] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  154.453489][ T5390] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  154.457222][ T5390] usb 7-1: Manufacturer: syz
[  154.461587][ T5390] usb 7-1: config 0 descriptor??
[  154.793433][   T39] audit: type=1400 audit(1722591686.834:653): avc:  denied  { create } for  pid=7135 comm="syz.3.477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  155.117103][ T7117] syz.2.471: attempt to access beyond end of device
[  155.117103][ T7117] nbd2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  155.127613][ T7117] SQUASHFS error: Failed to read block 0x0: -5
[  155.131193][ T7117] unable to read squashfs_super_block
[  155.135520][ T7142] netlink: 12 bytes leftover after parsing attributes in process `syz.3.478'.
[  155.171676][ T7142] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7142 comm=syz.3.478
[  156.002690][  T988] vhci_hcd: vhci_device speed not set
[  156.064578][   T39] audit: type=1400 audit(1722591688.104:654): avc:  denied  { connect } for  pid=7153 comm="syz.1.482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  156.189312][ T5390] usbhid 7-1:0.0: can't add hid device: -71
[  156.192019][ T5390] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  156.198928][ T5390] usb 7-1: USB disconnect, device number 7
[  156.239119][ T6956] udevd[6956]: setting owner of /dev/bus/usb/007/007 to uid=0, gid=0 failed: No such file or directory
[  156.361593][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  156.529309][   T39] audit: type=1400 audit(1722591688.564:655): avc:  denied  { getopt } for  pid=7164 comm="syz.0.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  156.581425][ T5357] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  157.213167][ T7178] netlink: 12 bytes leftover after parsing attributes in process `syz.2.490'.
[  157.223129][ T7178] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7178 comm=syz.2.490
[  157.526226][ T7183] netlink: 'syz.1.492': attribute type 11 has an invalid length.
[  158.528090][   T39] audit: type=1400 audit(1722591690.564:656): avc:  denied  { bind } for  pid=7195 comm="syz.2.496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  158.537695][   T39] audit: type=1400 audit(1722591690.564:657): avc:  denied  { connect } for  pid=7195 comm="syz.2.496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  159.300158][   T39] audit: type=1400 audit(1722591691.334:658): avc:  denied  { ioctl } for  pid=7213 comm="syz.2.501" path="socket:[16323]" dev="sockfs" ino=16323 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  159.359550][   T39] audit: type=1400 audit(1722591691.394:659): avc:  denied  { write } for  pid=7213 comm="syz.2.501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  160.122634][  T988] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  160.326220][  T988] usb 5-1: config 0 has no interfaces?
[  160.334045][  T988] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  160.337552][  T988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  160.343200][  T988] usb 5-1: SerialNumber: syz
[  160.348746][  T988] usb 5-1: config 0 descriptor??
[  160.567018][  T988] usb 5-1: USB disconnect, device number 4
[  160.789116][ T7247] netlink: 'syz.2.511': attribute type 4 has an invalid length.
[  160.965466][ T7248] netlink: 'syz.2.511': attribute type 4 has an invalid length.
[  161.466450][ T7248] syz.2.511 (7248) used greatest stack depth: 21136 bytes left
[  161.555078][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  162.272872][ T5357] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  162.557059][ T7276] netlink: 12 bytes leftover after parsing attributes in process `syz.1.519'.
[  162.570770][ T7276] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7276 comm=syz.1.519
[  163.568385][ T5357] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  163.638289][   T39] audit: type=1400 audit(1722591695.674:660): avc:  denied  { append } for  pid=7294 comm="syz.1.526" name="card2" dev="devtmpfs" ino=641 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  163.804751][ T7298] dns_resolver: Unsupported server list version (126)
[  163.814137][   T39] audit: type=1400 audit(1722591695.854:661): avc:  denied  { getopt } for  pid=7296 comm="syz.0.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  164.408727][ T7311] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7311 comm=syz.0.530
[  164.650349][ T7316] netlink: 20 bytes leftover after parsing attributes in process `syz.0.532'.
[  164.655620][ T7316] netlink: 20 bytes leftover after parsing attributes in process `syz.0.532'.
[  164.660594][ T7316] overlay: ./file0 is not a directory
[  165.495482][ T7340] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7340 comm=syz.3.540
[  165.546051][ T7343] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7343 comm=syz.3.541
[  165.775766][ T5357] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  165.824771][ T7353] netlink: 120 bytes leftover after parsing attributes in process `syz.3.547'.
[  166.128892][   T39] audit: type=1400 audit(1722591698.163:662): avc:  denied  { listen } for  pid=7362 comm="syz.3.550" laddr=172.20.20.170 lport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  167.036308][   T39] audit: type=1400 audit(1722591699.073:663): avc:  denied  { setopt } for  pid=7378 comm="syz.2.551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  167.223756][   T39] audit: type=1400 audit(1722591699.253:664): avc:  denied  { read } for  pid=7382 comm="syz.2.553" path="socket:[18278]" dev="sockfs" ino=18278 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  167.246835][   T39] audit: type=1400 audit(1722591699.253:665): avc:  denied  { mount } for  pid=7382 comm="syz.2.553" name="/" dev="hugetlbfs" ino=18281 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  167.280128][ T5357] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  167.505194][   T39] audit: type=1400 audit(1722591699.533:666): avc:  denied  { unmount } for  pid=5341 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  167.549174][ T7398] netlink: 4 bytes leftover after parsing attributes in process `syz.0.558'.
[  169.460388][ T7426] Bluetooth: MGMT ver 1.23
[  170.163628][ T7436] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7436 comm=syz.2.570
[  170.407674][   T39] audit: type=1400 audit(1722591702.433:667): avc:  denied  { write } for  pid=7443 comm="syz.0.573" name="ppp" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  170.532698][  T830] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  170.722921][  T830] usb 7-1: Using ep0 maxpacket: 32
[  170.736979][  T830] usb 7-1: config 1 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 192, changing to 11
[  170.743708][  T830] usb 7-1: config 1 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  170.750126][  T830] usb 7-1: config 1 interface 0 has no altsetting 0
[  170.762959][  T830] usb 7-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40
[  170.770337][  T830] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.776296][  T830] usb 7-1: Product: ஢躔Թ縳湏唠Ⲵ∫ྸ믫裵䪨ᴊꀬ狉Ꜭ䗍쇉駃ꉪᆬ窒뷙ᤊ嵺캰얕걠拓鸯빠袌쵫찓扁克礮ᡗ⋃幃
[  170.784541][  T830] usb 7-1: Manufacturer: Ъ
[  170.786398][  T830] usb 7-1: SerialNumber: syz
[  170.946504][   T39] audit: type=1400 audit(1722591702.943:668): avc:  denied  { map } for  pid=7443 comm="syz.0.573" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  171.011076][ T7439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.063331][ T7439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.113964][ T7439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.118956][ T7439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.337996][  T830] usbhid 7-1:1.0: can't add hid device: -71
[  171.340801][  T830] usbhid 7-1:1.0: probe with driver usbhid failed with error -71
[  171.352987][  T830] usb 7-1: USB disconnect, device number 8
[  171.412632][   T39] audit: type=1400 audit(1722591703.443:669): avc:  denied  { accept } for  pid=7448 comm="syz.0.574" lport=50222 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  171.436394][   T39] audit: type=1400 audit(1722591703.473:670): avc:  denied  { write } for  pid=7448 comm="syz.0.574" lport=50222 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  171.445009][ T7449] raw_sendmsg: syz.0.574 forgot to set AF_INET. Fix it!
[  171.446872][   T39] audit: type=1400 audit(1722591703.473:671): avc:  denied  { setopt } for  pid=7448 comm="syz.0.574" lport=50222 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  171.460403][   T39] audit: type=1400 audit(1722591703.473:672): avc:  denied  { getopt } for  pid=7448 comm="syz.0.574" lport=50222 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  172.617835][ T7464] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7464 comm=syz.0.579
[  173.706079][ T7493] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=7493 comm=syz.0.588
[  173.864858][ T7500] ip6tnl1: entered promiscuous mode
[  173.866957][ T7500] ip6tnl1: entered allmulticast mode
[  173.993607][   T39] audit: type=1400 audit(1722591706.003:673): avc:  denied  { write } for  pid=7501 comm="syz.0.591" name="/" dev="9p" ino=36701584 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  174.018119][    C3] vkms_vblank_simulate: vblank timer overrun
[  174.027542][   T39] audit: type=1400 audit(1722591706.003:674): avc:  denied  { add_name } for  pid=7501 comm="syz.0.591" name="blkio.bfq.io_serviced" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  174.042487][   T39] audit: type=1400 audit(1722591706.003:675): avc:  denied  { create } for  pid=7501 comm="syz.0.591" name="blkio.bfq.io_serviced" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  174.052818][ T7502] netfs: Couldn't get user pages (rc=-14)
[  174.059105][   T39] audit: type=1400 audit(1722591706.003:676): avc:  denied  { associate } for  pid=7501 comm="syz.0.591" name="blkio.bfq.io_serviced" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  174.528674][ T1190] ------------[ cut here ]------------
[  174.531220][ T1190] folio expected an open fid inode->i_ino=23005ed
[  174.550947][ T1190] WARNING: CPU: 2 PID: 1190 at fs/9p/vfs_addr.c:39 v9fs_begin_writeback+0x210/0x280
[  174.555101][ T1190] Modules linked in:
[  174.556887][ T1190] CPU: 2 UID: 0 PID: 1190 Comm: kworker/u32:9 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[  174.563804][ T1190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  174.568104][ T1190] Workqueue: writeback wb_workfn (flush-9p-3)
[  174.570543][ T1190] RIP: 0010:v9fs_begin_writeback+0x210/0x280
[  174.572989][ T1190] Code: 00 fc ff df 48 8b 5b 48 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 75 66 48 8b 73 40 48 c7 c7 20 9a 8e 8b e8 51 4a 0d fe 90 <0f> 0b 90 90 e9 62 ff ff ff e8 32 2b a8 fe e9 51 ff ff ff e8 98 2a
[  174.580815][ T1190] RSP: 0018:ffffc900063c7480 EFLAGS: 00010286
[  174.583590][ T1190] RAX: 0000000000000000 RBX: ffff8880460c0ce0 RCX: ffffffff814cc379
[  174.586729][ T1190] RDX: ffff88802312a440 RSI: ffffffff814cc386 RDI: 0000000000000001
[  174.589682][ T1190] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  174.592842][ T1190] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88801b1e53c8
[  174.596503][ T1190] R13: dffffc0000000000 R14: ffffc900063c7840 R15: ffff88801b1e5618
[  174.599547][ T1190] FS:  0000000000000000(0000) GS:ffff88806b200000(0000) knlGS:0000000000000000
[  174.602815][ T1190] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  174.605809][ T1190] CR2: 00007f5977e356c0 CR3: 000000000db7c000 CR4: 0000000000350ef0
[  174.608991][ T1190] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  174.612231][ T1190] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  174.615410][ T1190] Call Trace:
[  174.616733][ T1190]  <TASK>
[  174.617937][ T1190]  ? show_regs+0x8c/0xa0
[  174.619466][ T1190]  ? __warn+0xe5/0x3c0
[  174.620817][ T1190]  ? v9fs_begin_writeback+0x210/0x280
[  174.622951][ T1190]  ? report_bug+0x3c0/0x580
[  174.624592][ T1190]  ? handle_bug+0x3d/0x70
[  174.626214][ T1190]  ? exc_invalid_op+0x17/0x50
[  174.627833][ T1190]  ? asm_exc_invalid_op+0x1a/0x20
[  174.629576][ T1190]  ? __warn_printk+0x199/0x350
[  174.631265][ T1190]  ? __warn_printk+0x1a6/0x350
[  174.633005][ T1190]  ? v9fs_begin_writeback+0x210/0x280
[  174.634861][ T1190]  netfs_writepages+0x656/0xde0
[  174.636542][ T1190]  ? __pfx_netfs_writepages+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  174.638612][ T1190]  ? __pfx_netfs_writepages+0x10/0x10
[  174.641274][ T1190]  do_writepages+0x1a3/0x7f0
[  174.643400][ T1190]  ? __pfx___schedule+0x10/0x10
[  174.645654][ T1190]  ? __pfx_do_writepages+0x10/0x10
[  174.648053][ T1190]  ? reacquire_held_locks+0x20b/0x4c0
[  174.650510][ T1190]  ? writeback_sb_inodes+0x3b5/0x1150
[  174.652942][ T1190]  ? find_held_lock+0x2d/0x110
[  174.655188][ T1190]  ? preempt_schedule_thunk+0x1a/0x30
[  174.657773][ T1190]  __writeback_single_inode+0x163/0xf90
[  174.660392][ T1190]  ? __pfx___writeback_single_inode+0x10/0x10
[  174.663198][ T1190]  ? _raw_spin_unlock+0x3e/0x50
[  174.665512][ T1190]  ? wbc_attach_and_unlock_inode+0x597/0x940
[  174.668392][ T1190]  writeback_sb_inodes+0x611/0x1150
[  174.670733][ T1190]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  174.673509][ T1190]  ? find_held_lock+0x2d/0x110
[  174.676077][ T1190]  ? do_raw_spin_lock+0x12d/0x2c0
[  174.678581][ T1190]  ? rcu_is_watching+0x12/0xc0
[  174.681012][ T1190]  ? queue_io+0x3f8/0x520
[  174.683174][ T1190]  wb_writeback+0x199/0xb50
[  174.685386][ T1190]  ? __pfx_wb_writeback+0x10/0x10
[  174.687870][ T1190]  ? __pfx_lock_release+0x10/0x10
[  174.690226][ T1190]  ? mark_held_locks+0x9f/0xe0
[  174.692241][ T1190]  wb_workfn+0x28d/0xf40
[  174.694134][ T1190]  ? __pfx_wb_workfn+0x10/0x10
[  174.696161][ T1190]  ? __pfx_lock_acquire+0x10/0x10
[  174.698392][ T1190]  ? __pfx_lock_release+0x10/0x10
[  174.701199][ T1190]  process_one_work+0x9c5/0x1b40
[  174.704089][ T1190]  ? __pfx_batadv_iv_send_outstanding_bat_ogm_packet+0x10/0x10
[  174.707329][ T1190]  ? __pfx_process_one_work+0x10/0x10
[  174.709664][ T1190]  ? assign_work+0x1a0/0x250
[  174.712046][ T1190]  worker_thread+0x6c8/0xf20
[  174.714328][ T1190]  ? __kthread_parkme+0x148/0x220
[  174.716604][ T1190]  ? __pfx_worker_thread+0x10/0x10
[  174.719074][ T1190]  kthread+0x2c1/0x3a0
[  174.720863][ T1190]  ? _raw_spin_unlock_irq+0x23/0x50
[  174.723798][ T1190]  ? __pfx_kthread+0x10/0x10
[  174.726272][ T1190]  ret_from_fork+0x45/0x80
[  174.728325][ T1190]  ? __pfx_kthread+0x10/0x10
[  174.730743][ T1190]  ret_from_fork_asm+0x1a/0x30
[  174.732927][ T1190]  </TASK>
[  174.734320][ T1190] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  174.737572][ T1190] CPU: 2 UID: 0 PID: 1190 Comm: kworker/u32:9 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0
[  174.742833][ T1190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  174.747309][ T1190] Workqueue: writeback wb_workfn (flush-9p-3)
[  174.750354][ T1190] Call Trace:
[  174.751759][ T1190]  <TASK>
[  174.753006][ T1190]  dump_stack_lvl+0x3d/0x1f0
[  174.755038][ T1190]  panic+0x6f5/0x7a0
[  174.756857][ T1190]  ? __pfx_panic+0x10/0x10
[  174.758904][ T1190]  ? show_trace_log_lvl+0x363/0x500
[  174.761341][ T1190]  ? check_panic_on_warn+0x1f/0xb0
[  174.763776][ T1190]  ? v9fs_begin_writeback+0x210/0x280
[  174.766271][ T1190]  check_panic_on_warn+0xab/0xb0
[  174.768487][ T1190]  __warn+0xf1/0x3c0
[  174.770205][ T1190]  ? v9fs_begin_writeback+0x210/0x280
[  174.772477][ T1190]  report_bug+0x3c0/0x580
[  174.774483][ T1190]  handle_bug+0x3d/0x70
[  174.776145][ T1190]  exc_invalid_op+0x17/0x50
[  174.778088][ T1190]  asm_exc_invalid_op+0x1a/0x20
[  174.780138][ T1190] RIP: 0010:v9fs_begin_writeback+0x210/0x280
[  174.782883][ T1190] Code: 00 fc ff df 48 8b 5b 48 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 75 66 48 8b 73 40 48 c7 c7 20 9a 8e 8b e8 51 4a 0d fe 90 <0f> 0b 90 90 e9 62 ff ff ff e8 32 2b a8 fe e9 51 ff ff ff e8 98 2a
[  174.792412][ T1190] RSP: 0018:ffffc900063c7480 EFLAGS: 00010286
[  174.795508][ T1190] RAX: 0000000000000000 RBX: ffff8880460c0ce0 RCX: ffffffff814cc379
[  174.799175][ T1190] RDX: ffff88802312a440 RSI: ffffffff814cc386 RDI: 0000000000000001
[  174.802806][ T1190] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  174.806421][ T1190] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88801b1e53c8
[  174.809915][ T1190] R13: dffffc0000000000 R14: ffffc900063c7840 R15: ffff88801b1e5618
[  174.814250][ T1190]  ? __warn_printk+0x199/0x350
[  174.817018][ T1190]  ? __warn_printk+0x1a6/0x350
[  174.819942][ T1190]  netfs_writepages+0x656/0xde0
[  174.822967][ T1190]  ? __pfx_netfs_writepages+0x10/0x10
[  174.826245][ T1190]  ? __pfx_netfs_writepages+0x10/0x10
[  174.829507][ T1190]  do_writepages+0x1a3/0x7f0
[  174.831873][ T1190]  ? __pfx___schedule+0x10/0x10
[  174.834181][ T1190]  ? __pfx_do_writepages+0x10/0x10
[  174.836858][ T1190]  ? reacquire_held_locks+0x20b/0x4c0
[  174.840162][ T1190]  ? writeback_sb_inodes+0x3b5/0x1150
[  174.843450][ T1190]  ? find_held_lock+0x2d/0x110
[  174.846425][ T1190]  ? preempt_schedule_thunk+0x1a/0x30
[  174.848825][ T1190]  __writeback_single_inode+0x163/0xf90
[  174.851561][ T1190]  ? __pfx___writeback_single_inode+0x10/0x10
[  174.854781][ T1190]  ? _raw_spin_unlock+0x3e/0x50
[  174.857518][ T1190]  ? wbc_attach_and_unlock_inode+0x597/0x940
[  174.860500][ T1190]  writeback_sb_inodes+0x611/0x1150
[  174.862805][ T1190]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  174.865536][ T1190]  ? find_held_lock+0x2d/0x110
[  174.868156][ T1190]  ? do_raw_spin_lock+0x12d/0x2c0
[  174.870532][ T1190]  ? rcu_is_watching+0x12/0xc0
[  174.873194][ T1190]  ? queue_io+0x3f8/0x520
[  174.875636][ T1190]  wb_writeback+0x199/0xb50
[  174.879690][ T1190]  ? __pfx_wb_writeback+0x10/0x10
[  174.882550][ T1190]  ? __pfx_lock_release+0x10/0x10
[  174.885456][ T1190]  ? mark_held_locks+0x9f/0xe0
[  174.888195][ T1190]  wb_workfn+0x28d/0xf40
[  174.890169][ T1190]  ? __pfx_wb_workfn+0x10/0x10
[  174.892927][ T1190]  ? __pfx_lock_acquire+0x10/0x10
[  174.895822][ T1190]  ? __pfx_lock_release+0x10/0x10
[  174.898487][ T1190]  process_one_work+0x9c5/0x1b40
[  174.900963][ T1190]  ? __pfx_batadv_iv_send_outstanding_bat_ogm_packet+0x10/0x10
[  174.906341][ T1190]  ? __pfx_process_one_work+0x10/0x10
[  174.909588][ T1190]  ? assign_work+0x1a0/0x250
[  174.911851][ T1190]  worker_thread+0x6c8/0xf20
[  174.914305][ T1190]  ? __kthread_parkme+0x148/0x220
[  174.916963][ T1190]  ? __pfx_worker_thread+0x10/0x10
[  174.920375][ T1190]  kthread+0x2c1/0x3a0
[  174.922357][ T1190]  ? _raw_spin_unlock_irq+0x23/0x50
[  174.924956][ T1190]  ? __pfx_kthread+0x10/0x10
[  174.927100][ T1190]  ret_from_fork+0x45/0x80
[  174.929207][ T1190]  ? __pfx_kthread+0x10/0x10
[  174.930905][ T1190]  ret_from_fork_asm+0x1a/0x30
[  174.932538][ T1190]  </TASK>
[  174.934457][ T1190] Kernel Offset: disabled
[  174.936526][ T1190] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:41:46  Registers:
info registers vcpu 0

CPU#0
RAX=000000000048f149 RBX=0000000000000000 RCX=ffffffff8b11a529 RDX=0000000000000000
RSI=ffffffff8b4cc580 RDI=ffffffff8bb08480 RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20
R8 =0000000000000001 R9 =ffffed100d606fd9 R10=ffff88806b037ecb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff9012b4d8 R15=0000000000000000
RIP=ffffffff8b11b91f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000201b4000 CR3=000000004231a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe115ce000 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f59771e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f59771e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f59771e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f59771e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f59771e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f59771e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000140
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 0000000000000140
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffffffdfc000 RBX=0000000000000000 RCX=0000000000000016 RDX=0000000000000000
RSI=0000000000000004 RDI=ffffffff9324ae94 RBP=ffff888022a5b6c0 RSP=ffffc900008b09f0
R8 =0000000000000001 R9 =fffff5200011612c R10=0000000000000003 R11=0000000000000000
R12=0000000000204000 R13=0000000000000016 R14=ffff888022a5b680 R15=dffffc0000000000
RIP=ffffffff813af97e RFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3c5c6c4d00 ffffffff 00c00000
GS =0000 ffff88806b100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b31d03ff8 CR3=00000000163bc000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=7a9210f8bec1a13d 756b99bc781c120f 7a9210f8bec1a13d 756b99bc781c120f 7a9210f8bec1a13d 756b99bc781c120f 7a9210f8bec1a13d 756b99bc781c120f
ZMM18=1a98b48867742cc6 79be89e3b332f8c2 1a98b48867742cc6 79be89e3b332f8c2 1a98b48867742cc6 79be89e3b332f8c2 1a98b48867742cc6 79be89e3b332f8c2
ZMM19=180a000000000000 0000000000000005 180a000000000000 0000000000000004 180a000000000000 0000000000000003 180a000000000000 0000000000000002
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=756b99bc756b99bc 756b99bc756b99bc 756b99bc756b99bc 756b99bc756b99bc 756b99bc756b99bc 756b99bc756b99bc 756b99bc756b99bc 756b99bc756b99bc
ZMM22=bec1a13dbec1a13d bec1a13dbec1a13d bec1a13dbec1a13d bec1a13dbec1a13d bec1a13dbec1a13d bec1a13dbec1a13d bec1a13dbec1a13d bec1a13dbec1a13d
ZMM23=7a9210f87a9210f8 7a9210f87a9210f8 7a9210f87a9210f8 7a9210f87a9210f8 7a9210f87a9210f8 7a9210f87a9210f8 7a9210f87a9210f8 7a9210f87a9210f8
ZMM24=b332f8c2b332f8c2 b332f8c2b332f8c2 b332f8c2b332f8c2 b332f8c2b332f8c2 b332f8c2b332f8c2 b332f8c2b332f8c2 b332f8c2b332f8c2 b332f8c2b332f8c2
ZMM25=79be89e379be89e3 79be89e379be89e3 79be89e379be89e3 79be89e379be89e3 79be89e379be89e3 79be89e379be89e3 79be89e379be89e3 79be89e379be89e3
ZMM26=67742cc667742cc6 67742cc667742cc6 67742cc667742cc6 67742cc667742cc6 67742cc667742cc6 67742cc667742cc6 67742cc667742cc6 67742cc667742cc6
ZMM27=1a98b4881a98b488 1a98b4881a98b488 1a98b4881a98b488 1a98b4881a98b488 1a98b4881a98b488 1a98b4881a98b488 1a98b4881a98b488 1a98b4881a98b488
ZMM28=000000900000008f 0000008e0000008d 0000008c0000008b 0000008a00000089 0000008800000087 0000008600000085 0000008400000083 0000008200000081
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=170a0000170a0000 170a0000170a0000 170a0000170a0000 170a0000170a0000 170a0000170a0000 170a0000170a0000 170a0000170a0000 170a0000170a0000
info registers vcpu 2

CPU#2
RAX=000000000000006d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fe2765 RDI=ffffffff9519a720 RBP=ffffffff9519a6e0 RSP=ffffc900063c6e60
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000006d R14=ffffffff84fe2700 R15=0000000000000000
RIP=ffffffff84fe278f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f5977e356c0 CR3=000000000db7c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000040001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f664d5488 00007f6f664d5480 00007f6f664d5478 00007f6f664d5450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f6703d100 00007f6f664d5440 00007f6f664d5458 00007f6f664d54a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f664d5498 00007f6f664d5490 00007f6f664d5488 00007f6f664d5480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000080000002 RBX=000000000017ffff RCX=ffffffff81cfa7c6 RDX=ffff888022d34880
RSI=000000000017ffff RDI=0000000000000006 RBP=000000000003d3f6 RSP=ffffc9000340f758
R8 =0000000000000006 R9 =000000000017ffff R10=000000000003d3f6 R11=0000000000000000
R12=1ffff92000681eec R13=ffff88802c10fba0 R14=00007f6f653d7000 R15=0000000000000000
RIP=ffffffff818a749e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00005555565f6500 ffffffff 00c00000
GS =0000 ffff88806b300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f6f670356c0 CR3=0000000043af8000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe3e7b8e80 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e56c5
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e56d2
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e56cc
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e56e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e5766
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6f663e5844
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000