last executing test programs:

7.206611325s ago: executing program 3 (id=1575):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000400)={0x36, 0x6, 0x0, {0x0, 0x0, 0xd, 0x0, 'dont_appraise'}}, 0x36)

6.349928791s ago: executing program 3 (id=1577):
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000d80)=ANY=[@ANYBLOB], 0x2d0}, 0x1, 0x0, 0x0, 0x4048850}, 0x40)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x2)
getpid()
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, 0x0, 0x801)
r1 = syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
read$FUSE(r1, 0x0, 0x0)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x12d8)

6.029964199s ago: executing program 1 (id=1581):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0xda, &(0x7f0000001600)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa000800450000cc0000000000019078640101000000000000000089000000000000ac1414aa862a00000000000d5e000000ff00000000000000054eb8a600129606053d0006ff00800000b61af93a93831300ac1414007f0000017f000001e0000002864c0000000000074b6cefc500000cdf61168c24ac88ad078c000a2189ea43a2149b840012ffd11634eea26b0faffa0dea2e903528000902a20948fd7406000eccf0294e2a3bdb4aa40b249e4408000000000000000000a815a23da43974ff"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140))
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
recvmmsg(r2, &(0x7f0000002f00)=[{{0x0, 0x0, 0x0}, 0xfffffff4}], 0x1, 0x40010003, 0x0)
syz_io_uring_setup(0x5e2, &(0x7f0000000280), &(0x7f0000000040), &(0x7f0000000180))
io_uring_enter(r1, 0x4e07, 0x0, 0x0, 0x0, 0x0)

5.489655822s ago: executing program 3 (id=1588):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x50}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x102, 0x4800101a, r1, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='cifs\x00', 0x10009, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000013c0)={&(0x7f00000003c0)=ANY=[], 0x0, 0x6a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0)
r4 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100)
io_uring_register$IORING_UNREGISTER_BUFFERS(r4, 0x1, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="f23109aaaaa2aaaa10000000"], 0xc)
bpf$TOKEN_CREATE(0x24, &(0x7f00000012c0), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r5=>0x0})
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000001280)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001240)={&(0x7f0000001180)={0x14, 0x4, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x9}, ["", "", ""]}, 0x14}}, 0x10)
bind$can_j1939(r3, &(0x7f0000001200)={0x1d, r5, 0x0, {0x1}}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x800, 0x83)
socket$l2tp(0x2, 0x2, 0x73)
r6 = socket$inet6(0xa, 0xa, 0x4f)
bind$inet6(r6, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r7, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)

5.30017479s ago: executing program 3 (id=1590):
r0 = add_key$user(&(0x7f0000000240), 0x0, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, &(0x7f0000000740)="69bf05d40ff7e03db3ddca537c6c5612321b25d32064e9ed643d462211406432e87c4d40383939ab8276bfc0294ba021d1ccf9b6b32d1b6c9e8c9737ca2d08305301693ef20a414ca24bed3736d182271d197fc2146a9f55070f3f31155b9081ecbd0fcc0296c88eac143394a776955e8a075194717757c9e085976cac66fd4c5bc83183df2db8205863d7f803e302420e7fc5315861803024f921932a49a4283f6a7d8ab2cbd629e984582467fd6ca63598d554677517903644dc2ef01f8dec", 0xc0, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={'sha1-avx\x00'}})
r2 = socket$rds(0x15, 0x5, 0x0)
r3 = fanotify_init(0x81, 0x0)
fanotify_mark(r3, 0x105, 0x40001032, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
socket$packet(0x11, 0x2, 0x300)
ptrace(0x8, r4)
wait4(0x0, 0x0, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
rt_tgsigqueueinfo(r4, 0xffffffffffffffff, 0x7, &(0x7f0000000580)={0x5, 0x735, 0x7})
read$FUSE(r3, &(0x7f00000057c0)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200000300000085000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a01040000000000000000020000000c00064000000000000000020900020073797a32000000000900010073797a30"], 0x60}}, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

4.708918544s ago: executing program 2 (id=1595):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b7040000000000008500000033000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
close(r0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r6}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x5e, &(0x7f0000000340)={@local, @dev, @val={@val={0x8100}}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "ec7ab49f42266b558197758939c3a67064eb2413deb6d588b153902f5348321b2aa24fcea6549a091e651e6c1d3053eef4b8f189054244df8c1353433e834d4c"}}}}, 0x0)

4.640345159s ago: executing program 2 (id=1596):
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000d80)=ANY=[@ANYBLOB], 0x2d0}, 0x1, 0x0, 0x0, 0x4048850}, 0x40)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x2)
getpid()
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, 0x0, 0x801)
r1 = syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
read$FUSE(r1, 0x0, 0x0)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x12d8)

3.780120352s ago: executing program 2 (id=1600):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000480)="66f30f0f6782a7660f38cf4b00b9250a00000f3245d9680066b8d0008ec0b9f2030000b800780000ba000000000f300fc77100c442b97d3c689d9d0f0fa301000000a42e430f01c3", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58b04"])
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f0000000140)={0x15, 0x110, 0xfa02, {r6, 0x0, 0x30, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"6e40db5d0076a1a5d48829eef778037c"}}, @ib={0x1b, 0x0, 0x0, {"0e00000000ae00000000000004000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_ACCEPT(r4, &(0x7f00000002c0)={0x8, 0x120, 0xfa00, {0x3, {0x9, 0x40, "a59e7895aa2a958753f32bde079ec4f5cea1b3cfb06d06ec8c217d31bcf180b7cb8c1fbfc81eb462992cebbcbedf60cc3f5ab73b10f531534c3562c7ba0f0d1a7d93dfb0177bed784f045219a7fa0cf0b885396b752fed2cd732c6c7f06994a45ed60d7eeda3020b4620cad5b5543879a10dea34792bfb25627f9ce643de63b783e5130a81c0f03f449deffeccca6255e4173b320a0811b17363d1ae92205b29c9c92ab347113706d96ae98151c163ffabc8f48a1a76f3d9bb1085ffa94f06747191a79c883f9b18eabb793d173e987e0fcc5f19cb2061f55c6db2e533c16912e550a6684dda505e6d1ca5cfcf0b11dd3a913cde9b3ae1efbee5e6fdb6d8e74e", 0x6, 0x6, 0x5, 0x8, 0x8, 0x1, 0x5d, 0x1}, r6}}, 0x128)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x78e}})
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r7, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000700)={0x64, r8, 0x1, 0x70bd2d, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6}, {0x5, 0x12, 0x3}, {0x6}, {0x8}}]}, 0x64}, 0x1, 0x0, 0x0, 0x8841}, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r4, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000500)={0x54, r8, 0x8, 0x70bd25, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x6}, {0x6, 0x11, 0x7ff}, {0x8}, {0x5}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4040814)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f00000005c0)={0xff, 0x9, 0xe4, 0x3, 0x5a, "3befb8108b4e00d539e6e54b06ed1a4b2bf1a5", 0x1, 0x4})
openat$cgroup_ro(r4, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x18, 0x2a, 0x9, 0x0, 0x0, {0x4, 0x0, 0x2c00}, [@nested={0x4, 0x10}]}, 0x18}, 0x1, 0x3000000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x20004040}, 0x0)
close(0xffffffffffffffff)

3.509925833s ago: executing program 2 (id=1602):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000400)={0x36, 0x6, 0x0, {0x0, 0x0, 0xd, 0x0, 'dont_appraise'}}, 0x36)

2.96025425s ago: executing program 1 (id=1606):
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x40187013, &(0x7f0000000140)={0x1})

2.959965336s ago: executing program 1 (id=1607):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x24, 0x10, 0x0, 0x40000002}, 0x24}}, 0x0)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x6089, 0x4e72, 0x0, 0x0, 0x0)

2.897919007s ago: executing program 1 (id=1608):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}]}], {0x14}}, 0xb8}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040e0501460c1f00c7f641737da8c5df97e629d54f8eef8f4b4c287248623393943b5ba71f4c252077dee7cda5f191af639f6bc9ccce6307303924e47e62deed5d1bb5921eea00000c30f73971da9388b9ec29139dedf9d61d113d31eeef"], 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x2b, &(0x7f0000000040)=0x200000000005)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_DELSET={0x30, 0xb, 0xa, 0xa05, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x6}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x8000000000000001}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_DELRULE={0xc8, 0x8, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x3}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @meta={{0x9}, @void}}, {0x10, 0x1, 0x0, 0x1, @limit={{0xa}, @void}}, {0x30, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_FIB_FLAGS={0x8}]}}}]}, @NFTA_RULE_COMPAT={0x4c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x73}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x2e}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x2f}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x6003}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x88}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x62}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x12c1530899ab3849}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x8884}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFT_MSG_DELSET={0x18c, 0xb, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x5}, @NFTA_SET_DESC={0x58, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x4c, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x101}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7d}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x603}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x4}]}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x5}, @NFTA_SET_USERDATA={0xf0, 0xd, 0x1, 0x0, "d5d7041796cf1d05e56ca9285b7c54fc1b9f57af9246dcf5407ed827e5f9a852e60eecf54124700d93da14a31335fc9a2c450ea044637aef334c564fce1ccd2cf7a8ecaf942dd1bf1d9d1e81dd28adb7c6d508d9c65e4824c45792bac6fe04e2536139a0081be8d135fff5cc46756a655040275f46f5e7935d5bc3d57c7b2805cbe84aade5c8f09dbdc4682093450ec985458d7dddb949d3fe5328f0280cafca2a2cbf525abce03fb8b886e436ecb01e0e854c9346c803f627cccd0a6e23c237558658bdb0b8f557eb7be0f58ee308e37132b57578b98d5189b27d7d7e16b6244e18be8be993e72946ed230b"}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x8}, @NFTA_SET_DATA_TYPE={0x8}]}, @NFT_MSG_DELFLOWTABLE={0x34, 0x18, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELRULE={0x3a4, 0x8, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x3}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x248, 0x4, 0x0, 0x1, [{0x234, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x228, 0x2, 0x0, 0x1, [@NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CMP_DATA={0xf8, 0x3, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0xb9, 0x1, "1425d48f1134998f8c109bb0d6e7cd983432acbece76cd40ccea8d9583ec727781e4b12f799d89323d34fc71183a7873b1fbff614c0111e737704c86b39977ba160b146ebb8a0c31421609521b4f1ac61fb9e517b820a0d1a304bcd41660197ab0a4f26ca4244da3415ba152a42a2d83a7a7a1d934f16ed4943e3136d499768a63b01c253a1825424dbed84add5c3f990abaf4d25494e4dd5adf6239b28790a4771d8ab50e54efe97c318e3997b3da6c729e36ec76"}]}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_CMP_DATA={0xfc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x7, 0x1, "668d38"}, @NFTA_DATA_VALUE={0x9b, 0x1, "d7897352184a82fefadd4c56357913a2f73f3a35a0449fc294dd2e7014823a9077cf74da2b703621dc45c8b5453b641abb35b205393e7340f15ae31847bd70b40af11b047b9ae9d0b36fe1a5be7b2af3f808283af77b99281798735e738a303bea05447587660f77cbb1d92b610d77c7d9eb276dfccb3b14f6c3a64293d82f729def4b5b6ba81bb78ea9501b1f454292ecc3533a7b57f6"}, @NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @lookup={{0xb}, @void}}]}, @NFTA_RULE_USERDATA={0xcf, 0x7, 0x1, 0x0, "5c7303f71a77482071af5349c236d75fe670ef2376d631697333b52292deb54d5df7f3b104805614270dca5b348626d8a6296b86141b1a5f10db40e21023c6c35adb367b66e37ed29b82fde5d33b7b7922aff0cb2436f2b3e021838ddb83f6eff322927d48ed55472d0180f4fa352b523e7f37e8b77a743fab91ca08bc24e0e591455aff843ae9a7c0131ed9df46f3d267e95384a62db23686712100d34d2d38d87cb44175d9c98cf677cb0b5227c47b216b705dacc6572b5c08c863d4608c488a6a1a36b0532706b9c868"}, @NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0x1}]}}}, {0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x367a}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x684}, 0x1, 0x0, 0x0, 0x10000410}, 0x80)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x1c9000, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x5)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x13, &(0x7f0000000100)=@framed={{}, [@map_fd={0x18, 0xb, 0x1, 0x0, r2}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffff8}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x5}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @generic={0x7, 0x8, 0x9, 0x8, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x5}]}, &(0x7f0000000000)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r5, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$TIOCSTI(r4, 0x5437, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB="2c1d0000040a05"], 0x2c}}, 0x0)

2.640288239s ago: executing program 2 (id=1610):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x12})
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x4, &(0x7f00000001c0)=ANY=[@ANYRES8], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000c51000/0x2000)=nil)
mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0xc, 0x2031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
openat$proc_mixer(0xffffff9c, &(0x7f00000017c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r3, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x10)
gettid()
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000002140))
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "64f30ea84907e175d5966472c23d26ce8d6f3c"})
r5 = syz_open_dev$ttys(0xc, 0x2, 0x1)
syz_open_dev$ptys(0xc, 0x3, 0x1)
readv(r5, 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[], 0x18c}, 0x1, 0x0, 0x0, 0x2400c0d0}, 0x48040)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
shmget$private(0x0, 0x1000, 0x78000000, &(0x7f0000064000/0x1000)=nil)

2.260174047s ago: executing program 3 (id=1611):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000480)="66f30f0f6782a7660f38cf4b00b9250a00000f3245d9680066b8d0008ec0b9f2030000b800780000ba000000000f300fc77100c442b97d3c689d9d0f0fa301000000a42e430f01c3", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58b04"])
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f0000000140)={0x15, 0x110, 0xfa02, {r6, 0x0, 0x30, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"6e40db5d0076a1a5d48829eef778037c"}}, @ib={0x1b, 0x0, 0x0, {"0e00000000ae00000000000004000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_ACCEPT(r4, &(0x7f00000002c0)={0x8, 0x120, 0xfa00, {0x3, {0x9, 0x40, "a59e7895aa2a958753f32bde079ec4f5cea1b3cfb06d06ec8c217d31bcf180b7cb8c1fbfc81eb462992cebbcbedf60cc3f5ab73b10f531534c3562c7ba0f0d1a7d93dfb0177bed784f045219a7fa0cf0b885396b752fed2cd732c6c7f06994a45ed60d7eeda3020b4620cad5b5543879a10dea34792bfb25627f9ce643de63b783e5130a81c0f03f449deffeccca6255e4173b320a0811b17363d1ae92205b29c9c92ab347113706d96ae98151c163ffabc8f48a1a76f3d9bb1085ffa94f06747191a79c883f9b18eabb793d173e987e0fcc5f19cb2061f55c6db2e533c16912e550a6684dda505e6d1ca5cfcf0b11dd3a913cde9b3ae1efbee5e6fdb6d8e74e", 0x6, 0x6, 0x5, 0x8, 0x8, 0x1, 0x5d, 0x1}, r6}}, 0x128)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x78e}})
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r7, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000700)={0x64, r8, 0x1, 0x70bd2d, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6}, {0x5, 0x12, 0x3}, {0x6}, {0x8}}]}, 0x64}, 0x1, 0x0, 0x0, 0x8841}, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r4, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000500)={0x54, r8, 0x8, 0x70bd25, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x6}, {0x6, 0x11, 0x7ff}, {0x8}, {0x5}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4040814)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f00000005c0)={0xff, 0x9, 0xe4, 0x3, 0x5a, "3befb8108b4e00d539e6e54b06ed1a4b2bf1a5", 0x1, 0x4})
openat$cgroup_ro(r4, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x18, 0x2a, 0x9, 0x0, 0x0, {0x4, 0x0, 0x2c00}, [@nested={0x4, 0x10}]}, 0x18}, 0x1, 0x3000000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x20004040}, 0x0)
close(0xffffffffffffffff)

2.225910362s ago: executing program 1 (id=1612):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
sched_setaffinity(0x0, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, 0x0, &(0x7f0000000180)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_DELETE(r1, &(0x7f0000000400)={0x36, 0x6, 0x0, {0x0, 0x0, 0xd, 0x0, 'dont_appraise'}}, 0x36)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r3}, 0x50)

2.010347583s ago: executing program 3 (id=1613):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000005c0)={0x24, &(0x7f0000000440)={0x20, 0x24, 0xaa, {0xaa, 0x30, "a8ca0d7f3a7855ecdfdc3cec9e6f2bbf2f57c818442bac350c13203e347a4b9009dec58b7d54128a187a1d3c5717d4d728a6f9ef051034596947b750011f069dd5b0c26a239d7a242274842ce09fabbc68800d4ee373498e0ffc8521a125e85d3500287b610f8139479686d23b743200fc8bacb803c7b91fefaf7722a219421dabe5b0cdb264e834aef187c49e91343bb9961d9cf3512623b644ee4f8b6b22f3fd37d2ceb4ccf85e"}}, &(0x7f0000000500)={0x0, 0x3, 0x4, @lang_id={0x4}}, &(0x7f0000000540)={0x0, 0x22, 0x2, {[@global=@item_012={0x1, 0x1, 0x4, "c7"}]}}, &(0x7f0000000580)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9, 0x1, {0x22, 0xff4}}}}, &(0x7f0000000880)={0x2c, &(0x7f0000000600)={0x20, 0x17, 0xfd, "3695247b219a8901cc39e53606abe5bf93dbf6c4928825694b50e1db6a9bdfad576addd2aca6dfed4981a8f81e65ff0ff2c648f335c14885f522a6d605a08a4b8c9c4c6db4748aac3156694986bf80155dfbd2de77f0289e50145bb94236dcbdf3d43c29e0d51d5d25fc26a56cba0684b15722552e02cfde118a2a1ee8384d8bf61d3c052c8c6b7e01158fb77b1b6606e55e81fdd5d466045cca78d5f1fa88fc2ddf9c606d2eecb17af812dbca42320d0e8951168fc7c717ed14580607aec1b4bab96aa8c95d3d0d8ca97596167cbe35becacb5c804db410fd87388bff64a481366895d288f38fb49c552fc0a8a6636cdc56dd8caad81c1f2dad3ea59f"}, &(0x7f0000000740)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000000780)={0x0, 0x8, 0x1, 0x2}, &(0x7f00000007c0)={0x20, 0x1, 0x3c, "1c554cd830fa6397e12eb98b2ee738012ba2c4efcf3e90de733a786b9c18bdfaabbe7fb833141aad68400f40e98584ea996edbb26cb8fea396eeec4e"}, &(0x7f0000000840)={0x20, 0x3, 0x1, 0x2}})
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1830010000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0bfc0000000000000000020000000900010073797a30000000000900020073797a"], 0x54}}, 0x0)
writev(r2, &(0x7f0000000040), 0x2)
io_uring_setup(0x7ee9, &(0x7f00000002c0))
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)='%-5lx  \x00'}, 0x20)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$BATADV_CMD_TP_METER(r4, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x68, r5, 0x4, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4)
ioctl$AUTOFS_IOC_SETTIMEOUT(r1, 0x80049367, &(0x7f0000000180)=0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={r3}, 0x4)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000040))

1.960061078s ago: executing program 1 (id=1614):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0xda, &(0x7f0000001600)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa000800450000cc0000000000019078640101000000000000000089000000000000ac1414aa862a00000000000d5e000000ff00000000000000054eb8a600129606053d0006ff00800000b61af93a93831300ac1414007f0000017f000001e0000002864c0000000000074b6cefc500000cdf61168c24ac88ad078c000a2189ea43a2149b840012ffd11634eea26b0faffa0dea2e903528000902a20948fd7406000eccf0294e2a3bdb4aa40b249e4408000000000000000000a815a23da43974ff"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140))
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
recvmmsg(r2, &(0x7f0000002f00)=[{{0x0, 0x0, 0x0}, 0xfffffff4}], 0x1, 0x40010003, 0x0)
syz_io_uring_setup(0x5e2, &(0x7f0000000280), &(0x7f0000000040), &(0x7f0000000180))
io_uring_enter(r1, 0x4e07, 0x0, 0x0, 0x0, 0x0)

1.780229522s ago: executing program 0 (id=1617):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000fc0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001000)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000001040)={0x28, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc}}}}, 0x28}}, 0x0)
fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000040))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
close(r5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r5, 0x8b14, &(0x7f0000000000)={'pimreg\x00'})
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipv4_newnexthop={0x17, 0x68, 0x521, 0x0, 0x0, {}, [@NHA_OIF={0x8}, @NHA_ID={0x8, 0x1, 0x2}]}, 0x28}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03400000000000000000010000000900010073797a300000000040000000160a07000000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800024000000000080001400000000038000000160a09010000000000000000010000000900020073797a30000000000900010073797a300000000008000740000000000400038014000000110001"], 0xc0}}, 0x0)

1.670491729s ago: executing program 0 (id=1618):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000400)={0x36, 0x6, 0x0, {0x0, 0x0, 0xd, 0x0, 'dont_appraise'}}, 0x36)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1}, 0x50)

1.59052408s ago: executing program 0 (id=1619):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0xc, &(0x7f0000000240)=0x8004, 0x21)
sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="1800000056000106000000000000000007"], 0x18}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r5, 0x0, r7, 0x0, 0x6, 0x0)
splice(r6, 0x0, r5, 0x0, 0x7f, 0xe)
write(r4, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r8}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
r9 = memfd_create(&(0x7f0000000540)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0x0)
fcntl$dupfd(r9, 0x0, r9)
futex(&(0x7f0000000000), 0x8c, 0x1, 0x0, 0x0, 0x0)

1.590173058s ago: executing program 2 (id=1620):
r0 = add_key$user(&(0x7f0000000240), 0x0, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, &(0x7f0000000740)="69bf05d40ff7e03db3ddca537c6c5612321b25d32064e9ed643d462211406432e87c4d40383939ab8276bfc0294ba021d1ccf9b6b32d1b6c9e8c9737ca2d08305301693ef20a414ca24bed3736d182271d197fc2146a9f55070f3f31155b9081ecbd0fcc0296c88eac143394a776955e8a075194717757c9e085976cac66fd4c5bc83183df2db8205863d7f803e302420e7fc5315861803024f921932a49a4283f6a7d8ab2cbd629e984582467fd6ca63598d554677517903644dc2ef01f8dec", 0xc0, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r1, r1}, &(0x7f00000002c0)=""/46, 0x2e, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
r3 = fanotify_init(0x81, 0x0)
fanotify_mark(r3, 0x105, 0x40001032, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
socket$packet(0x11, 0x2, 0x300)
ptrace(0x8, r4)
wait4(0x0, 0x0, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
rt_tgsigqueueinfo(r4, 0xffffffffffffffff, 0x7, &(0x7f0000000580)={0x5, 0x735, 0x7})
read$FUSE(r3, &(0x7f00000057c0)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200000300000085000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a01040000000000000000020000000c00064000000000000000020900020073797a32000000000900010073797a30"], 0x60}}, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1.091953766s ago: executing program 0 (id=1621):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000480)="66f30f0f6782a7660f38cf4b00b9250a00000f3245d9680066b8d0008ec0b9f2030000b800780000ba000000000f300fc77100c442b97d3c689d9d0f0fa301000000a42e430f01c3", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58b04"])
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r4, &(0x7f0000000140)={0x15, 0x110, 0xfa02, {r5, 0x0, 0x30, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"6e40db5d0076a1a5d48829eef778037c"}}, @ib={0x1b, 0x0, 0x0, {"0e00000000ae00000000000004000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_ACCEPT(r3, &(0x7f00000002c0)={0x8, 0x120, 0xfa00, {0x3, {0x9, 0x40, "a59e7895aa2a958753f32bde079ec4f5cea1b3cfb06d06ec8c217d31bcf180b7cb8c1fbfc81eb462992cebbcbedf60cc3f5ab73b10f531534c3562c7ba0f0d1a7d93dfb0177bed784f045219a7fa0cf0b885396b752fed2cd732c6c7f06994a45ed60d7eeda3020b4620cad5b5543879a10dea34792bfb25627f9ce643de63b783e5130a81c0f03f449deffeccca6255e4173b320a0811b17363d1ae92205b29c9c92ab347113706d96ae98151c163ffabc8f48a1a76f3d9bb1085ffa94f06747191a79c883f9b18eabb793d173e987e0fcc5f19cb2061f55c6db2e533c16912e550a6684dda505e6d1ca5cfcf0b11dd3a913cde9b3ae1efbee5e6fdb6d8e74e", 0x6, 0x6, 0x5, 0x8, 0x8, 0x1, 0x5d, 0x1}, r5}}, 0x128)
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x78e}})
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r6, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000700)={0x64, r7, 0x1, 0x70bd2d, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6}, {0x5, 0x12, 0x3}, {0x6}, {0x8}}]}, 0x64}, 0x1, 0x0, 0x0, 0x8841}, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r3, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000500)={0x54, r7, 0x8, 0x70bd25, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x6}, {0x6, 0x11, 0x7ff}, {0x8}, {0x5}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4040814)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000005c0)={0xff, 0x9, 0xe4, 0x3, 0x5a, "3befb8108b4e00d539e6e54b06ed1a4b2bf1a5", 0x1, 0x4})
openat$cgroup_ro(r3, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x20004040}, 0x0)
close(r8)

900.108881ms ago: executing program 0 (id=1622):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000040)={&(0x7f00000000c0)="1b815aad", 0x4})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000003240)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)={0x50, r4, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x50}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
fchown(0xffffffffffffffff, 0xee01, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x8, 0x3, 0x2e8, 0x1c0, 0x3, 0xd0e7500, 0x0, 0x60, 0x250, 0x1d8, 0x1d8, 0x250, 0x1d8, 0x3, 0x0, {[{{@ip={@private, @dev={0xac, 0x14, 0xd}, 0x0, 0x0, 'nr0\x00', 'vxcan1\x00', {}, {}, 0x11}, 0x0, 0x158, 0x1c0, 0x0, {0x60000000}, [@common=@inet=@udp={{0x30}}, @common=@unspec=@conntrack1={{0xb8}, {{@ipv6=@mcast2, [], @ipv6=@remote, [], @ipv4=@multicast2, [], @ipv4=@empty}}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x36c, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@ip={@loopback, @private, 0x0, 0x0, 'tunl0\x00', 'veth1_to_bond\x00'}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x348)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4048050}, 0x0)

0s ago: executing program 0 (id=1623):
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket(0x0, 0x0, 0x0)
unshare(0x8040080)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r4=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r4, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000f80)=ANY=[@ANYBLOB="bbbbbbbbbbbbfff7ffffffff88a800008100000086dd52e561b50010218779880000000000000000000000000001fe800000dfff0000000000000000000000000000040190780070068f000ca8a7"], 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000180), 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
io_setup(0x20, &(0x7f0000001140))
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r6, 0x8910, &(0x7f0000000000)={'vlan1\x00', @ifru_map={0x20000000000004}})
ioctl$sock_netdev_private(r5, 0x89f3, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000fcffffff0000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r8}, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r9}, 0x38)

kernel console output (not intermixed with test programs):

[ T7904] sp0: Synchronizing with TNC
[  139.441596][   T39] audit: type=1400 audit(1727898185.038:378): avc:  denied  { search } for  pid=5054 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  139.448790][   T39] audit: type=1400 audit(1727898185.038:379): avc:  denied  { read } for  pid=5054 comm="dhcpcd" name="n72" dev="tmpfs" ino=5085 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  139.456303][   T39] audit: type=1400 audit(1727898185.038:380): avc:  denied  { open } for  pid=5054 comm="dhcpcd" path="/run/udev/data/n72" dev="tmpfs" ino=5085 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  139.463958][   T39] audit: type=1400 audit(1727898185.038:381): avc:  denied  { getattr } for  pid=5054 comm="dhcpcd" path="/run/udev/data/n72" dev="tmpfs" ino=5085 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  139.524783][   T39] audit: type=1400 audit(1727898185.118:382): avc:  denied  { ioctl } for  pid=7905 comm="syz.2.919" path="/dev/sg0" dev="devtmpfs" ino=705 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  139.840231][ T5340] Bluetooth: hci4: command 0x1003 tx timeout
[  139.842761][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  140.378742][ T5345] Bluetooth: hci2: SCO packet for unknown connection handle 0
[  140.382803][ T7931] netlink: 20 bytes leftover after parsing attributes in process `syz.2.926'.
[  140.387245][ T7931] netlink: 40 bytes leftover after parsing attributes in process `syz.2.926'.
[  141.276101][ T7940] netlink: 'syz.0.929': attribute type 1 has an invalid length.
[  141.352918][ T7953] binder: 7952:7953 ioctl c0306201 20000680 returned -14
[  141.416097][ T5345] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  142.317614][ T7977] netlink: 256 bytes leftover after parsing attributes in process `syz.0.942'.
[  142.842320][ T7982] FAULT_INJECTION: forcing a failure.
[  142.842320][ T7982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.845790][ T7982] CPU: 3 UID: 0 PID: 7982 Comm: syz.1.944 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  142.848591][ T7982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.851429][ T7982] Call Trace:
[  142.852307][ T7982]  <TASK>
[  142.853089][ T7982]  dump_stack_lvl+0x16c/0x1f0
[  142.854377][ T7982]  should_fail_ex+0x497/0x5b0
[  142.855622][ T7982]  _copy_from_user+0x30/0xf0
[  142.856834][ T7982]  copy_folio_from_user+0xff/0x2a0
[  142.858247][ T7982]  mfill_atomic_copy+0x1ba6/0x1e70
[  142.859593][ T7982]  ? __pfx_mfill_atomic_copy+0x10/0x10
[  142.861034][ T7982]  ? __might_fault+0xe3/0x190
[  142.862282][ T7982]  userfaultfd_ioctl+0x1e50/0x3830
[  142.863626][ T7982]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  142.865076][ T7982]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  142.866772][ T7982]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  142.868497][ T7982]  ? trace_lock_acquire+0x14a/0x1d0
[  142.869892][ T7982]  ? selinux_file_ioctl+0x180/0x270
[  142.871277][ T7982]  ? selinux_file_ioctl+0xb4/0x270
[  142.872614][ T7982]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  142.874064][ T7982]  ? __x64_sys_ioctl+0x18f/0x220
[  142.875362][ T7982]  __x64_sys_ioctl+0x18f/0x220
[  142.876630][ T7982]  do_syscall_64+0xcd/0x250
[  142.877862][ T7982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.879514][ T7982] RIP: 0033:0x7f3c8857dff9
[  142.880720][ T7982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.885666][ T7982] RSP: 002b:00007f3c893b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  142.887845][ T7982] RAX: ffffffffffffffda RBX: 00007f3c88735f80 RCX: 00007f3c8857dff9
[  142.889977][ T7982] RDX: 0000000020000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  142.892787][ T7982] RBP: 00007f3c893b7090 R08: 0000000000000000 R09: 0000000000000000
[  142.895489][ T7982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.897604][ T7982] R13: 0000000000000000 R14: 00007f3c88735f80 R15: 00007ffdc0933a98
[  142.899766][ T7982]  </TASK>
[  143.520625][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  143.801498][ T8013] netlink: 20 bytes leftover after parsing attributes in process `syz.1.955'.
[  143.806927][ T8013] netlink: 20 bytes leftover after parsing attributes in process `syz.1.955'.
[  144.565712][ T8047] netlink: 20 bytes leftover after parsing attributes in process `syz.1.965'.
[  144.820051][  T831] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  144.982677][  T831] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  144.985876][  T831] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  144.989478][  T831] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  144.992947][  T831] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.997294][  T831] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  145.000639][  T831] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  145.003554][  T831] usb 6-1: Product: syz
[  145.004783][  T831] usb 6-1: Manufacturer: syz
[  145.010331][  T831] cdc_wdm 6-1:1.0: skipping garbage
[  145.013022][  T831] cdc_wdm 6-1:1.0: skipping garbage
[  145.016867][  T831] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  145.018459][  T831] cdc_wdm 6-1:1.0: Unknown control protocol
[  145.213570][   T64] usb 6-1: USB disconnect, device number 8
[  145.305693][ T8061] netlink: 'syz.2.969': attribute type 4 has an invalid length.
[  145.308056][ T8061] netlink: 'syz.2.969': attribute type 4 has an invalid length.
[  145.388340][ T5345] Bluetooth: hci0: SCO packet for unknown connection handle 1039
[  145.388809][ T5345] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  145.905317][ T8054] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  145.907711][ T8054] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  145.910227][ T8054] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  145.912753][ T8054] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  145.963075][   T39] kauditd_printk_skb: 9 callbacks suppressed
[  145.963091][   T39] audit: type=1400 audit(1727898447.564:392): avc:  denied  { ioctl } for  pid=8066 comm="syz.2.972" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  146.145109][   T39] audit: type=1400 audit(1727898447.744:393): avc:  denied  { watch } for  pid=8078 comm="syz.2.977" path="/263/net_prio.prioidx" dev="tmpfs" ino=1418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  146.151359][   T39] audit: type=1400 audit(1727898447.744:394): avc:  denied  { watch_sb watch_reads } for  pid=8078 comm="syz.2.977" path="/263/net_prio.prioidx" dev="tmpfs" ino=1418 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  146.197784][ T8080] netlink: 4 bytes leftover after parsing attributes in process `syz.2.977'.
[  146.498823][ T8079] syz.2.977 (8079): drop_caches: 2
[  146.503018][ T8080] syz.2.977 (8080) used greatest stack depth: 21200 bytes left
[  146.905341][   T39] audit: type=1400 audit(1727898448.504:395): avc:  denied  { create } for  pid=8093 comm="syz.3.981" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  147.200044][ T5340] Bluetooth: hci0: command 0x0419 tx timeout
[  147.521748][ T5340] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  147.522173][ T5340] Bluetooth: hci1: SCO packet for unknown connection handle 1039
[  147.524811][ T5340] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  147.555738][   T39] audit: type=1400 audit(1727898449.154:396): avc:  denied  { bind } for  pid=8098 comm="syz.1.983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  147.562947][   T39] audit: type=1400 audit(1727898449.154:397): avc:  denied  { listen } for  pid=8098 comm="syz.1.983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  147.613235][ T5340] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  147.921653][ T5350] Bluetooth: hci2: command 0x0c1a tx timeout
[  147.921687][ T5345] Bluetooth: hci3: Opcode 0x206c failed: -110
[  147.923985][ T5340] Bluetooth: hci3: command 0x0419 tx timeout
[  147.928181][ T5345] Bluetooth: hci3: Opcode 0x2046 failed: -110
[  147.934028][ T5340] Bluetooth: hci4: sending frame failed (-49)
[  147.936260][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  148.005067][ T8120] netlink: 'syz.0.990': attribute type 1 has an invalid length.
[  148.020008][ T8120] bond1: entered promiscuous mode
[  148.055448][ T8120] bond1: (slave veth3): Enslaving as an active interface with a down link
[  148.059574][ T8120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.990'.
[  148.064904][ T8120] bond1 (unregistering): (slave veth3): Releasing active interface
[  148.069696][ T8120] bond1 (unregistering): Released all slaves
[  148.117791][ T8119] 9pnet_fd: Insufficient options for proto=fd
[  148.164352][ T5345] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  148.164653][ T5345] Bluetooth: hci3: SCO packet for unknown connection handle 1039
[  148.166990][ T5345] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  148.672071][ T8134] netlink: 20 bytes leftover after parsing attributes in process `syz.1.995'.
[  148.869089][ T5345] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  148.869148][ T5345] Bluetooth: hci0: SCO packet for unknown connection handle 1039
[  148.872056][ T5345] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  149.111495][ T8162] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  149.113502][ T8162] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  149.116796][ T8162] vhci_hcd vhci_hcd.0: Device attached
[  149.150121][   T35] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  149.189140][ T8163] vhci_hcd: cannot find a urb of seqnum 9 max seqnum 0
[  149.189978][   T11] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x80
[  149.194180][  T217] vhci_hcd: stop threads
[  149.196811][  T217] vhci_hcd: release socket
[  149.198389][  T217] vhci_hcd: disconnect device
[  149.311192][   T35] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  149.313673][   T35] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  149.316396][   T35] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  149.318789][   T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.323030][   T35] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  149.325386][   T35] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  149.327465][   T35] usb 6-1: Product: syz
[  149.328559][   T35] usb 6-1: Manufacturer: syz
[  149.334310][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  149.335720][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  149.338141][   T35] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  149.340172][   T35] cdc_wdm 6-1:1.0: Unknown control protocol
[  149.535786][  T831] usb 6-1: USB disconnect, device number 9
[  150.000135][ T5345] Bluetooth: hci3: command 0x0419 tx timeout
[  150.596964][ T5345] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  150.647545][ T5345] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  150.648734][ T5345] Bluetooth: hci0: SCO packet for unknown connection handle 1039
[  150.650925][ T5345] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  151.001626][  T829] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  151.154825][  T829] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  151.159358][  T829] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.162479][  T829] usb 8-1: Product: syz
[  151.163597][  T829] usb 8-1: Manufacturer: syz
[  151.164798][  T829] usb 8-1: SerialNumber: syz
[  151.167922][  T829] usb 8-1: config 0 descriptor??
[  151.445194][   T56] usb 8-1: USB disconnect, device number 9
[  152.080129][ T5340] Bluetooth: hci3: command 0x0419 tx timeout
[  152.720080][ T5340] Bluetooth: hci4: command 0x1003 tx timeout
[  152.722228][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  152.841308][ T8241] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1030'.
[  153.080034][  T829] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  153.231447][  T829] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  153.233480][  T829] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  153.235802][  T829] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  153.237912][  T829] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.242154][  T829] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  153.244433][  T829] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  153.246631][  T829] usb 6-1: Product: syz
[  153.247744][  T829] usb 6-1: Manufacturer: syz
[  153.252606][  T829] cdc_wdm 6-1:1.0: skipping garbage
[  153.254263][  T829] cdc_wdm 6-1:1.0: skipping garbage
[  153.257697][  T829] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  153.259360][  T829] cdc_wdm 6-1:1.0: Unknown control protocol
[  153.263292][ T8249] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1032'.
[  153.360224][   T56] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  153.453505][   T30] usb 6-1: USB disconnect, device number 10
[  153.500004][  T829] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  153.510055][   T56] usb 8-1: Using ep0 maxpacket: 32
[  153.514612][   T56] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  153.516823][   T56] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  153.519686][   T56] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  153.523691][   T56] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  153.528319][   T56] usb 8-1: config 0 interface 0 has no altsetting 0
[  153.532693][   T56] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  153.535983][   T56] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  153.538421][   T56] usb 8-1: Product: syz
[  153.539518][   T56] usb 8-1: Manufacturer: syz
[  153.541351][   T56] usb 8-1: SerialNumber: syz
[  153.543600][   T56] usb 8-1: config 0 descriptor??
[  153.547570][   T56] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  153.551040][   T56] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  153.671519][  T829] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  153.673852][  T829] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  153.676583][  T829] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  153.678942][  T829] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.683279][  T829] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  153.685691][  T829] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  153.687852][  T829] usb 5-1: Product: syz
[  153.688963][  T829] usb 5-1: Manufacturer: syz
[  153.692402][  T829] cdc_wdm 5-1:1.0: skipping garbage
[  153.693821][  T829] cdc_wdm 5-1:1.0: skipping garbage
[  153.695812][  T829] cdc_wdm 5-1:1.0: cdc-wdm1: USB WDM device
[  153.697372][  T829] cdc_wdm 5-1:1.0: Unknown control protocol
[  153.902888][   T30] usb 5-1: USB disconnect, device number 6
[  156.328364][   T39] audit: type=1400 audit(1727898457.924:398): avc:  denied  { write } for  pid=8286 comm="syz.0.1044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  156.348738][ T5345] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  156.348997][ T5345] Bluetooth: hci3: SCO packet for unknown connection handle 1039
[  156.460217][ T8291] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  156.467350][ T8291] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  156.469082][ T8291] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  156.471322][ T8291] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  156.619983][ T8295] Invalid logical block size (16)
[  156.686804][ T8310] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1049'.
[  156.766407][ T5345] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  156.766620][ T5345] Bluetooth: hci3: SCO packet for unknown connection handle 1039
[  156.940002][  T831] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  157.018998][   T63] usb 8-1: USB disconnect, device number 10
[  157.030875][   T63] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  157.092133][  T831] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  157.096866][  T831] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  157.099379][  T831] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  157.105010][  T831] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.111245][  T831] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  157.113552][  T831] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  157.115614][  T831] usb 6-1: Product: syz
[  157.116674][  T831] usb 6-1: Manufacturer: syz
[  157.124968][  T831] cdc_wdm 6-1:1.0: skipping garbage
[  157.126275][  T831] cdc_wdm 6-1:1.0: skipping garbage
[  157.131397][  T831] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  157.132950][  T831] cdc_wdm 6-1:1.0: Unknown control protocol
[  157.326373][  T829] usb 6-1: USB disconnect, device number 11
[  157.659342][ T8341] Illegal XDP return value 1885926829 on prog  (id 192) dev N/A, expect packet loss!
[  157.670470][   T39] audit: type=1400 audit(1727898459.274:399): avc:  denied  { search } for  pid=4816 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  157.677604][ T5345] Bluetooth: hci3: unexpected event for opcode 0x1004
[  157.782348][ T8350] netlink: 'syz.2.1066': attribute type 1 has an invalid length.
[  157.788011][ T8350] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1066'.
[  157.793739][   T39] audit: type=1400 audit(1727898459.394:400): avc:  denied  { read } for  pid=8348 comm="syz.2.1066" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  157.794187][ T8350] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1066'.
[  157.800117][   T39] audit: type=1400 audit(1727898459.394:401): avc:  denied  { open } for  pid=8348 comm="syz.2.1066" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  157.808617][   T39] audit: type=1400 audit(1727898459.394:402): avc:  denied  { ioctl } for  pid=8348 comm="syz.2.1066" path="/dev/fb0" dev="devtmpfs" ino=637 ioctlcmd=0x4608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  157.895333][ T8354] fuse: Bad value for 'fd'
[  157.963511][ T8356] 9pnet_fd: Insufficient options for proto=fd
[  158.014876][   T39] audit: type=1400 audit(1727898459.614:403): avc:  denied  { connect } for  pid=8357 comm="syz.3.1069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  158.086324][ T8359] netlink: 'syz.3.1069': attribute type 13 has an invalid length.
[  158.089564][ T8359] veth0_macvtap: left promiscuous mode
[  158.091351][ T8359] macvtap0: entered allmulticast mode
[  158.095990][ T8359] macvtap0: refused to change device tx_queue_len
[  158.187585][ T8361] x_tables: duplicate underflow at hook 1
[  158.480076][ T5345] Bluetooth: hci2: command 0x0c1a tx timeout
[  158.480148][ T5340] Bluetooth: hci1: command 0x0c1a tx timeout
[  158.480210][ T5350] Bluetooth: hci0: command 0x0419 tx timeout
[  158.654350][ T5340] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  158.719497][ T5345] Bluetooth: hci4: sending frame failed (-49)
[  158.722738][ T5340] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  159.077334][   T39] audit: type=1400 audit(1727898460.674:404): avc:  denied  { mount } for  pid=8374 comm="syz.3.1075" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  159.082096][ T8375] Bluetooth: MGMT ver 1.23
[  159.087869][   T39] audit: type=1400 audit(1727898460.684:405): avc:  denied  { bind } for  pid=8374 comm="syz.3.1075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  159.166132][ T8381] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1079'.
[  159.169587][ T8381] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1079'.
[  159.174018][ T8381] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1079'.
[  159.177253][ T8381] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1079'.
[  159.180406][ T8382] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1079'.
[  159.187715][   T39] audit: type=1400 audit(1727898460.784:406): avc:  denied  { bind } for  pid=8380 comm="syz.0.1079" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  159.427116][ T8396] fuse: Bad value for 'fd'
[  159.570183][   T39] audit: type=1400 audit(1727898461.164:407): avc:  denied  { setopt } for  pid=8397 comm="syz.2.1083" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  160.340107][   T64] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  160.500022][   T64] usb 8-1: Using ep0 maxpacket: 8
[  160.505213][   T64] usb 8-1: unable to read config index 0 descriptor/start: -61
[  160.507372][   T64] usb 8-1: can't read configurations, error -61
[  160.663418][   T64] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  160.810023][   T64] usb 8-1: Using ep0 maxpacket: 8
[  160.814985][   T64] usb 8-1: unable to read config index 0 descriptor/start: -61
[  160.817852][   T64] usb 8-1: can't read configurations, error -61
[  160.824073][   T64] usb usb8-port1: attempt power cycle
[  161.052566][ T8431] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1092'.
[  161.160122][   T64] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  161.180711][   T64] usb 8-1: Using ep0 maxpacket: 8
[  161.184531][   T64] usb 8-1: unable to read config index 0 descriptor/start: -61
[  161.187276][   T64] usb 8-1: can't read configurations, error -61
[  161.309994][   T63] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  161.335263][   T64] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  161.350719][   T64] usb 8-1: Using ep0 maxpacket: 8
[  161.355508][   T64] usb 8-1: unable to read config index 0 descriptor/start: -61
[  161.357618][   T64] usb 8-1: can't read configurations, error -61
[  161.359850][   T64] usb usb8-port1: unable to enumerate USB device
[  161.462864][   T63] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  161.465126][   T63] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  161.468246][   T63] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  161.471105][   T63] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.475634][   T63] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  161.478441][   T63] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  161.481146][   T63] usb 5-1: Product: syz
[  161.482467][   T63] usb 5-1: Manufacturer: syz
[  161.492950][   T63] cdc_wdm 5-1:1.0: skipping garbage
[  161.494828][   T63] cdc_wdm 5-1:1.0: skipping garbage
[  161.498339][   T63] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  161.501570][   T63] cdc_wdm 5-1:1.0: Unknown control protocol
[  161.683280][ T5340] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  161.685542][ T5340] Bluetooth: hci3: Injecting HCI hardware error event
[  161.688546][ T5340] Bluetooth: hci3: hardware error 0x00
[  161.696831][   T63] usb 5-1: USB disconnect, device number 7
[  162.494229][ T8443] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  162.570466][ T5345] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  163.190725][ T8458] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  163.193464][ T8458] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  163.194988][ T8458] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  163.760019][ T5340] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  163.793089][ T8475] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1109'.
[  163.874063][   T39] kauditd_printk_skb: 2 callbacks suppressed
[  163.874074][   T39] audit: type=1400 audit(1727898465.474:410): avc:  denied  { getopt } for  pid=8476 comm="syz.1.1110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  163.907585][ T8480] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1110'.
[  163.961100][ T8485] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  163.963059][ T8485] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  163.964842][ T8485] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  164.600571][   T56] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  164.640097][ T5340] Bluetooth: hci4: command 0x1003 tx timeout
[  164.640135][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  164.750061][   T56] usb 8-1: Using ep0 maxpacket: 16
[  164.756597][   T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.759782][   T56] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  164.763138][   T56] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  164.765519][   T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.774959][   T56] usb 8-1: config 0 descriptor??
[  165.078182][ T8497] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1116'.
[  165.080790][   T39] audit: type=1400 audit(1727898466.674:411): avc:  denied  { setopt } for  pid=8496 comm="syz.0.1116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  165.184488][   T56] usbhid 8-1:0.0: can't add hid device: -71
[  165.187223][   T56] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  165.198240][   T56] usb 8-1: USB disconnect, device number 15
[  165.577656][ T8519] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=8519 comm=syz.0.1123
[  165.638370][ T8521] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1122'.
[  165.880154][  T831] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  165.883505][ T1102] Bluetooth: hci4: Frame reassembly failed (-84)
[  166.000051][ T5340] Bluetooth: hci2: command 0x0c1a tx timeout
[  166.000126][ T5350] Bluetooth: hci1: command 0x0c1a tx timeout
[  166.000890][ T5347] Bluetooth: hci0: command 0x0419 tx timeout
[  166.031658][  T831] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  166.034288][  T831] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  166.036943][  T831] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  166.039391][  T831] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.044216][  T831] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  166.046641][  T831] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  166.048783][  T831] usb 7-1: Product: syz
[  166.050248][  T831] usb 7-1: Manufacturer: syz
[  166.056326][  T831] cdc_wdm 7-1:1.0: skipping garbage
[  166.057790][  T831] cdc_wdm 7-1:1.0: skipping garbage
[  166.060716][  T831] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  166.062451][  T831] cdc_wdm 7-1:1.0: Unknown control protocol
[  166.261499][  T829] usb 7-1: USB disconnect, device number 8
[  166.434445][ T8547] warning: `syz.1.1133' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  166.597054][   T39] audit: type=1400 audit(1727898468.194:412): avc:  denied  { create } for  pid=8550 comm="syz.1.1135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  166.602374][   T39] audit: type=1400 audit(1727898468.194:413): avc:  denied  { read } for  pid=8550 comm="syz.1.1135" path="socket:[20148]" dev="sockfs" ino=20148 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  166.724652][   T39] audit: type=1400 audit(1727898468.324:414): avc:  denied  { block_suspend } for  pid=8555 comm="syz.3.1137" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  166.810435][ T8559] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  166.812131][ T8559] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  166.813807][ T8559] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  167.697595][ T8573] netlink: 'syz.1.1143': attribute type 5 has an invalid length.
[  167.920080][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  167.920089][ T5340] Bluetooth: hci4: command 0x1003 tx timeout
[  167.965751][   T39] audit: type=1400 audit(1727898469.564:415): avc:  denied  { sqpoll } for  pid=8581 comm="syz.3.1145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  168.139092][   T39] audit: type=1400 audit(1727898469.734:416): avc:  denied  { read } for  pid=8594 comm="syz.3.1149" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  168.147034][   T39] audit: type=1400 audit(1727898469.734:417): avc:  denied  { open } for  pid=8594 comm="syz.3.1149" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  168.517117][ T8604] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  168.519583][ T8604] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  168.519798][ T8609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1154'.
[  168.522132][ T8604] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  168.557396][   T39] audit: type=1400 audit(1727898470.154:418): avc:  denied  { write } for  pid=8611 comm="syz.0.1155" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  168.608674][   T39] audit: type=1400 audit(1727898470.204:419): avc:  denied  { execute } for  pid=8611 comm="syz.0.1155" path="/dev/hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  168.839998][   T64] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  169.000034][   T64] usb 7-1: Using ep0 maxpacket: 16
[  169.003646][   T64] usb 7-1: config 129 has an invalid interface number: 209 but max is 1
[  169.006271][   T64] usb 7-1: config 129 has an invalid interface number: 223 but max is 1
[  169.008760][   T64] usb 7-1: config 129 has no interface number 0
[  169.011154][   T64] usb 7-1: config 129 has no interface number 1
[  169.013089][   T64] usb 7-1: config 129 interface 209 altsetting 6 bulk endpoint 0xB has invalid maxpacket 64
[  169.016028][   T64] usb 7-1: config 129 interface 209 altsetting 6 endpoint 0x5 has invalid maxpacket 1032, setting to 64
[  169.019399][   T64] usb 7-1: config 129 interface 209 altsetting 6 has a duplicate endpoint with address 0x83, skipping
[  169.023318][   T64] usb 7-1: config 129 interface 209 altsetting 6 has an endpoint descriptor with address 0x52, changing to 0x2
[  169.027406][   T64] usb 7-1: config 129 interface 209 altsetting 6 endpoint 0x2 has invalid maxpacket 48322, setting to 1024
[  169.031045][   T64] usb 7-1: config 129 interface 209 altsetting 6 bulk endpoint 0x2 has invalid maxpacket 1024
[  169.034397][   T64] usb 7-1: config 129 interface 209 altsetting 6 has a duplicate endpoint with address 0xB, skipping
[  169.037686][   T64] usb 7-1: config 129 interface 209 altsetting 6 has a duplicate endpoint with address 0x2, skipping
[  169.041238][   T64] usb 7-1: config 129 interface 209 altsetting 6 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  169.044475][   T64] usb 7-1: config 129 interface 209 altsetting 6 has a duplicate endpoint with address 0x1, skipping
[  169.047412][   T64] usb 7-1: config 129 interface 209 altsetting 6 has a duplicate endpoint with address 0x3, skipping
[  169.050534][   T64] usb 7-1: config 129 interface 209 altsetting 6 has 11 endpoint descriptors, different from the interface descriptor's value: 10
[  169.054280][   T64] usb 7-1: config 129 interface 223 altsetting 254 has an invalid descriptor for endpoint zero, skipping
[  169.057281][   T64] usb 7-1: config 129 interface 223 altsetting 254 has a duplicate endpoint with address 0x8, skipping
[  169.060258][   T64] usb 7-1: config 129 interface 223 altsetting 254 has an invalid descriptor for endpoint zero, skipping
[  169.063371][   T64] usb 7-1: config 129 interface 223 altsetting 254 bulk endpoint 0xA has invalid maxpacket 64
[  169.066144][   T64] usb 7-1: config 129 interface 223 altsetting 254 has a duplicate endpoint with address 0xD, skipping
[  169.069071][   T64] usb 7-1: config 129 interface 223 altsetting 254 has a duplicate endpoint with address 0xD, skipping
[  169.072509][   T64] usb 7-1: config 129 interface 223 altsetting 254 has a duplicate endpoint with address 0xB, skipping
[  169.076146][   T64] usb 7-1: config 129 interface 223 altsetting 254 has a duplicate endpoint with address 0x5, skipping
[  169.079420][   T64] usb 7-1: config 129 interface 223 altsetting 254 has an endpoint descriptor with address 0x39, changing to 0x9
[  169.082910][   T64] usb 7-1: config 129 interface 223 altsetting 254 endpoint 0x9 has invalid maxpacket 22028, setting to 64
[  169.086269][   T64] usb 7-1: config 129 interface 223 altsetting 254 has a duplicate endpoint with address 0x5, skipping
[  169.089362][   T64] usb 7-1: config 129 interface 223 altsetting 254 has an invalid descriptor for endpoint zero, skipping
[  169.092699][   T64] usb 7-1: config 129 interface 223 altsetting 254 has an invalid descriptor for endpoint zero, skipping
[  169.096212][   T64] usb 7-1: config 129 interface 223 altsetting 254 has 15 endpoint descriptors, different from the interface descriptor's value: 14
[  169.100252][   T64] usb 7-1: config 129 interface 209 has no altsetting 0
[  169.102591][   T64] usb 7-1: config 129 interface 223 has no altsetting 0
[  169.107515][   T64] usb 7-1: New USB device found, idVendor=0bb4, idProduct=0a28, bcdDevice=ba.3f
[  169.110232][   T64] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.112583][   T64] usb 7-1: Product: 㷻氽奇गṅ퐰몺퓓歱떈뙉㣺琌쑻ꚇΣẇ搧绌僈匤怃硺丢둪挃팮ரߞ姑竿鳖墀杶ꂊ濅쀟玓䊞ꜰ᳔䗪䊻糃Ი龴짍⃩ⴾ俍좎쓛⇁劄쮱ﵜ煋鿩뉖ⴂ⹢⬘
[  169.119018][   T64] usb 7-1: Manufacturer: ဆ뜻ᵕ푼Ụ㠬ᛦ륊᩵
[  169.121122][   T64] usb 7-1: SerialNumber: 垦䷿竫孵䧭釙辺ꜩ佖⺶臘鶠턠˗᫖꽷ᣗ혇䋾휭횦䈑첚뼿멩礢퉶멋ҔҲ刁䧤滍䍲⁎ꃁᠨ윥嘱呗朗퍅롯練튀铂픗≹䱧쒛咖摝魓螜蟑뤦犩뮟珃훪ꗈѣᶲ๻夵蒮푩℉偬搀片ᅄ獵ꜜ콍舤깔馕忽쀬ઘꍽ⊀럳濤鎒ᇂ騄㲟悛鱾ﱝɶ럞㿪寙좒艵榈鳩狺绦됕ᆔ糠
[  169.134830][ T8615] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  169.137911][ T8615] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  169.140641][ T8615] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  169.220049][   T56] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  169.355776][   T64] usb 7-1: USB disconnect, device number 9
[  169.380493][   T56] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  169.383491][   T56] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.386252][   T56] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.391093][   T56] usb 6-1: config 0 interface 0 has no altsetting 0
[  169.394439][   T56] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.397657][   T56] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.403451][   T56] usb 6-1: config 0 interface 0 has no altsetting 0
[  169.404774][ T8630] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1161'.
[  169.406587][   T56] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.411716][   T56] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.414543][   T56] usb 6-1: config 0 interface 0 has no altsetting 0
[  169.417228][   T56] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.419794][   T56] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.423466][   T56] usb 6-1: config 0 interface 0 has no altsetting 0
[  169.426633][   T56] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.429821][   T56] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.433886][   T56] usb 6-1: config 0 interface 0 has no altsetting 0
[  169.437292][   T56] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.440621][   T56] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.444516][   T56] usb 6-1: config 0 interface 0 has no altsetting 0
[  169.449401][   T56] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.452299][   T56] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.455819][   T56] usb 6-1: config 0 interface 0 has no altsetting 0
[  169.458344][   T56] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  169.460903][   T56] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  169.463765][   T56] usb 6-1: config 0 interface 0 has no altsetting 0
[  169.466950][   T56] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  169.469610][   T56] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  169.474349][   T56] usb 6-1: Product: syz
[  169.475955][   T56] usb 6-1: Manufacturer: syz
[  169.477675][   T56] usb 6-1: SerialNumber: syz
[  169.482639][   T56] usb 6-1: config 0 descriptor??
[  169.487083][   T56] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  169.660018][  T829] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  169.693582][   T56] usb 6-1: USB disconnect, device number 12
[  169.696888][   T56] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  169.821467][  T829] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  169.824120][  T829] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  169.827410][  T829] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  169.829739][  T829] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.834666][  T829] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  169.837307][  T829] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  169.839467][  T829] usb 8-1: Product: syz
[  169.840929][  T829] usb 8-1: Manufacturer: syz
[  169.847662][  T829] cdc_wdm 8-1:1.0: skipping garbage
[  169.849228][  T829] cdc_wdm 8-1:1.0: skipping garbage
[  169.852465][  T829] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  169.854760][  T829] cdc_wdm 8-1:1.0: Unknown control protocol
[  169.956124][ T8655] FAULT_INJECTION: forcing a failure.
[  169.956124][ T8655] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.963912][ T8655] CPU: 2 UID: 0 PID: 8655 Comm: syz.0.1170 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  169.966710][ T8655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.970203][ T8655] Call Trace:
[  169.971428][ T8655]  <TASK>
[  169.972507][ T8655]  dump_stack_lvl+0x16c/0x1f0
[  169.974261][ T8655]  should_fail_ex+0x497/0x5b0
[  169.975976][ T8655]  _copy_from_user+0x30/0xf0
[  169.977557][ T8655]  copy_folio_from_user+0xff/0x2a0
[  169.979371][ T8655]  mfill_atomic_copy+0x1ba6/0x1e70
[  169.981204][ T8655]  ? __pfx_mfill_atomic_copy+0x10/0x10
[  169.983160][ T8655]  ? __might_fault+0xe3/0x190
[  169.984649][ T8655]  userfaultfd_ioctl+0x1e50/0x3830
[  169.986012][ T8655]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  169.987435][ T8655]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  169.989566][ T8655]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  169.991884][ T8655]  ? trace_lock_acquire+0x14a/0x1d0
[  169.993774][ T8655]  ? selinux_file_ioctl+0x180/0x270
[  169.995569][ T8655]  ? selinux_file_ioctl+0xb4/0x270
[  169.997417][ T8655]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  169.999387][ T8655]  ? __x64_sys_ioctl+0x18f/0x220
[  170.001152][ T8655]  __x64_sys_ioctl+0x18f/0x220
[  170.002602][ T8655]  do_syscall_64+0xcd/0x250
[  170.003781][ T8655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.005333][ T8655] RIP: 0033:0x7fc90457dff9
[  170.006655][ T8655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.013082][ T8655] RSP: 002b:00007fc9052f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  170.015888][ T8655] RAX: ffffffffffffffda RBX: 00007fc904735f80 RCX: 00007fc90457dff9
[  170.018484][ T8655] RDX: 0000000020000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  170.021246][ T8655] RBP: 00007fc9052f6090 R08: 0000000000000000 R09: 0000000000000000
[  170.023987][ T8655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.026704][ T8655] R13: 0000000000000000 R14: 00007fc904735f80 R15: 00007fff579fc568
[  170.029562][ T8655]  </TASK>
[  170.048653][  T829] usb 8-1: USB disconnect, device number 16
[  170.104864][   T39] audit: type=1400 audit(1727898471.704:420): avc:  denied  { mount } for  pid=8659 comm="syz.0.1172" name="/" dev="configfs" ino=2107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  170.114958][   T39] audit: type=1400 audit(1727898471.714:421): avc:  denied  { setattr } for  pid=8659 comm="syz.0.1172" name="/" dev="configfs" ino=2107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  170.131421][   T39] audit: type=1400 audit(1727898471.734:422): avc:  denied  { unmount } for  pid=5346 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  170.200923][ T8664] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  170.203227][ T8664] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  170.204864][ T8664] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  170.547397][ T8681] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1178'.
[  170.579870][   T39] audit: type=1400 audit(1727898472.174:423): avc:  denied  { write } for  pid=8686 comm="syz.1.1181" name="sg0" dev="devtmpfs" ino=705 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  170.588177][   T39] audit: type=1400 audit(1727898472.184:424): avc:  denied  { write } for  pid=8686 comm="syz.1.1181" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  170.740105][ T8693] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  170.742941][ T8693] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  170.744734][ T8693] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  170.783796][   T39] audit: type=1326 audit(1727898472.384:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8694 comm="syz.2.1184" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff33df7dff9 code=0x0
[  170.996646][   T39] audit: type=1400 audit(1727898472.594:426): avc:  denied  { create } for  pid=8694 comm="syz.2.1184" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  170.996987][ T5345] Bluetooth: hci2: unexpected event for opcode 0x2029
[  171.003059][   T39] audit: type=1400 audit(1727898472.604:427): avc:  denied  { write } for  pid=8694 comm="syz.2.1184" name="file0" dev="tmpfs" ino=1722 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  171.010045][   T39] audit: type=1400 audit(1727898472.604:428): avc:  denied  { open } for  pid=8694 comm="syz.2.1184" path="/313/file0" dev="tmpfs" ino=1722 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  171.010065][   T39] audit: type=1400 audit(1727898472.604:429): avc:  denied  { ioctl } for  pid=8694 comm="syz.2.1184" path="/313/file0" dev="tmpfs" ino=1722 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  171.360006][  T831] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  171.511814][  T831] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  171.514623][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  171.516944][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  171.519778][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  171.522974][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  171.525341][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  171.528160][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  171.530917][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  171.533278][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  171.536070][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  171.538526][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  171.541375][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  171.544190][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  171.547068][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  171.549416][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  171.552336][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  171.555082][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  171.557382][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  171.560437][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  171.563273][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  171.565571][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  171.568350][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  171.570998][  T831] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  171.573347][  T831] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  171.576115][  T831] usb 5-1: config 0 interface 0 has no altsetting 0
[  171.579777][  T831] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  171.582289][  T831] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  171.584456][  T831] usb 5-1: Product: syz
[  171.585558][  T831] usb 5-1: Manufacturer: syz
[  171.586773][  T831] usb 5-1: SerialNumber: syz
[  171.589864][  T831] usb 5-1: config 0 descriptor??
[  171.593403][  T831] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  171.800161][  T831] usb 5-1: USB disconnect, device number 8
[  171.804820][  T831] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  172.410478][ T8724] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  172.412500][ T8724] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  172.415511][ T8724] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  172.499514][ T5345] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  172.710249][   T64] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  172.859971][   T64] usb 7-1: Using ep0 maxpacket: 8
[  172.863076][   T64] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  172.865741][   T64] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  172.868415][   T64] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  172.871102][   T64] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  172.875496][   T64] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  172.878839][   T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.091216][   T64] usb 7-1: GET_CAPABILITIES returned 0
[  173.093556][   T64] usbtmc 7-1:16.0: can't read capabilities
[  173.298406][  T831] usb 7-1: USB disconnect, device number 10
[  173.720591][ T8758] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  173.723099][ T8758] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  173.724817][ T8758] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  174.270048][  T829] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  174.450053][  T829] usb 7-1: Using ep0 maxpacket: 8
[  174.453142][  T829] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  174.455854][  T829] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  174.458482][  T829] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  174.461213][  T829] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  174.464814][  T829] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  174.467238][  T829] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.540050][   T64] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  174.640028][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  174.640114][ T5340] Bluetooth: hci4: command 0x1003 tx timeout
[  174.674186][  T829] usb 7-1: GET_CAPABILITIES returned 0
[  174.675664][  T829] usbtmc 7-1:16.0: can't read capabilities
[  174.700452][   T64] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  174.703500][   T64] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  174.705887][   T64] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  174.708800][   T64] usb 8-1: config 0 interface 0 has no altsetting 0
[  174.711566][   T64] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  174.714068][   T64] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  174.716878][   T64] usb 8-1: config 0 interface 0 has no altsetting 0
[  174.719365][   T64] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  174.722050][   T64] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  174.725085][   T64] usb 8-1: config 0 interface 0 has no altsetting 0
[  174.727561][   T64] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  174.730086][   T64] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  174.732923][   T64] usb 8-1: config 0 interface 0 has no altsetting 0
[  174.735718][   T64] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  174.738189][   T64] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  174.741524][   T64] usb 8-1: config 0 interface 0 has no altsetting 0
[  174.743972][   T64] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  174.746511][   T64] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  174.749420][   T64] usb 8-1: config 0 interface 0 has no altsetting 0
[  174.752124][   T64] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  174.754669][   T64] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  174.757701][   T64] usb 8-1: config 0 interface 0 has no altsetting 0
[  174.760314][   T64] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  174.762734][   T64] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  174.765829][   T64] usb 8-1: config 0 interface 0 has no altsetting 0
[  174.769230][   T64] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  174.772146][   T64] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  174.774337][   T64] usb 8-1: Product: syz
[  174.775608][   T64] usb 8-1: Manufacturer: syz
[  174.776872][   T64] usb 8-1: SerialNumber: syz
[  174.779693][   T64] usb 8-1: config 0 descriptor??
[  174.783077][   T64] yurex 8-1:0.0: USB YUREX device now attached to Yurex #1
[  174.935773][  T829] usb 7-1: USB disconnect, device number 11
[  174.991608][   T64] usb 8-1: USB disconnect, device number 17
[  174.994148][   T64] yurex 8-1:0.0: USB YUREX #1 now disconnected
[  175.761008][ T5345] Bluetooth: hci2: command 0x0c1a tx timeout
[  175.761094][ T5340] Bluetooth: hci1: command 0x0c1a tx timeout
[  175.763063][ T5345] Bluetooth: hci0: command 0x0419 tx timeout
[  176.182252][   T39] kauditd_printk_skb: 4 callbacks suppressed
[  176.182263][   T39] audit: type=1326 audit(1727898477.784:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8804 comm="syz.1.1219" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c8857dff9 code=0x0
[  176.254937][ T1112] Bluetooth: hci4: Frame reassembly failed (-84)
[  176.411829][ T5350] Bluetooth: hci1: unexpected event for opcode 0x2029
[  176.439019][   T39] audit: type=1400 audit(1727898478.034:435): avc:  denied  { write } for  pid=8819 comm="syz.2.1223" path="socket:[21848]" dev="sockfs" ino=21848 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  176.445546][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  176.452603][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  176.456498][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  176.460713][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  176.466904][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  176.471489][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  176.475073][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  176.478713][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  176.482403][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  176.486374][ T8820] IPv4: Oversized IP packet from 172.20.20.11
[  178.053949][ T5350] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  178.123735][ T5340] Bluetooth: hci5: sending frame failed (-49)
[  178.126091][ T5350] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  178.320021][ T5350] Bluetooth: hci4: command 0x1003 tx timeout
[  178.320063][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  178.971056][ T8865] netlink: 'syz.0.1239': attribute type 4 has an invalid length.
[  178.973178][ T8869] libceph: resolve '40.' (ret=-3): failed
[  178.996370][   T39] audit: type=1400 audit(1727898480.594:436): avc:  denied  { open } for  pid=8873 comm="syz.0.1242" path="/dev/ptyq5" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  179.058148][   T39] audit: type=1400 audit(1727898480.654:437): avc:  denied  { read write } for  pid=8874 comm="syz.2.1243" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  179.068995][ T8880] 9pnet_fd: Insufficient options for proto=fd
[  179.070018][   T39] audit: type=1400 audit(1727898480.664:438): avc:  denied  { open } for  pid=8874 comm="syz.2.1243" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  179.122430][ T8880] xt_CT: No such helper "snmp_trap"
[  179.908198][ T5345] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  179.987307][   T78] Bluetooth: hci4: Frame reassembly failed (-84)
[  179.989552][  T217] Bluetooth: hci4: Frame reassembly failed (-84)
[  180.199378][   T39] audit: type=1400 audit(1727898481.794:439): avc:  denied  { write } for  pid=8913 comm="syz.0.1254" name="card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  180.199519][ T8914] 9pnet_fd: Insufficient options for proto=fd
[  180.289038][ T8921] 9pnet_fd: Insufficient options for proto=fd
[  180.329618][ T8921] xt_CT: No such helper "snmp_trap"
[  181.106132][   T39] audit: type=1400 audit(1727898482.704:440): avc:  denied  { create } for  pid=8928 comm="syz.0.1260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  181.111601][   T39] audit: type=1400 audit(1727898482.714:441): avc:  denied  { bind } for  pid=8928 comm="syz.0.1260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  181.225467][   T39] audit: type=1400 audit(1727898482.824:442): avc:  denied  { setopt } for  pid=8941 comm="syz.1.1265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  182.000107][ T5350] Bluetooth: hci4: command 0x1003 tx timeout
[  182.000199][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  182.067419][ T8952] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1267'.
[  182.213665][ T8959] 9pnet_fd: Insufficient options for proto=fd
[  182.240443][ T8959] xt_CT: No such helper "snmp_trap"
[  182.310053][   T64] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  182.461983][   T64] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  182.464254][   T64] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  182.466906][   T64] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  182.469219][   T64] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.474242][   T64] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  182.476917][   T64] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  182.478959][   T64] usb 8-1: Product: syz
[  182.480437][   T64] usb 8-1: Manufacturer: syz
[  182.484447][   T64] cdc_wdm 8-1:1.0: skipping garbage
[  182.485844][   T64] cdc_wdm 8-1:1.0: skipping garbage
[  182.487846][   T64] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  182.489436][   T64] cdc_wdm 8-1:1.0: Unknown control protocol
[  182.730664][ T8968] FAULT_INJECTION: forcing a failure.
[  182.730664][ T8968] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.734288][ T8968] CPU: 2 UID: 0 PID: 8968 Comm: syz.2.1272 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  182.737174][ T8968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.740110][ T8968] Call Trace:
[  182.740999][ T8968]  <TASK>
[  182.741803][ T8968]  dump_stack_lvl+0x16c/0x1f0
[  182.743079][ T8968]  should_fail_ex+0x497/0x5b0
[  182.744336][ T8968]  _copy_from_user+0x30/0xf0
[  182.745576][ T8968]  restore_altstack+0x94/0x170
[  182.746849][ T8968]  ? __pfx_restore_altstack+0x10/0x10
[  182.748269][ T8968]  ? _raw_spin_unlock_irq+0x23/0x50
[  182.749663][ T8968]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.751060][ T8968]  ? _raw_spin_unlock_irq+0x2e/0x50
[  182.752488][ T8968]  ? set_current_blocked+0xdd/0x120
[  182.753961][ T8968]  __do_sys_rt_sigreturn+0x132/0x230
[  182.755431][ T8968]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  182.757055][ T8968]  ? rcu_is_watching+0x12/0xc0
[  182.758403][ T8968]  do_syscall_64+0xcd/0x250
[  182.759689][ T8968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.761258][ T8968] RIP: 0033:0x7ff33df19959
[  182.762452][ T8968] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  182.767459][ T8968] RSP: 002b:00007ff33ed87340 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  182.769667][ T8968] RAX: ffffffffffffffda RBX: 00007ff33e135f80 RCX: 00007ff33df19959
[  182.771904][ T8968] RDX: 00007ff33ed87340 RSI: 00007ff33ed87470 RDI: 0000000000000011
[  182.774150][ T8968] RBP: 00007ff33ed88090 R08: 0000000000000000 R09: 0000000000000000
[  182.776346][ T8968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.778690][ T8968] R13: 0000000000000000 R14: 00007ff33e135f80 R15: 00007ffd92aa9738
[  182.780828][ T8968]  </TASK>
[  182.871888][   T64] usb 8-1: USB disconnect, device number 18
[  183.223765][ T8980] SELinux:  Context system_u:object_r:hald_keymap_exec_t:s0 is not valid (left unmapped).
[  183.227311][   T39] audit: type=1400 audit(1727898484.824:443): avc:  denied  { relabelto } for  pid=8978 comm="syz.2.1275" name="file1" dev="tmpfs" ino=1851 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:hald_keymap_exec_t:s0"
[  183.234597][   T39] audit: type=1400 audit(1727898484.834:444): avc:  denied  { associate } for  pid=8978 comm="syz.2.1275" name="file1" dev="tmpfs" ino=1851 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:hald_keymap_exec_t:s0"
[  183.285935][   T39] audit: type=1400 audit(1727898484.884:445): avc:  denied  { watch watch_reads } for  pid=8978 comm="syz.2.1275" path="/proc/877/task" dev="proc" ino=21997 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  183.453952][ T8983] lo speed is unknown, defaulting to 1000
[  183.455758][ T8983] lo speed is unknown, defaulting to 1000
[  183.458988][ T8983] lo speed is unknown, defaulting to 1000
[  183.464210][ T8983] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  183.469623][ T8983] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  183.484704][ T8983] lo speed is unknown, defaulting to 1000
[  183.486936][ T8983] lo speed is unknown, defaulting to 1000
[  183.489469][ T8983] lo speed is unknown, defaulting to 1000
[  183.493874][ T8983] lo speed is unknown, defaulting to 1000
[  183.495836][ T8983] lo speed is unknown, defaulting to 1000
[  183.865416][   T39] audit: type=1400 audit(1727898485.464:446): avc:  denied  { unlink } for  pid=5343 comm="syz-executor" name="file1" dev="tmpfs" ino=1851 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:hald_keymap_exec_t:s0"
[  184.438741][ T5345] Bluetooth: hci0: unexpected event for opcode 0x0c46
[  184.509980][   T71] Bluetooth: hci4: Frame reassembly failed (-84)
[  184.623225][ T9000] FAULT_INJECTION: forcing a failure.
[  184.623225][ T9000] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.627072][ T9000] CPU: 3 UID: 0 PID: 9000 Comm: syz.1.1282 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  184.630009][ T9000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  184.633196][ T9000] Call Trace:
[  184.634156][ T9000]  <TASK>
[  184.635050][ T9000]  dump_stack_lvl+0x16c/0x1f0
[  184.636376][ T9000]  should_fail_ex+0x497/0x5b0
[  184.637719][ T9000]  _copy_from_iter+0x2a1/0x1540
[  184.639068][ T9000]  ? __pfx__copy_from_iter+0x10/0x10
[  184.640555][ T9000]  ? __virt_addr_valid+0x1a4/0x590
[  184.642090][ T9000]  ? __virt_addr_valid+0x5e/0x590
[  184.643514][ T9000]  ? __phys_addr_symbol+0x30/0x80
[  184.644980][ T9000]  ? __check_object_size+0x488/0x710
[  184.646528][ T9000]  netlink_sendmsg+0x813/0xd70
[  184.647987][ T9000]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.649514][ T9000]  ? __import_iovec+0x1fd/0x6e0
[  184.650927][ T9000]  ____sys_sendmsg+0xaaf/0xc90
[  184.652395][ T9000]  ? copy_msghdr_from_user+0x10b/0x160
[  184.653944][ T9000]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.655461][ T9000]  ? __pfx___lock_acquire+0x10/0x10
[  184.656898][ T9000]  ___sys_sendmsg+0x135/0x1e0
[  184.658281][ T9000]  ? __pfx____sys_sendmsg+0x10/0x10
[  184.659783][ T9000]  ? lock_acquire+0x2f/0xb0
[  184.661058][ T9000]  ? __fget_files+0x40/0x3f0
[  184.662417][ T9000]  ? fdget+0x176/0x210
[  184.663572][ T9000]  __sys_sendmsg+0x117/0x1f0
[  184.664869][ T9000]  ? __pfx___sys_sendmsg+0x10/0x10
[  184.666273][ T9000]  ? __fget_files+0x244/0x3f0
[  184.667592][ T9000]  do_syscall_64+0xcd/0x250
[  184.668828][ T9000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.670531][ T9000] RIP: 0033:0x7f3c8857dff9
[  184.671760][ T9000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.676906][ T9000] RSP: 002b:00007f3c893b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.679210][ T9000] RAX: ffffffffffffffda RBX: 00007f3c88735f80 RCX: 00007f3c8857dff9
[  184.681342][ T9000] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000000000004
[  184.683894][ T9000] RBP: 00007f3c893b7090 R08: 0000000000000000 R09: 0000000000000000
[  184.686720][ T9000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.689545][ T9000] R13: 0000000000000000 R14: 00007f3c88735f80 R15: 00007ffdc0933a98
[  184.692387][ T9000]  </TASK>
[  185.018774][ T5350] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  185.470841][ T9015] netlink: 'syz.0.1288': attribute type 4 has an invalid length.
[  185.472899][ T9015] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1288'.
[  185.786299][ T9023] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1290'.
[  186.040064][  T831] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  186.192205][  T831] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  186.194651][  T831] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  186.197599][  T831] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  186.200181][  T831] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.204863][  T831] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  186.207419][  T831] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  186.209749][  T831] usb 5-1: Product: syz
[  186.210985][  T831] usb 5-1: Manufacturer: syz
[  186.214548][  T831] cdc_wdm 5-1:1.0: skipping garbage
[  186.215978][  T831] cdc_wdm 5-1:1.0: skipping garbage
[  186.218015][  T831] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  186.219594][  T831] cdc_wdm 5-1:1.0: Unknown control protocol
[  186.417554][   T30] usb 5-1: USB disconnect, device number 9
[  186.560095][ T5340] Bluetooth: hci4: command 0x1003 tx timeout
[  186.560170][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  186.711775][ T9034] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1294'.
[  187.120097][ T5345] Bluetooth: hci5: command 0x1003 tx timeout
[  187.120146][ T5350] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  187.187859][   T39] audit: type=1400 audit(1727898488.784:447): avc:  denied  { read write } for  pid=9045 comm="syz.3.1299" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  187.193927][   T39] audit: type=1400 audit(1727898488.784:448): avc:  denied  { open } for  pid=9045 comm="syz.3.1299" path="/308/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  187.776272][ T5350] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  187.818143][ T5350] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  188.078897][ T9068] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1306'.
[  188.082060][ T9068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1306'.
[  188.993521][ T5340] Bluetooth: hci0: unexpected event for opcode 0x0c46
[  189.920090][ T5345] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  189.920101][ T5350] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  189.921146][ T5350] Bluetooth: hci5: command 0x1003 tx timeout
[  190.367999][   T39] audit: type=1400 audit(1727898491.964:449): avc:  denied  { mount } for  pid=9098 comm="syz.0.1316" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  190.472651][   T39] audit: type=1400 audit(1727898492.074:450): avc:  denied  { create } for  pid=9103 comm="syz.2.1318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  190.478441][   T39] audit: type=1400 audit(1727898492.074:451): avc:  denied  { bind } for  pid=9103 comm="syz.2.1318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  190.553159][ T9109] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1318'.
[  190.909226][   T39] audit: type=1400 audit(1727898492.504:452): avc:  denied  { unmount } for  pid=5346 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  191.053146][   T39] audit: type=1400 audit(1727898492.654:453): avc:  denied  { mount } for  pid=9123 comm="syz.2.1323" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  191.120321][ T5340] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  191.180915][ T5340] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  191.264485][   T39] audit: type=1400 audit(1727898492.864:454): avc:  denied  { bind } for  pid=9137 comm="syz.0.1326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  191.804085][   T39] audit: type=1400 audit(1727898493.404:455): avc:  denied  { connect } for  pid=9144 comm="syz.2.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  191.812282][   T39] audit: type=1400 audit(1727898493.414:456): avc:  denied  { setopt } for  pid=9144 comm="syz.2.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  192.269814][   T39] audit: type=1400 audit(1727898493.864:457): avc:  denied  { getopt } for  pid=9169 comm="syz.2.1337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  192.292518][   T39] audit: type=1400 audit(1727898493.894:458): avc:  denied  { ioctl } for  pid=9169 comm="syz.2.1337" path="socket:[24612]" dev="sockfs" ino=24612 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  192.320102][  T831] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  192.470410][  T831] usb 5-1: Using ep0 maxpacket: 16
[  192.476411][  T831] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.479161][  T831] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  192.482112][  T831] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.485697][  T831] usb 5-1: config 0 descriptor??
[  192.489248][  T831] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input7
[  192.495816][   T39] audit: type=1400 audit(1727898494.094:459): avc:  denied  { read } for  pid=4819 comm="acpid" name="mouse2" dev="devtmpfs" ino=2570 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  192.503071][   T39] audit: type=1400 audit(1727898494.094:460): avc:  denied  { open } for  pid=4819 comm="acpid" path="/dev/input/mouse2" dev="devtmpfs" ino=2570 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  192.662313][ T9188] net_ratelimit: 22 callbacks suppressed
[  192.662326][ T9188] openvswitch: netlink: Actions may not be safe on all matching packets
[  192.708123][ T4819] bcm5974 5-1:0.0: could not read from device
[  192.709882][   T39] audit: type=1400 audit(1727898494.304:461): avc:  denied  { shutdown } for  pid=9190 comm="syz.3.1344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  192.718454][ T4819] bcm5974 5-1:0.0: could not read from device
[  192.721244][  T831] usb 5-1: USB disconnect, device number 10
[  192.727085][ T4819] bcm5974 5-1:0.0: could not read from device
[  192.781044][   T39] audit: type=1400 audit(1727898494.384:462): avc:  denied  { getopt } for  pid=9192 comm="syz.2.1345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  193.280071][ T5340] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  193.280541][ T5345] Bluetooth: hci4: command 0x1003 tx timeout
[  193.290985][ T9206] input: syz1 as /devices/virtual/input/input8
[  193.304897][   T39] audit: type=1400 audit(1727898494.904:463): avc:  denied  { ioctl } for  pid=4819 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2577 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  193.610715][   T39] audit: type=1400 audit(1727898495.214:464): avc:  denied  { read } for  pid=9224 comm="syz.3.1355" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  193.616988][   T39] audit: type=1400 audit(1727898495.214:465): avc:  denied  { open } for  pid=9224 comm="syz.3.1355" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  193.675875][   T39] audit: type=1400 audit(1727898495.274:466): avc:  denied  { bind } for  pid=9226 comm="syz.2.1356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  193.930009][ T9233] FAULT_INJECTION: forcing a failure.
[  193.930009][ T9233] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  193.934650][ T9233] CPU: 3 UID: 0 PID: 9233 Comm: syz.1.1358 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  193.938527][ T9233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.941830][ T9233] Call Trace:
[  193.942710][ T9233]  <TASK>
[  193.943488][ T9233]  dump_stack_lvl+0x16c/0x1f0
[  193.944748][ T9233]  should_fail_ex+0x497/0x5b0
[  193.946012][ T9233]  ? fs_reclaim_acquire+0xae/0x160
[  193.947357][ T9233]  should_fail_alloc_page+0xe7/0x130
[  193.948737][ T9233]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  193.950540][ T9233]  __alloc_pages_noprof+0x190/0x25c0
[  193.952500][ T9233]  ? copy_splice_read+0x1a8/0xb90
[  193.954388][ T9233]  ? stack_trace_save+0x95/0xd0
[  193.956192][ T9233]  ? __pfx_stack_trace_save+0x10/0x10
[  193.958185][ T9233]  ? do_sendfile+0xb0c/0xe40
[  193.959905][ T9233]  ? stack_depot_save_flags+0x28/0x8f0
[  193.961660][ T9233]  ? hlock_class+0x4e/0x130
[  193.962899][ T9233]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  193.964550][ T9233]  ? copy_splice_read+0x1a8/0xb90
[  193.966330][ T9233]  ? kasan_save_stack+0x33/0x60
[  193.968121][ T9233]  ? kasan_save_track+0x14/0x30
[  193.969922][ T9233]  ? __kasan_kmalloc+0xaa/0xb0
[  193.971295][ T9233]  ? __kmalloc_noprof+0x1e8/0x400
[  193.972609][ T9233]  ? copy_splice_read+0x1a8/0xb90
[  193.973945][ T9233]  ? do_splice_read+0x2bd/0x370
[  193.975310][ T9233]  ? splice_direct_to_actor+0x2a4/0xa40
[  193.976765][ T9233]  alloc_pages_bulk_noprof+0x77c/0x1110
[  193.978271][ T9233]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  193.979843][ T9233]  ? trace_kmalloc+0x2d/0xe0
[  193.981206][ T9233]  ? __kmalloc_noprof+0x207/0x400
[  193.983073][ T9233]  copy_splice_read+0x1e3/0xb90
[  193.984880][ T9233]  ? __pfx_copy_splice_read+0x10/0x10
[  193.986761][ T9233]  ? find_held_lock+0x2d/0x110
[  193.988015][ T9233]  ? splice_direct_to_actor+0x346/0xa40
[  193.989772][ T9233]  ? __pfx_shmem_file_splice_read+0x10/0x10
[  193.991511][ T9233]  do_splice_read+0x2bd/0x370
[  193.992738][ T9233]  splice_direct_to_actor+0x2a4/0xa40
[  193.994155][ T9233]  ? __pfx_direct_splice_actor+0x10/0x10
[  193.995613][ T9233]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  193.997145][ T9233]  ? __pfx___might_resched+0x10/0x10
[  193.998529][ T9233]  do_splice_direct+0x178/0x250
[  193.999795][ T9233]  ? __pfx_do_splice_direct+0x10/0x10
[  194.001687][ T9233]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  194.002355][ T1379] ieee802154 phy1 wpan1: encryption failed: -22
[  194.004010][ T9233]  do_sendfile+0xb0c/0xe40
[  194.007357][ T9233]  ? __pfx_do_sendfile+0x10/0x10
[  194.009223][ T9233]  ? __fget_files+0x244/0x3f0
[  194.010793][ T9233]  __x64_sys_sendfile64+0x1da/0x220
[  194.012352][ T9233]  ? ksys_write+0x1ad/0x260
[  194.014075][ T9233]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  194.015839][ T9233]  do_syscall_64+0xcd/0x250
[  194.017216][ T9233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.019410][ T9233] RIP: 0033:0x7f3c8857dff9
[  194.020836][ T9233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.027741][ T9233] RSP: 002b:00007f3c893b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  194.030691][ T9233] RAX: ffffffffffffffda RBX: 00007f3c88735f80 RCX: 00007f3c8857dff9
[  194.032732][ T9233] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  194.034803][ T9233] RBP: 00007f3c893b7090 R08: 0000000000000000 R09: 0000000000000000
[  194.036853][ T9233] R10: 00000000001000a3 R11: 0000000000000246 R12: 0000000000000002
[  194.038935][ T9233] R13: 0000000000000000 R14: 00007f3c88735f80 R15: 00007ffdc0933a98
[  194.041091][ T9233]  </TASK>
[  195.010113][ T5587] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  195.131380][ T9268] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  195.134472][ T9268] overlayfs: failed to set xattr on upper
[  195.136032][ T9268] overlayfs: ...falling back to redirect_dir=nofollow.
[  195.137858][ T9268] overlayfs: ...falling back to index=off.
[  195.139402][ T9268] overlayfs: ...falling back to uuid=null.
[  195.170652][ T5587] usb 7-1: Using ep0 maxpacket: 8
[  195.173383][ T5587] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  195.175944][ T5587] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  195.178498][ T5587] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  195.182136][ T5587] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  195.185522][ T5587] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  195.187834][ T5587] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.395879][ T5587] usb 7-1: GET_CAPABILITIES returned 0
[  195.397857][ T5587] usbtmc 7-1:16.0: can't read capabilities
[  195.418117][ T9280] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  195.605537][ T5587] usb 7-1: USB disconnect, device number 12
[  195.688792][ T9296] kvm: apic: phys broadcast and lowest prio
[  195.698502][ T9300] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  195.700925][ T9300] overlayfs: failed to set xattr on upper
[  195.702546][ T9300] overlayfs: ...falling back to redirect_dir=nofollow.
[  195.704440][ T9300] overlayfs: ...falling back to index=off.
[  195.706017][ T9300] overlayfs: ...falling back to uuid=null.
[  195.712225][ T9300] FAULT_INJECTION: forcing a failure.
[  195.712225][ T9300] name failslab, interval 1, probability 0, space 0, times 0
[  195.715876][ T9300] CPU: 3 UID: 0 PID: 9300 Comm: syz.0.1380 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  195.718703][ T9300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  195.721556][ T9300] Call Trace:
[  195.722452][ T9300]  <TASK>
[  195.723251][ T9300]  dump_stack_lvl+0x16c/0x1f0
[  195.724516][ T9300]  should_fail_ex+0x497/0x5b0
[  195.725797][ T9300]  ? fs_reclaim_acquire+0xae/0x160
[  195.727170][ T9300]  should_failslab+0xc2/0x120
[  195.728435][ T9300]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  195.729899][ T9300]  ? vm_area_alloc+0x134/0x230
[  195.731202][ T9300]  vm_area_alloc+0x134/0x230
[  195.732455][ T9300]  mmap_region+0xf22/0x2a60
[  195.733699][ T9300]  ? __pfx_mmap_region+0x10/0x10
[  195.735017][ T9300]  ? avc_has_perm_noaudit+0x61/0x3a0
[  195.736451][ T9300]  ? bpf_lsm_mmap_addr+0x9/0x10
[  195.737766][ T9300]  ? security_mmap_addr+0x6c/0x1e0
[  195.739118][ T9300]  ? __get_unmapped_area+0x26b/0x3a0
[  195.740463][ T9300]  do_mmap+0xc00/0xfc0
[  195.741524][ T9300]  vm_mmap_pgoff+0x1ba/0x360
[  195.742749][ T9300]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  195.744107][ T9300]  ? __fget_files+0x244/0x3f0
[  195.745381][ T9300]  ksys_mmap_pgoff+0x32c/0x5c0
[  195.746641][ T9300]  ? __pfx_ksys_write+0x10/0x10
[  195.747945][ T9300]  __x64_sys_mmap+0x125/0x190
[  195.749204][ T9300]  do_syscall_64+0xcd/0x250
[  195.750443][ T9300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.752010][ T9300] RIP: 0033:0x7fc90457dff9
[  195.753214][ T9300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.758281][ T9300] RSP: 002b:00007fc9052f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  195.760487][ T9300] RAX: ffffffffffffffda RBX: 00007fc904735f80 RCX: 00007fc90457dff9
[  195.762592][ T9300] RDX: 0000000000000001 RSI: 0000000000004000 RDI: 0000000020000000
[  195.764687][ T9300] RBP: 00007fc9052f6090 R08: 0000000000000003 R09: 0000000000000000
[  195.766782][ T9300] R10: 0000000000010012 R11: 0000000000000246 R12: 0000000000000001
[  195.768867][ T9300] R13: 0000000000000000 R14: 00007fc904735f80 R15: 00007fff579fc568
[  195.770966][ T9300]  </TASK>
[  195.796206][ T9302] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1381'.
[  195.840514][ T9306] 9pnet_virtio: no channels available for device syz
[  196.147269][ T9323] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1388'.
[  196.217269][   T11] Bluetooth: Error in BCSP hdr checksum
[  197.109071][ T9364] FAULT_INJECTION: forcing a failure.
[  197.109071][ T9364] name failslab, interval 1, probability 0, space 0, times 0
[  197.112761][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.0.1401 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  197.115619][ T9364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  197.118357][ T9364] Call Trace:
[  197.119485][ T9364]  <TASK>
[  197.120416][ T9364]  dump_stack_lvl+0x16c/0x1f0
[  197.121887][ T9364]  should_fail_ex+0x497/0x5b0
[  197.123418][ T9364]  should_failslab+0xc2/0x120
[  197.124689][ T9364]  __kmalloc_noprof+0xcb/0x400
[  197.126133][ T9364]  io_cqring_event_overflow+0xcb/0x6f0
[  197.127595][ T9364]  io_req_cqe_overflow+0x101/0x1e0
[  197.128973][ T9364]  __io_submit_flush_completions+0x8fc/0x1cc0
[  197.130612][ T9364]  io_submit_sqes+0xa76/0x2530
[  197.131909][ T9364]  __do_sys_io_uring_enter+0xc0f/0x1170
[  197.133418][ T9364]  ? __fget_files+0x244/0x3f0
[  197.134687][ T9364]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  197.136288][ T9364]  ? fput+0x30/0x390
[  197.137351][ T9364]  ? ksys_write+0x1ad/0x260
[  197.138585][ T9364]  ? __pfx_ksys_write+0x10/0x10
[  197.139900][ T9364]  do_syscall_64+0xcd/0x250
[  197.141128][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.142714][ T9364] RIP: 0033:0x7fc90457dff9
[  197.143910][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.148985][ T9364] RSP: 002b:00007fc9052f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  197.151176][ T9364] RAX: ffffffffffffffda RBX: 00007fc904735f80 RCX: 00007fc90457dff9
[  197.153292][ T9364] RDX: 0000000000000000 RSI: 0000000000004866 RDI: 0000000000000007
[  197.155401][ T9364] RBP: 00007fc9052f6090 R08: 0000000000000000 R09: 0000000000000000
[  197.157512][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  197.159602][ T9364] R13: 0000000000000000 R14: 00007fc904735f80 R15: 00007fff579fc568
[  197.161708][ T9364]  </TASK>
[  197.164231][ T9370] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1401'.
[  197.203784][ T9372] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1404'.
[  197.280222][ T9368] kvm: emulating exchange as write
[  197.427734][ T9376] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1405'.
[  198.137463][   T39] kauditd_printk_skb: 8 callbacks suppressed
[  198.137475][   T39] audit: type=1400 audit(1727898499.734:475): avc:  denied  { connect } for  pid=9384 comm="syz.0.1408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  198.171919][ T9386] evm: overlay not supported
[  198.183170][   T39] audit: type=1400 audit(1727898499.784:476): avc:  denied  { write } for  pid=9384 comm="syz.0.1408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  198.240222][ T5345] Bluetooth: hci4: command 0x1003 tx timeout
[  198.243730][ T5340] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  198.633584][ T9408] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1415'.
[  198.687852][ T9409] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1416'.
[  198.880037][    T9] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  199.041768][    T9] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  199.044081][    T9] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  199.046734][    T9] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  199.049154][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.053362][    T9] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  199.055731][    T9] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  199.057839][    T9] usb 7-1: Product: syz
[  199.058958][    T9] usb 7-1: Manufacturer: syz
[  199.062618][    T9] cdc_wdm 7-1:1.0: skipping garbage
[  199.064030][    T9] cdc_wdm 7-1:1.0: skipping garbage
[  199.066051][    T9] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  199.068050][    T9] cdc_wdm 7-1:1.0: Unknown control protocol
[  199.170027][  T829] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  199.266422][   T30] usb 7-1: USB disconnect, device number 13
[  199.300111][  T829] usb 5-1: device descriptor read/64, error -71
[  199.458096][ T9422] EXT4-fs warning (device sda1): __ext4_ioctl:1257: Setting inode version is not supported with metadata_csum enabled.
[  199.490439][ T9424] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1421'.
[  199.496647][ T9424] FAULT_INJECTION: forcing a failure.
[  199.496647][ T9424] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.501278][ T9424] CPU: 0 UID: 0 PID: 9424 Comm: syz.3.1421 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  199.504283][ T9424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  199.507128][ T9424] Call Trace:
[  199.508025][ T9424]  <TASK>
[  199.508816][ T9424]  dump_stack_lvl+0x16c/0x1f0
[  199.510138][ T9424]  should_fail_ex+0x497/0x5b0
[  199.511468][ T9424]  _copy_from_user+0x30/0xf0
[  199.512693][ T9424]  input_event_from_user+0x134/0x3b0
[  199.514105][ T9424]  ? __pfx_input_event_from_user+0x10/0x10
[  199.515636][ T9424]  ? __pfx___might_resched+0x10/0x10
[  199.517020][ T9424]  ? input_inject_event+0x193/0x370
[  199.518460][ T9424]  evdev_write+0x377/0x750
[  199.519710][ T9424]  ? __pfx_evdev_write+0x10/0x10
[  199.521124][ T9424]  ? bpf_lsm_file_permission+0x9/0x10
[  199.522562][ T9424]  ? security_file_permission+0x71/0x210
[  199.524092][ T9424]  ? __pfx_evdev_write+0x10/0x10
[  199.525419][ T9424]  vfs_write+0x28e/0x1140
[  199.526572][ T9424]  ? __fget_files+0x23a/0x3f0
[  199.527822][ T9424]  ? __pfx_lock_release+0x10/0x10
[  199.529143][ T9424]  ? trace_lock_acquire+0x14a/0x1d0
[  199.530618][ T9424]  ? __pfx_vfs_write+0x10/0x10
[  199.531882][ T9424]  ? lock_acquire+0x2f/0xb0
[  199.533082][ T9424]  ? __fget_files+0x40/0x3f0
[  199.534254][ T9424]  ? __fget_files+0x244/0x3f0
[  199.535501][ T9424]  ksys_write+0x1fa/0x260
[  199.536642][ T9424]  ? __pfx_ksys_write+0x10/0x10
[  199.537953][ T9424]  do_syscall_64+0xcd/0x250
[  199.539157][ T9424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.540910][ T9424] RIP: 0033:0x7f241a37dff9
[  199.542104][ T9424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.547099][ T9424] RSP: 002b:00007f241b09b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  199.549285][ T9424] RAX: ffffffffffffffda RBX: 00007f241a535f80 RCX: 00007f241a37dff9
[  199.551427][ T9424] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 000000000000000d
[  199.553506][ T9424] RBP: 00007f241b09b090 R08: 0000000000000000 R09: 0000000000000000
[  199.555573][ T9424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  199.557640][ T9424] R13: 0000000000000000 R14: 00007f241a535f80 R15: 00007ffcafb07638
[  199.559707][ T9424]  </TASK>
[  199.561615][  T829] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  199.690100][  T829] usb 5-1: device descriptor read/64, error -71
[  199.800378][  T829] usb usb5-port1: attempt power cycle
[  200.140024][  T829] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  200.160424][  T829] usb 5-1: device descriptor read/8, error -71
[  200.404322][  T829] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  200.420812][  T829] usb 5-1: device descriptor read/8, error -71
[  200.532381][  T829] usb usb5-port1: unable to enumerate USB device
[  201.539145][   T39] audit: type=1400 audit(1727898503.134:477): avc:  denied  { connect } for  pid=9440 comm="syz.2.1428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  201.634842][ T9447] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  201.639843][   T39] audit: type=1400 audit(1727898503.234:478): avc:  denied  { write } for  pid=9446 comm="syz.1.1431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  201.958681][ T9465] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1434'.
[  201.961576][ T9463] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1434'.
[  202.050209][   T39] audit: type=1400 audit(1727898503.644:479): avc:  denied  { read } for  pid=9466 comm="syz.0.1436" name="usbmon7" dev="devtmpfs" ino=743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  202.056154][   T39] audit: type=1400 audit(1727898503.654:480): avc:  denied  { open } for  pid=9466 comm="syz.0.1436" path="/dev/usbmon7" dev="devtmpfs" ino=743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  202.065324][   T39] audit: type=1400 audit(1727898503.664:481): avc:  denied  { ioctl } for  pid=9466 comm="syz.0.1436" path="/dev/usbmon7" dev="devtmpfs" ino=743 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  202.335984][ T9475] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1437'.
[  202.590109][ T5587] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  202.678316][ T5340] Bluetooth: hci0: unexpected event for opcode 0x0c46
[  202.678811][ T5345] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  202.771521][ T5587] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  202.773885][ T5587] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  202.776745][ T5587] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  202.779131][ T5587] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.783985][ T5587] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  202.786287][ T5587] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  202.788807][ T5587] usb 5-1: Product: syz
[  202.790065][ T5587] usb 5-1: Manufacturer: syz
[  202.806280][ T5587] cdc_wdm 5-1:1.0: skipping garbage
[  202.807831][ T5587] cdc_wdm 5-1:1.0: skipping garbage
[  202.816916][ T5587] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  202.818602][ T5587] cdc_wdm 5-1:1.0: Unknown control protocol
[  203.008198][   T35] usb 5-1: USB disconnect, device number 15
[  204.154585][   T39] audit: type=1400 audit(1727898505.754:482): avc:  denied  { map } for  pid=9498 comm="syz.1.1446" path="/dev/usbmon0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  204.163204][   T39] audit: type=1400 audit(1727898505.754:483): avc:  denied  { execute } for  pid=9498 comm="syz.1.1446" path="/dev/usbmon0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  204.800050][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  204.800112][ T5340] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  204.800161][ T5350] Bluetooth: hci4: command 0x1003 tx timeout
[  204.810566][ T5345] Bluetooth: hci5: command 0x1003 tx timeout
[  205.362453][   T39] audit: type=1400 audit(1727898506.964:484): avc:  denied  { append } for  pid=9512 comm="syz.1.1452" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  205.362985][ T5340] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  205.368316][   T39] audit: type=1400 audit(1727898506.964:485): avc:  denied  { setattr } for  pid=9512 comm="syz.1.1452" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  205.371151][ T5340] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  205.380898][   T39] audit: type=1400 audit(1727898506.974:486): avc:  denied  { ioctl } for  pid=9505 comm="syz.0.1449" path="socket:[24456]" dev="sockfs" ino=24456 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  205.387298][   T39] audit: type=1400 audit(1727898506.984:487): avc:  denied  { getopt } for  pid=9505 comm="syz.0.1449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  205.472585][   T39] audit: type=1400 audit(1727898507.074:488): avc:  denied  { create } for  pid=9527 comm="syz.1.1456" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  205.691849][   T39] audit: type=1400 audit(1727898507.294:489): avc:  denied  { watch watch_reads } for  pid=9538 comm="syz.2.1459" path="pipe:[2806]" dev="pipefs" ino=2806 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  205.774358][ T9540] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1458'.
[  205.797721][   T39] audit: type=1400 audit(1727898507.394:490): avc:  denied  { remount } for  pid=9538 comm="syz.2.1459" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  205.804300][ T9541] =======================================================
[  205.804300][ T9541] WARNING: The mand mount option has been deprecated and
[  205.804300][ T9541]          and is ignored by this kernel. Remove the mand
[  205.804300][ T9541]          option from the mount to silence this warning.
[  205.804300][ T9541] =======================================================
[  205.810758][   T39] audit: type=1400 audit(1727898507.414:491): avc:  denied  { write } for  pid=4816 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  206.191610][ T5340] Bluetooth: hci0: unexpected event for opcode 0x0c46
[  206.253050][   T78] Bluetooth: hci4: Frame reassembly failed (-84)
[  207.408368][ T9580] netlink: 'syz.2.1469': attribute type 1 has an invalid length.
[  207.830043][ T9594] nbd1: detected capacity change from 0 to 12
[  207.833274][ T9594] block nbd1: NBD_DISCONNECT
[  207.837930][ T5353] block nbd1: Send control failed (result -89)
[  207.839842][ T5353] block nbd1: Request send failed, requeueing
[  207.843310][ T5353] block nbd1: Disconnected due to user request.
[  207.846769][ T9594] block nbd1: Send disconnect failed -89
[  207.850103][   T70] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.852740][   T70] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.855660][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.858146][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.860476][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.862858][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.864937][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.867235][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.869326][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.871688][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.873800][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.876172][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.878287][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.880728][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.882815][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.885134][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.887140][ T5353] ldm_validate_partition_table(): Disk read failed.
[  207.889126][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.892433][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.894546][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  207.896781][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  207.898970][ T5353] Dev nbd1: unable to read RDB block 0
[  207.900668][ T5353]  nbd1: unable to read partition table
[  207.902174][ T5353] nbd1: partition table beyond EOD, truncated
[  207.904764][ T9593] ldm_validate_partition_table(): Disk read failed.
[  207.906825][ T9593] Dev nbd1: unable to read RDB block 0
[  207.909491][ T9593]  nbd1: unable to read partition table
[  207.911426][ T9593] nbd1: partition table beyond EOD, truncated
[  207.913964][ T5353] ldm_validate_partition_table(): Disk read failed.
[  207.915935][ T5353] Dev nbd1: unable to read RDB block 0
[  207.917504][ T5353]  nbd1: unable to read partition table
[  207.918932][ T5353] nbd1: partition table beyond EOD, truncated
[  207.937061][ T9597] FAULT_INJECTION: forcing a failure.
[  207.937061][ T9597] name failslab, interval 1, probability 0, space 0, times 0
[  207.941254][ T9597] CPU: 2 UID: 0 PID: 9597 Comm: syz.1.1474 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  207.943949][ T9597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  207.946692][ T9597] Call Trace:
[  207.947531][ T9597]  <TASK>
[  207.948307][ T9597]  dump_stack_lvl+0x16c/0x1f0
[  207.949566][ T9597]  should_fail_ex+0x497/0x5b0
[  207.950790][ T9597]  ? fs_reclaim_acquire+0xae/0x160
[  207.952082][ T9597]  should_failslab+0xc2/0x120
[  207.953338][ T9597]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  207.954739][ T9597]  ? __kernfs_new_node+0xd3/0x890
[  207.956009][ T9597]  __kernfs_new_node+0xd3/0x890
[  207.957237][ T9597]  ? __pfx___kernfs_new_node+0x10/0x10
[  207.958609][ T9597]  ? __pfx___lock_acquire+0x10/0x10
[  207.959956][ T9597]  ? lock_acquire.part.0+0x11b/0x380
[  207.961280][ T9597]  ? find_held_lock+0x2d/0x110
[  207.962484][ T9597]  kernfs_new_node+0x186/0x240
[  207.963726][ T9597]  kernfs_create_link+0xcc/0x240
[  207.965034][ T9597]  sysfs_do_create_link_sd+0x90/0x140
[  207.966467][ T9597]  sysfs_create_link+0x61/0xc0
[  207.967678][ T9597]  device_add+0x50c/0x1a70
[  207.968860][ T9597]  ? rcu_is_watching+0x12/0xc0
[  207.970127][ T9597]  ? __pfx_device_add+0x10/0x10
[  207.971413][ T9597]  ? kstrdup+0x5c/0x70
[  207.972662][ T9597]  device_create_groups_vargs+0x1f8/0x270
[  207.974193][ T9597]  device_create+0xe9/0x130
[  207.975400][ T9597]  ? __pfx_device_create+0x10/0x10
[  207.976751][ T9597]  ? __pfx_vsnprintf+0x10/0x10
[  207.978031][ T9597]  bdi_register_va+0x116/0x820
[  207.979293][ T9597]  ? __pfx_bdi_register_va+0x10/0x10
[  207.980773][ T9597]  ? do_init_timer+0xc9/0x110
[  207.982149][ T9597]  super_setup_bdi_name+0x100/0x250
[  207.983524][ T9597]  ? __pfx_super_setup_bdi_name+0x10/0x10
[  207.985028][ T9597]  ? shrinker_register+0x1a8/0x260
[  207.986375][ T9597]  afs_get_tree+0xc1f/0x14c0
[  207.987554][ T9597]  ? security_capable+0x7e/0x260
[  207.988855][ T9597]  vfs_get_tree+0x8f/0x380
[  207.990047][ T9597]  path_mount+0x14e6/0x1f20
[  207.991260][ T9597]  ? kmem_cache_free+0x152/0x4b0
[  207.992567][ T9597]  ? __pfx_path_mount+0x10/0x10
[  207.993894][ T9597]  ? putname+0x12e/0x170
[  207.995016][ T9597]  __x64_sys_mount+0x294/0x320
[  207.996285][ T9597]  ? __pfx___x64_sys_mount+0x10/0x10
[  207.997701][ T9597]  do_syscall_64+0xcd/0x250
[  207.998901][ T9597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.000382][ T9597] RIP: 0033:0x7f3c8857dff9
[  208.001515][ T9597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.006379][ T9597] RSP: 002b:00007f3c893b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  208.008538][ T9597] RAX: ffffffffffffffda RBX: 00007f3c88735f80 RCX: 00007f3c8857dff9
[  208.010611][ T9597] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000
[  208.012662][ T9597] RBP: 00007f3c893b7090 R08: 0000000020000400 R09: 0000000000000000
[  208.014736][ T9597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  208.016798][ T9597] R13: 0000000000000000 R14: 00007f3c88735f80 R15: 00007ffdc0933a98
[  208.018832][ T9597]  </TASK>
[  208.150007][ T9602] netlink: 184 bytes leftover after parsing attributes in process `syz.0.1476'.
[  208.152522][ T9602] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.330111][ T5340] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  208.332426][ T5345] Bluetooth: hci4: command 0x1003 tx timeout
[  209.465575][   T39] kauditd_printk_skb: 20 callbacks suppressed
[  209.465591][   T39] audit: type=1400 audit(1727898511.064:512): avc:  denied  { read } for  pid=9627 comm="syz.2.1486" path="socket:[26739]" dev="sockfs" ino=26739 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  209.612039][   T39] audit: type=1400 audit(1727898511.214:513): avc:  denied  { execute } for  pid=9634 comm="syz.2.1489" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=26753 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  209.796520][ T9651] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1491'.
[  209.839100][ T5340] Bluetooth: hci0: unexpected event for opcode 0x0c46
[  209.918277][ T5345] Bluetooth: hci4: sending frame failed (-49)
[  209.922050][ T5340] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  210.040050][    T9] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  210.201198][    T9] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  210.203958][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  210.207255][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  210.210389][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  210.215144][    T9] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  210.217849][    T9] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  210.219861][    T9] usb 5-1: Product: syz
[  210.221192][    T9] usb 5-1: Manufacturer: syz
[  210.224637][    T9] cdc_wdm 5-1:1.0: skipping garbage
[  210.226211][    T9] cdc_wdm 5-1:1.0: skipping garbage
[  210.228528][    T9] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  210.230831][    T9] cdc_wdm 5-1:1.0: Unknown control protocol
[  210.429485][   T56] usb 5-1: USB disconnect, device number 16
[  210.695826][   T39] audit: type=1400 audit(1727898512.294:514): avc:  denied  { unmount } for  pid=5335 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  210.833378][ T5340] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  210.835418][ T5340] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  211.681262][   T39] audit: type=1400 audit(1727898513.284:515): avc:  denied  { append } for  pid=9688 comm="syz.1.1504" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  211.681292][ T9689] random: crng reseeded on system resumption
[  211.859627][ T9689] syzkaller0: entered promiscuous mode
[  211.861530][ T9689] syzkaller0: entered allmulticast mode
[  211.917899][   T39] audit: type=1400 audit(1727898513.514:516): avc:  denied  { ioctl } for  pid=9688 comm="syz.1.1504" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  212.739805][ T9710] FAULT_INJECTION: forcing a failure.
[  212.739805][ T9710] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.744923][ T9710] CPU: 2 UID: 0 PID: 9710 Comm: syz.0.1509 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  212.747702][ T9710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.750552][ T9710] Call Trace:
[  212.751432][ T9710]  <TASK>
[  212.752232][ T9710]  dump_stack_lvl+0x16c/0x1f0
[  212.753511][ T9710]  should_fail_ex+0x497/0x5b0
[  212.754775][ T9710]  _copy_from_user+0x30/0xf0
[  212.755973][ T9710]  copy_msghdr_from_user+0x99/0x160
[  212.757380][ T9710]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  212.758923][ T9710]  ? hlock_class+0x4e/0x130
[  212.760143][ T9710]  ? __lock_acquire+0x163e/0x3ce0
[  212.761449][ T9710]  ___sys_sendmsg+0xff/0x1e0
[  212.762691][ T9710]  ? __pfx____sys_sendmsg+0x10/0x10
[  212.764053][ T9710]  ? __pfx___lock_acquire+0x10/0x10
[  212.765435][ T9710]  ? __pfx___might_resched+0x10/0x10
[  212.766817][ T9710]  ? __might_fault+0xe3/0x190
[  212.768093][ T9710]  __sys_sendmmsg+0x1a1/0x450
[  212.769345][ T9710]  ? __pfx___sys_sendmmsg+0x10/0x10
[  212.770693][ T9710]  ? vfs_write+0x14d/0x1140
[  212.771892][ T9710]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  212.773495][ T9710]  ? fput+0x30/0x390
[  212.774416][ T9710]  ? ksys_write+0x1ad/0x260
[  212.775530][ T9710]  ? __pfx_ksys_write+0x10/0x10
[  212.776789][ T9710]  __x64_sys_sendmmsg+0x9c/0x100
[  212.778068][ T9710]  ? lockdep_hardirqs_on+0x7c/0x110
[  212.779396][ T9710]  do_syscall_64+0xcd/0x250
[  212.780567][ T9710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.782112][ T9710] RIP: 0033:0x7fc90457dff9
[  212.783291][ T9710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.788034][ T9710] RSP: 002b:00007fc9052f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  212.790113][ T9710] RAX: ffffffffffffffda RBX: 00007fc904735f80 RCX: 00007fc90457dff9
[  212.792131][ T9710] RDX: 0000000004000095 RSI: 0000000020005240 RDI: 0000000000000003
[  212.794142][ T9710] RBP: 00007fc9052f6090 R08: 0000000000000000 R09: 0000000000000000
[  212.796118][ T9710] R10: 000000000401eb94 R11: 0000000000000246 R12: 0000000000000002
[  212.798187][ T9710] R13: 0000000000000000 R14: 00007fc904735f80 R15: 00007fff579fc568
[  212.800201][ T9710]  </TASK>
[  212.801123][    C2] vkms_vblank_simulate: vblank timer overrun
[  213.077770][ T9701] netlink: 'syz.2.1507': attribute type 3 has an invalid length.
[  213.241602][ T9724] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1512'.
[  213.704856][ T9732] fuse: Bad value for 'fd'
[  213.997121][ T9724] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  213.999859][ T9724] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  214.001948][ T9724] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  214.123355][ T9745] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1522'.
[  214.177128][ T9756] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1519'.
[  214.360002][   T35] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  214.531173][   T35] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  214.533567][   T35] usb 5-1: config 1 has an invalid descriptor of length 243, skipping remainder of the config
[  214.536131][   T35] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  214.538389][   T35] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  214.543194][   T35] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  214.545600][   T35] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  214.547658][   T35] usb 5-1: Product: syz
[  214.548793][   T35] usb 5-1: Manufacturer: syz
[  214.552469][   T35] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  214.755126][   T35] usb 5-1: USB disconnect, device number 17
[  215.065413][   T39] audit: type=1326 audit(1727898516.664:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9765 comm="syz.3.1527" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241a37dff9 code=0x7fc00000
[  215.121357][   T39] audit: type=1400 audit(1727898516.724:518): avc:  denied  { ioctl } for  pid=9763 comm="syz.2.1526" path="socket:[26448]" dev="sockfs" ino=26448 ioctlcmd=0x89e4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  215.257704][ T9783] FAULT_INJECTION: forcing a failure.
[  215.257704][ T9783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.261203][ T9783] CPU: 3 UID: 0 PID: 9783 Comm: syz.3.1532 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  215.263981][ T9783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.266677][ T9783] Call Trace:
[  215.267522][ T9783]  <TASK>
[  215.268283][ T9783]  dump_stack_lvl+0x16c/0x1f0
[  215.269670][ T9783]  should_fail_ex+0x497/0x5b0
[  215.271080][ T9783]  _copy_from_user+0x30/0xf0
[  215.272443][ T9783]  fscrypt_ioctl_get_key_status+0xd1/0x450
[  215.273946][ T9783]  ? __pfx_fscrypt_ioctl_get_key_status+0x10/0x10
[  215.275662][ T9783]  __ext4_ioctl+0x1a00/0x4630
[  215.276977][ T9783]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  215.278593][ T9783]  ? __pfx___ext4_ioctl+0x10/0x10
[  215.279932][ T9783]  ? do_vfs_ioctl+0x513/0x1990
[  215.281240][ T9783]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  215.282565][ T9783]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  215.284271][ T9783]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  215.285989][ T9783]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  215.287896][ T9783]  ? trace_lock_acquire+0x14a/0x1d0
[  215.289235][ T9783]  ? selinux_file_ioctl+0x180/0x270
[  215.290733][ T9783]  ? selinux_file_ioctl+0xb4/0x270
[  215.292111][ T9783]  ? __pfx_ext4_ioctl+0x10/0x10
[  215.293364][ T9783]  __x64_sys_ioctl+0x18f/0x220
[  215.294582][ T9783]  do_syscall_64+0xcd/0x250
[  215.295759][ T9783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.297471][ T9783] RIP: 0033:0x7f241a37dff9
[  215.298659][ T9783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.303852][ T9783] RSP: 002b:00007f241b09b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  215.306127][ T9783] RAX: ffffffffffffffda RBX: 00007f241a535f80 RCX: 00007f241a37dff9
[  215.308213][ T9783] RDX: 0000000020000180 RSI: 00000000c080661a RDI: 0000000000000008
[  215.310280][ T9783] RBP: 00007f241b09b090 R08: 0000000000000000 R09: 0000000000000000
[  215.312240][ T9783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.314224][ T9783] R13: 0000000000000000 R14: 00007f241a535f80 R15: 00007ffcafb07638
[  215.316232][ T9783]  </TASK>
[  215.369971][ T5340] Bluetooth: hci0: command 0x0419 tx timeout
[  215.957105][   T39] audit: type=1400 audit(1727898517.554:519): avc:  denied  { write } for  pid=9801 comm="syz.2.1538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  216.090119][ T5340] Bluetooth: hci2: command 0x0c1a tx timeout
[  216.090152][ T5345] Bluetooth: hci1: command 0x0c1a tx timeout
[  216.478311][ T5345] Bluetooth: hci0: unexpected event for opcode 0x0c46
[  216.549044][ T5340] Bluetooth: hci4: sending frame failed (-49)
[  216.551387][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  217.163511][ T9832] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1547'.
[  217.185175][   T39] audit: type=1400 audit(1727898518.784:520): avc:  denied  { write } for  pid=9830 comm="syz.1.1547" name="/" dev="9p" ino=35921930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  217.191005][   T39] audit: type=1400 audit(1727898518.784:521): avc:  denied  { add_name } for  pid=9830 comm="syz.1.1547" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  217.196383][   T39] audit: type=1400 audit(1727898518.794:522): avc:  denied  { create } for  pid=9830 comm="syz.1.1547" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  217.204706][   T39] audit: type=1400 audit(1727898518.794:523): avc:  denied  { associate } for  pid=9830 comm="syz.1.1547" name="bus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  217.211963][   T39] audit: type=1400 audit(1727898518.804:524): avc:  denied  { write open } for  pid=9830 comm="syz.1.1547" path="/373/file0/bus" dev="9p" ino=35922835 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  217.218482][   T39] audit: type=1400 audit(1727898518.814:525): avc:  denied  { read } for  pid=9830 comm="syz.1.1547" name="bus" dev="9p" ino=35922835 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  217.224777][   T39] audit: type=1804 audit(1727898518.814:526): pid=9832 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.1547" name="/newroot/373/file0/bus" dev="9p" ino=35922835 res=1 errno=0
[  217.373390][ T9853] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1549'.
[  217.387278][ T9849] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=9849 comm=syz.3.1551
[  217.580096][ T9860] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  217.581793][ T9860] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  217.583414][ T9860] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  217.624994][ T9870] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1558'.
[  217.630066][  T829] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  217.635281][ T9870] capability: warning: `syz.1.1558' uses deprecated v2 capabilities in a way that may be insecure
[  217.668684][ T9874] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1555'.
[  217.794252][  T829] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  217.796776][  T829] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  217.799404][  T829] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  217.802421][  T829] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.807051][  T829] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  217.809422][  T829] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  217.815641][  T829] usb 7-1: Product: syz
[  217.816764][  T829] usb 7-1: Manufacturer: syz
[  217.820224][  T829] cdc_wdm 7-1:1.0: skipping garbage
[  217.821679][  T829] cdc_wdm 7-1:1.0: skipping garbage
[  217.823665][  T829] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  217.825262][  T829] cdc_wdm 7-1:1.0: Unknown control protocol
[  217.920355][   T35] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  218.026697][   T56] usb 7-1: USB disconnect, device number 14
[  218.081709][   T35] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  218.084894][   T35] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  218.088552][   T35] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  218.092015][   T35] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  218.097233][   T35] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  218.100292][   T35] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  218.103167][   T35] usb 5-1: Product: syz
[  218.104572][   T35] usb 5-1: Manufacturer: syz
[  218.110284][   T35] cdc_wdm 5-1:1.0: skipping garbage
[  218.112047][   T35] cdc_wdm 5-1:1.0: skipping garbage
[  218.114877][   T35] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  218.117094][   T35] cdc_wdm 5-1:1.0: Unknown control protocol
[  218.312965][  T829] usb 5-1: USB disconnect, device number 18
[  218.686883][ T9889] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  218.689430][ T9889] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  218.692119][ T9889] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  218.745895][ T9897] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=9897 comm=syz.3.1568
[  219.027159][ T9908] binder: 9907:9908 ioctl c0306201 0 returned -14
[  219.089175][ T9908] binder: 9907:9908 ioctl 50009402 0 returned -22
[  220.188884][ T9919] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  220.190864][ T9919] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  220.192596][ T9919] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  220.249647][ T9924] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=9924 comm=syz.1.1578
[  220.628627][ T9937] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  220.659798][   T39] audit: type=1400 audit(1727898522.254:527): avc:  denied  { execute } for  pid=9935 comm="syz.0.1582" path="/dev/audio1" dev="devtmpfs" ino=1130 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  220.930666][   T39] audit: type=1400 audit(1727898522.534:528): avc:  denied  { 0x1000000 } for  pid=9952 comm="syz.3.1588" path="socket:[25405]" dev="sockfs" ino=25405 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  220.938632][ T9953] cifs: Unknown parameter 'usrquota'
[  221.248632][ T9962] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1590'.
[  221.312644][ T9969] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=9969 comm=syz.0.1591
[  221.450151][ T5340] Bluetooth: hci0: command 0x0419 tx timeout
[  221.490166][   T56] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  221.652196][   T56] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  221.654531][   T56] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  221.657151][   T56] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  221.659476][   T56] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  221.665268][   T56] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  221.667638][   T56] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  221.669739][   T56] usb 8-1: Product: syz
[  221.674150][   T56] usb 8-1: Manufacturer: syz
[  221.710677][   T56] cdc_wdm 8-1:1.0: skipping garbage
[  221.712065][   T56] cdc_wdm 8-1:1.0: skipping garbage
[  221.714058][   T56] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  221.715612][   T56] cdc_wdm 8-1:1.0: Unknown control protocol
[  221.905168][   T56] usb 8-1: USB disconnect, device number 19
[  222.117711][   T39] audit: type=1400 audit(1727898523.714:529): avc:  denied  { write } for  pid=9993 comm="syz.0.1599" name="ip_vs_stats_percpu" dev="proc" ino=4026533128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  222.136759][ T9995] team0: mtu greater than device maximum
[  222.136927][   T39] audit: type=1400 audit(1727898523.734:530): avc:  denied  { ioctl } for  pid=9993 comm="syz.0.1599" path="socket:[28896]" dev="sockfs" ino=28896 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  222.240033][ T5340] Bluetooth: hci2: command 0x0c1a tx timeout
[  222.240098][ T5345] Bluetooth: hci1: command 0x0c1a tx timeout
[  222.746180][ T9997] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=9997 comm=syz.2.1600
[  222.914812][T10001] tmpfs: Bad value for 'mpol'
[  223.525929][ T5345] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  223.580925][ T5340] Bluetooth: hci4: sending frame failed (-49)
[  223.583759][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  223.921603][   T39] audit: type=1400 audit(1727898525.524:531): avc:  denied  { ioctl } for  pid=10029 comm="syz.2.1610" path="/dev/ptyq9" dev="devtmpfs" ino=136 ioctlcmd=0x5420 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  224.238224][T10035] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=10035 comm=syz.3.1611
[  224.652256][   T35] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  224.800112][   T35] usb 8-1: Using ep0 maxpacket: 32
[  224.803962][   T35] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  224.806738][   T35] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  224.811717][   T35] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  224.815735][   T35] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  224.820776][   T35] usb 8-1: config 0 interface 0 has no altsetting 0
[  224.826519][   T35] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  224.829565][   T35] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  224.832457][   T35] usb 8-1: Product: syz
[  224.833805][   T35] usb 8-1: Manufacturer: syz
[  224.835364][   T35] usb 8-1: SerialNumber: syz
[  224.838699][   T35] usb 8-1: config 0 descriptor??
[  224.846661][   T35] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  224.851331][   T35] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  224.931295][T10063] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1620'.
[  225.180087][   T56] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  225.343496][   T56] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  225.345756][   T56] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  225.348330][   T56] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  225.350778][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.363264][   T56] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  225.365547][   T56] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  225.367585][   T56] usb 7-1: Product: syz
[  225.368780][   T56] usb 7-1: Manufacturer: syz
[  225.373900][   T56] cdc_wdm 7-1:1.0: skipping garbage
[  225.375261][   T56] cdc_wdm 7-1:1.0: skipping garbage
[  225.380635][   T56] cdc_wdm 7-1:1.0: cdc-wdm1: USB WDM device
[  225.382254][   T56] cdc_wdm 7-1:1.0: Unknown control protocol
[  225.417999][T10067] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=10067 comm=syz.0.1621
[  225.575233][    T9] usb 7-1: USB disconnect, device number 15
[  226.958155][    C3] 
[  226.958966][    C3] ============================================
[  226.960986][    C3] WARNING: possible recursive locking detected
[  226.962845][    C3] 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 Not tainted
[  226.965608][    C3] --------------------------------------------
[  226.968449][    C3] swapper/3/0 is trying to acquire lock:
[  226.970323][    C3] ffffc900272810d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x36e/0x4b0
[  226.973323][    C3] 
[  226.973323][    C3] but task is already holding lock:
[  226.975852][    C3] ffffc900036290d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x36e/0x4b0
[  226.978772][    C3] 
[  226.978772][    C3] other info that might help us debug this:
[  226.981704][    C3]  Possible unsafe locking scenario:
[  226.981704][    C3] 
[  226.984044][    C3]        CPU0
[  226.984952][    C3]        ----
[  226.985932][    C3]   lock(&rb->spinlock);
[  226.987282][    C3]   lock(&rb->spinlock);
[  226.988655][    C3] 
[  226.988655][    C3]  *** DEADLOCK ***
[  226.988655][    C3] 
[  226.991341][    C3]  May be due to missing lock nesting notation
[  226.991341][    C3] 
[  226.993907][    C3] 5 locks held by swapper/3/0:
[  226.995375][    C3]  #0: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: ieee80211_rx_napi+0xa6/0x400
[  226.998508][    C3]  #1: ffff888049e28168 (&rdev->bss_lock){+.-.}-{2:2}, at: cfg80211_inform_single_bss_data+0x791/0x1de0
[  227.001929][    C3]  #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590
[  227.004510][    C3]  #3: ffffc900036290d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x36e/0x4b0
[  227.007328][    C3]  #4: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590
[  227.009963][    C3] 
[  227.009963][    C3] stack backtrace:
[  227.011612][    C3] CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  227.014315][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  227.017196][    C3] Call Trace:
[  227.018091][    C3]  <IRQ>
[  227.018862][    C3]  dump_stack_lvl+0x116/0x1f0
[  227.020109][    C3]  print_deadlock_bug+0x2e3/0x410
[  227.021784][    C3]  __lock_acquire+0x2185/0x3ce0
[  227.023104][    C3]  ? __pfx___lock_acquire+0x10/0x10
[  227.024474][    C3]  ? hlock_class+0x4e/0x130
[  227.025631][    C3]  ? __lock_acquire+0xbdd/0x3ce0
[  227.026950][    C3]  lock_acquire.part.0+0x11b/0x380
[  227.028325][    C3]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  227.029725][    C3]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  227.031626][    C3]  ? rcu_is_watching+0x12/0xc0
[  227.033156][    C3]  ? trace_lock_acquire+0x14a/0x1d0
[  227.034572][    C3]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  227.036030][    C3]  ? lock_acquire+0x2f/0xb0
[  227.037312][    C3]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  227.038784][    C3]  _raw_spin_lock_irqsave+0x3a/0x60
[  227.040292][    C3]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  227.041746][    C3]  __bpf_ringbuf_reserve+0x36e/0x4b0
[  227.043219][    C3]  ? bpf_trace_run2+0x1c2/0x590
[  227.044545][    C3]  bpf_ringbuf_output+0x60/0xd0
[  227.045901][    C3]  bpf_prog_a3e2825f60354855+0x46/0x4a
[  227.047350][    C3]  bpf_trace_run2+0x231/0x590
[  227.048709][    C3]  ? __pfx_bpf_trace_run2+0x10/0x10
[  227.050167][    C3]  ? __pfx_mark_lock+0x10/0x10
[  227.051496][    C3]  ? __pfx_stack_trace_save+0x10/0x10
[  227.053051][    C3]  ? stack_depot_save_flags+0x28/0x8f0
[  227.054556][    C3]  ? mark_lock+0xb5/0xc60
[  227.055731][    C3]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[  227.057464][    C3]  __bpf_trace_contention_end+0xca/0x110
[  227.058999][    C3]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[  227.060706][    C3]  ? __kmalloc_noprof+0x1e8/0x400
[  227.062071][    C3]  ? __pfx_mark_lock+0x10/0x10
[  227.063293][    C3]  ? ieee80211_bss_info_update+0x311/0xab0
[  227.064799][    C3]  ? hlock_class+0x4e/0x130
[  227.065987][    C3]  ? __lock_acquire+0x163e/0x3ce0
[  227.067302][    C3]  __traceiter_contention_end+0x5a/0xa0
[  227.068715][    C3]  trace_contention_end.constprop.0+0xea/0x170
[  227.070332][    C3]  __pv_queued_spin_lock_slowpath+0x27e/0xc90
[  227.071889][    C3]  ? __pfx_lockdep_stack_trace_count+0x10/0x10
[  227.073481][    C3]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  227.075149][    C3]  do_raw_spin_lock+0x210/0x2c0
[  227.076397][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  227.077777][    C3]  ? lock_acquire+0x2f/0xb0
[  227.078946][    C3]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  227.080396][    C3]  _raw_spin_lock_irqsave+0x42/0x60
[  227.081785][    C3]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  227.083148][    C3]  __bpf_ringbuf_reserve+0x36e/0x4b0
[  227.084500][    C3]  bpf_ringbuf_reserve+0x57/0x90
[  227.085782][    C3]  bpf_prog_9efe54833449f08e+0x2e/0x48
[  227.087169][    C3]  bpf_trace_run2+0x231/0x590
[  227.088355][    C3]  ? __pfx_bpf_trace_run2+0x10/0x10
[  227.089672][    C3]  ? ieee80211_inform_bss+0x76e/0x1100
[  227.091091][    C3]  ? cfg80211_update_known_bss+0x3c0/0x11e0
[  227.092634][    C3]  kfree+0x258/0x4b0
[  227.093680][    C3]  ? mark_held_locks+0x9f/0xe0
[  227.094934][    C3]  ieee80211_inform_bss+0x76e/0x1100
[  227.096310][    C3]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  227.097784][    C3]  ? lock_acquire+0x2f/0xb0
[  227.098976][    C3]  ? cfg80211_inform_single_bss_data+0x791/0x1de0
[  227.100668][    C3]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  227.102244][    C3]  cfg80211_inform_single_bss_data+0x8f6/0x1de0
[  227.104033][    C3]  ? stack_access_ok+0xd9/0x200
[  227.105548][    C3]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  227.107388][    C3]  ? mark_lock+0xb5/0xc60
[  227.108542][    C3]  ? stack_trace_save+0x95/0xd0
[  227.109860][    C3]  ? hlock_class+0x4e/0x130
[  227.111178][    C3]  ? mark_lock+0xb5/0xc60
[  227.112318][    C3]  ? cfg80211_inform_bss_data+0x205/0x3ba0
[  227.113866][    C3]  cfg80211_inform_bss_data+0x205/0x3ba0
[  227.115332][    C3]  ? mark_lock+0xb5/0xc60
[  227.116461][    C3]  ? __pfx_mark_lock+0x10/0x10
[  227.117719][    C3]  ? hlock_class+0x4e/0x130
[  227.118907][    C3]  ? mark_lock+0xb5/0xc60
[  227.120023][    C3]  ? unwind_next_frame+0x38a/0x20c0
[  227.121402][    C3]  ? common_startup_64+0x13e/0x148
[  227.122736][    C3]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  227.124301][    C3]  ? __pfx_mark_lock+0x10/0x10
[  227.125638][    C3]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  227.127343][    C3]  ? hlock_class+0x4e/0x130
[  227.128522][    C3]  ? __lock_acquire+0xbdd/0x3ce0
[  227.129834][    C3]  ? __pfx_mark_lock+0x10/0x10
[  227.131100][    C3]  ? lock_acquire.part.0+0x11b/0x380
[  227.132475][    C3]  ? find_held_lock+0x2d/0x110
[  227.133769][    C3]  ? ieee80211_bss_info_update+0x2cb/0xab0
[  227.135302][    C3]  cfg80211_inform_bss_frame_data+0x271/0x7a0
[  227.136888][    C3]  ieee80211_bss_info_update+0x311/0xab0
[  227.138371][    C3]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  227.139981][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  227.141393][    C3]  ? lock_acquire+0x2f/0xb0
[  227.142569][    C3]  ? ieee80211_get_channel_khz+0x14d/0x1e0
[  227.144073][    C3]  ieee80211_scan_rx+0x474/0xac0
[  227.145229][    C3]  ieee80211_rx_list+0x1be3/0x2e90
[  227.146575][    C3]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  227.148017][    C3]  ? lock_acquire.part.0+0x11b/0x380
[  227.149416][    C3]  ? lock_acquire+0x2f/0xb0
[  227.150573][    C3]  ? ieee80211_rx_napi+0xa6/0x400
[  227.151936][    C3]  ieee80211_rx_napi+0xdd/0x400
[  227.153263][    C3]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  227.154637][    C3]  ? lockdep_hardirqs_on+0x7c/0x110
[  227.156005][    C3]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  227.157559][    C3]  ieee80211_handle_queued_frames+0xd5/0x130
[  227.159107][    C3]  tasklet_action_common+0x24c/0x3e0
[  227.160610][    C3]  handle_softirqs+0x213/0x8f0
[  227.161826][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[  227.163196][    C3]  irq_exit_rcu+0xbb/0x120
[  227.164510][    C3]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  227.166258][    C3]  </IRQ>
[  227.167115][    C3]  <TASK>
[  227.167848][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  227.169370][    C3] RIP: 0010:default_idle+0xf/0x20
[  227.170671][    C3] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 63 ba 44 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  227.175626][    C3] RSP: 0018:ffffc900001a7e08 EFLAGS: 00000206
[  227.177212][    C3] RAX: 00000000003190c9 RBX: 0000000000000003 RCX: ffffffff8b21cdd9
[  227.179256][    C3] RDX: 0000000000000000 RSI: ffffffff8b6cd040 RDI: ffffffff8bd19d40
[  227.181486][    C3] RBP: ffffed1003b5b488 R08: 0000000000000001 R09: ffffed100d527025
[  227.183465][    C3] R10: ffff88806a93812b R11: 0000000000000000 R12: 0000000000000003
[  227.185457][    C3] R13: ffff88801dada440 R14: ffffffff905f2b88 R15: 0000000000000000
[  227.187428][    C3]  ? ct_kernel_exit+0x139/0x190
[  227.188764][    C3]  default_idle_call+0x6d/0xb0
[  227.190118][    C3]  do_idle+0x32c/0x3f0
[  227.191182][    C3]  ? __pfx_do_idle+0x10/0x10
[  227.192480][    C3]  cpu_startup_entry+0x4f/0x60
[  227.193715][    C3]  start_secondary+0x222/0x2b0
[  227.194977][    C3]  ? __pfx_start_secondary+0x10/0x10
[  227.196435][    C3]  common_startup_64+0x13e/0x148
[  227.197812][    C3]  </TASK>
[  227.198691][    C0] vkms_vblank_simulate: vblank timer overrun
[  227.810225][   T35] usb 8-1: USB disconnect, device number 20
[  227.815303][   T35] ldusb 8-1:0.0: LD USB Device #0 now disconnected

VM DIAGNOSIS:
19:44:32  Registers:
info registers vcpu 0

CPU#0
RAX=00000000005ef1ac RBX=0000000000000000 RCX=ffffffff8b21cdd9 RDX=ffffed100d4c7026
RSI=ffffffff8bd19cc0 RDI=ffffffff81647efc RBP=fffffbfff1bd2af8 RSP=ffffffff8de07e20
R8 =0000000000000000 R9 =ffffed100d4c7025 R10=ffff88806a63812b R11=ffffffff8b6f86c0
R12=0000000000000000 R13=ffffffff8de957c0 R14=ffffffff905f2b88 R15=0000000000000000
RIP=ffffffff8b21e1bf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000200ba000 CR3=000000003139a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8200000085000000 02000004b7000000 08000003b7ffffff f800000207000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9500000001000000 8500000000000004 b700000008000004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 07000000000000a2 bf00000000fff88a 7b00000000000008 b700000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000c4
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813ca88e RDX=ffff88801dac4880
RSI=ffffffff813ca8ab RDI=0000000000000000 RBP=ffffc900036290c0 RSP=ffffc900008b06d8
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=ffffffff8b6f76c0
R12=0000000000000003 R13=0000000000000003 R14=ffff88806a73fdc0 R15=fffff520006c5218
RIP=ffffffff813ca8ac RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000021000000 CR3=000000003139a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8200000085000000 02000004b7000000 08000003b7ffffff f800000207000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9500000001000000 8500000000000004 b700000008000004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 07000000000000a2 bf00000000fff88a 7b00000000000008 b700000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000c4
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88806a946a00 RCX=ffffffff8181686c RDX=ffff888020902440
RSI=ffffffff81816846 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90000fdf998
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed100d528d41 R13=0000000000000001 R14=ffff88806a946a08 R15=ffff88806a840100
RIP=ffffffff81816848 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc44c7a9370 CR3=000000000df7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc9045f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8200000085000000 02000004b7000000 08000003b7ffffff f800000207000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9500000001000000 8500000000000004 b700000008000004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 07000000000000a2 bf00000000fff88a 7b00000000000008 b700000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000c4
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850a6d05 RDI=ffffffff9aae1b80 RBP=ffffffff9aae1b40 RSP=ffffc900009076b0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff850a6ca0 R15=0000000000000000
RIP=ffffffff850a6d2f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f6ebe3b2440 CR3=00000000241ca000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=000000007ffbffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc0933e30 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c885f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c885f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c885f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c885f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c885f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c885f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000