last executing test programs:

8.492040041s ago: executing program 0 (id=524):
syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb2361000000010902"], 0x0)
io_uring_setup(0x7c5a, &(0x7f0000000100)={0x0, 0x0, 0x40, 0x2})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_open_dev$vim2m(&(0x7f00000000c0), 0x10001, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x8101, 0x0)
pipe(&(0x7f0000000080))
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d2271b00d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)

7.470340459s ago: executing program 3 (id=531):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x50}}, 0x0)
r4 = fsopen(&(0x7f0000000000)='bdev\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fb000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
fsmount(r4, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x7, 0x0, 0x0, 0x0)

6.720777661s ago: executing program 0 (id=534):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000000), 0x4)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x40086602, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
readv(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', &(0x7f0000000080), 0x18)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r6, &(0x7f0000000180), 0x10)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, &(0x7f0000000080)=[{{0x1, 0x1}, {0x4, 0x1}}, {{}, {0x0, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1}}, {}], 0x20)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, &(0x7f0000000100)=[{{}, {0x0, 0x1}}], 0x8)

6.455016357s ago: executing program 1 (id=535):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

6.454746192s ago: executing program 1 (id=536):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000100000000000000008000850000001700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_io_uring_setup(0x16d2, &(0x7f00000000c0)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='6'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

5.496680424s ago: executing program 1 (id=538):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0080000000000000240012800b000100697036746e6c000014000280050009000400000008000100", @ANYRES32, @ANYBLOB="080004403c3920"], 0x4c}}, 0x0)

5.405017107s ago: executing program 1 (id=540):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r1, &(0x7f0000000000), 0x10)
bind$l2tp(r1, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@map=0x1, 0x2e, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r2 = getpid()
r3 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r3, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r5=>0x0})
bind$packet(r3, &(0x7f00000000c0)={0x11, 0x0, r5}, 0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc1)
bind$packet(r4, &(0x7f0000000040)={0x11, 0x4, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x1}, 0x4)
syz_emit_ethernet(0xe, &(0x7f00000003c0)=ANY=[], 0x0)
capget(&(0x7f0000000000)={0x19980330, r2}, &(0x7f0000000040)={0xc, 0xd, 0x174, 0x0, 0x9, 0x6})
ioctl$SIOCAX25ADDUID(r0, 0x89e1, &(0x7f0000000240)={0x3, @null, 0xee00})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000002c0)="1a", 0x1)
write$binfmt_aout(r6, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x13, r6, 0xc9dc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ffecffffffbea100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES16=0x0, @ANYBLOB="0000a8736d07dd896de5557862e0976767000040000000000000000800000085000000b60000009574f629d1c91ca2ea4588111ada3aee5f93dab0be4744c4e11290572b6436888b597ab4e5f63a2ac74f098ca81c09800a10aa553aa2ecf2c203ccfaf5a3ec0d485fb89b60751e51c9a2015942c190e97c04b5974e55a46300e7b20803cb71bc99cc250efe8901104f7141c719c3f4ddcd86316f4c927f199b0917b23e955c1ee27b29c89c1230dd6dcb46a4d88f16c2cea824839f543e9727bf80cbf37df6d57f4e40b6e95ad70369913ac53088e77c5fb2db82"], &(0x7f00000007c0)='GPL\x00', 0xfffffffb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000100)={'ip_vti0\x00', &(0x7f0000000440)={'sit0\x00', 0x0, 0x80, 0x7, 0x24, 0x4, {{0xb, 0x4, 0x2, 0x6, 0x2c, 0x64, 0x0, 0x53, 0x0, 0x0, @multicast1, @empty, {[@timestamp={0x44, 0x18, 0x73, 0x0, 0x4, [0x87, 0x100, 0xef81, 0x10000, 0x10]}]}}}}})
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd='])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')

5.269232533s ago: executing program 1 (id=541):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0)=0xffffffffffffffff, 0x4)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000400)={@private, @initdev, <r0=>0x0}, &(0x7f0000000540)=0xc)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x40006, 0x0, 0x0, 0x0, '\x00', r0, 0x0, 0x0, 0x0, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000000c0)={r3, 0x2, 0x6}, 0xfffffffffffffdd9)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x4, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r5, &(0x7f00000007c0), &(0x7f00000000c0)=""/79}, 0x20)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r9=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r7, r9}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f00000026c0)=ANY=[], 0x0)

4.919958648s ago: executing program 1 (id=543):
syz_open_dev$dri(&(0x7f00000000c0), 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
open(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0xc, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001340)=""/102378, 0x7706c522012798af)
socket$pppl2tp(0x18, 0x1, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x187)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000001e40)={&(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000001cc0)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000340)=[{&(0x7f0000000140)=""/110, 0x6e}, {&(0x7f0000000500)=""/113, 0x71}], 0x2, 0x20}}], 0x48}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='rpc_buf_alloc\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newtaction={0x64, 0x30, 0xb, 0x3, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x80000001, 0x0, 0x7, 0x0, 0x400}}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @private=0xa0100fe}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x8890}, 0x40)

4.70014878s ago: executing program 3 (id=545):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x50}}, 0x0)
r5 = fsopen(&(0x7f0000000000)='bdev\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fb00000085000000430000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fsmount(r5, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000003100), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000003240)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)={0x50, r7, 0x300, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x0, 0x6, 'pim6reg1\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x50}}, 0x24000040)
openat$ndctl0(0xffffff9c, 0x0, 0x40202, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x20, 0x10, 0x49920d862a92153b}, 0x20}}, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)

3.668821101s ago: executing program 3 (id=548):
syz_open_dev$swradio(0x0, 0x0, 0x2)
r0 = socket$netlink(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000440)=""/202)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = socket(0x0, 0x0, 0x0)
unshare(0x8040080)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x61)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000300)=[@in={0x2, 0x4e24, @multicast1}, @in6={0xa, 0x4e20, 0x1, @remote, 0x1}, @in6={0xa, 0x4e23, 0x76, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x1}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e21, @rand_addr=0x64010102}, @in={0x2, 0x4e21, @rand_addr=0x64010101}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e21, @multicast2}, @in={0x2, 0x4e23, @rand_addr=0x64010100}], 0xb8)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
unshare(0x6a040000)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000080000007f00000000000000", @ANYRES32, @ANYBLOB="0008000059acf1c00373994098642fb57e720035", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

2.770138547s ago: executing program 3 (id=549):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r1, &(0x7f0000000000), 0x10)
bind$l2tp(r1, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@map=0x1, 0x2e, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r2 = getpid()
r3 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r3, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r5=>0x0})
bind$packet(r3, &(0x7f00000000c0)={0x11, 0x0, r5}, 0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc1)
bind$packet(r4, &(0x7f0000000040)={0x11, 0x4, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x1}, 0x4)
syz_emit_ethernet(0xe, &(0x7f00000003c0)=ANY=[], 0x0)
capget(&(0x7f0000000000)={0x19980330, r2}, &(0x7f0000000040)={0xc, 0xd, 0x174, 0x0, 0x9, 0x6})
ioctl$SIOCAX25ADDUID(r0, 0x89e1, &(0x7f0000000240)={0x3, @null, 0xee00})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000002c0)="1a", 0x1)
write$binfmt_aout(r6, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x13, r6, 0xc9dc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ffecffffffbea100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES16=0x0, @ANYBLOB="0000a8736d07dd896de5557862e0976767000040000000000000000800000085000000b60000009574f629d1c91ca2ea4588111ada3aee5f93dab0be4744c4e11290572b6436888b597ab4e5f63a2ac74f098ca81c09800a10aa553aa2ecf2c203ccfaf5a3ec0d485fb89b60751e51c9a2015942c190e97c04b5974e55a46300e7b20803cb71bc99cc250efe8901104f7141c719c3f4ddcd86316f4c927f199b0917b23e955c1ee27b29c89c1230dd6dcb46a4d88f16c2cea824839f543e9727bf80cbf37df6d57f4e40b6e95ad70369913ac53088e77c5fb2db82"], &(0x7f00000007c0)='GPL\x00', 0xfffffffb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000100)={'ip_vti0\x00', &(0x7f0000000440)={'sit0\x00', 0x0, 0x80, 0x7, 0x24, 0x4, {{0xb, 0x4, 0x2, 0x6, 0x2c, 0x64, 0x0, 0x53, 0x0, 0x0, @multicast1, @empty, {[@timestamp={0x44, 0x18, 0x73, 0x0, 0x4, [0x87, 0x100, 0xef81, 0x10000, 0x10]}]}}}}})
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd='])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')

2.469447185s ago: executing program 3 (id=552):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2, 0x25, 0x2, @void}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0x10d, &(0x7f0000000200), &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080), 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd_index=0x7fffffd, 0x2, 0x0, 0x0, 0x0, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f0000000680)=0x5, 0x0, 0x4)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000002c0)={r3, r4, 0x4, r0}, 0x10)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r8)
r10 = socket$inet6_icmp(0xa, 0x2, 0x3a)
getsockopt$inet6_IPV6_IPSEC_POLICY(r10, 0x29, 0x22, &(0x7f0000000580)={{{@in=@remote, @in=@broadcast}}, {{@in6=@dev}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)={0x114, r9, 0xe701ac47a3d23ecd, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_DOMAIN={0xce, 0x1, 'C\xec\xf8\xa0w\x15|\xd8\xbcs\xe1\xb93\x14\xcd\xcb\xb6\xb9\xbb\x84\xe5\xbc\xdb\x7f\x9a\xf2\xea\xcc\x91:v@\xe83-\x1d\xaagQl\x7f\tKt\fc\x1f\x17]\xd5\xd0\xf0\xa8\xeb\xd2g\x92\x04\x02\v\x00od\xe6,\xd3@I\x17\xf3\xbees0\xad\xc6\xbf/*\xb6(o\x91t\x12\x93U6\xf4@n\xdc\xdc\x8a7y\x81FY\xbe\xbbc\xd2\xc3\x01\xa5\xe2V\x8c\xb3im~\xd2V\xdaG\xbdbF\xc8n\x86\xac\x9c\xfb\xda\xe2&\"\xb4:\x13\xe9\tc\x85\xb4\xcb\x17\xbfm\x846\xe7\x7fp\x9eCdb\xad;\xa2\x8fs\xbf6\xe8\xe3Xg3&\xe2 \xd6\n\x9d=~<\x93/\xaf\x89\x06+\x96]\xb5+\xee\xff8^D*\xdb\xb8\xd8t\x80\xd4\x8fK=E0\xe8R\x83'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @dev}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private1}]}, 0x114}}, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
r12 = dup2(r11, r7)
close_range(r12, 0xffffffffffffffff, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000900)={r12, &(0x7f0000000800)="2b34b99cf12c6effda87986d9143587da52562cd22b53990363095b7b05e66ae448634d7e0e3d099c499f75c5a0553bcfa0b00cc048597db8a4c7f5b1e1ebd1f92baadaf3b85e7f0692e347ec2694972004c2f8f0327eb15f959f78a4191cac2c4a2fd856ca4244f7a68c7420a3ec6cb68ab704d6d8fa384665064642158695c6e8ae1eafe98fc00f8eecaaa9f517bc780d0804f2e50ac914e08c2be241dd49b80b57c4245fa8b817d041b89d958a75a8f8c5c5baf316d67b52d020bc9dd6488e63667e8216f9da3f75b4e989a39831caea43b"}, 0x20)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ftruncate(r13, 0x482)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r13, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x18, r14, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0xfffffffffffffe08}}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r12, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x7c, r14, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x1c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xf9}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xf9}, @MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xc}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

2.250178001s ago: executing program 3 (id=553):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x50}}, 0x0)
r4 = fsopen(&(0x7f0000000000)='bdev\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fb000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
fsmount(r4, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x7, 0x0, 0x0, 0x0)

2.249875905s ago: executing program 0 (id=554):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0xbcff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080), 0xc)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0x1}], 0x1) (fail_nth: 3)

1.970226643s ago: executing program 0 (id=555):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000340)=@gcm_128={{0x303}, "48a38a242c60799b", "e0b63d12db5a52dcf220036e443f725e", "585ad2b5", "28d479a438cf033b"}, 0x28)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000180)=0x1, 0x4)
writev(r0, &(0x7f0000004ac0)=[{&(0x7f00000001c0)="ac", 0x1}, {&(0x7f0000001500)="e7", 0x1}, {&(0x7f0000000480)="253e07456a0838bb21934cfa7787b606ec13afda9289ebce6354ac6be88b11af2740f2cb15245a30e4025eb9b8acdacc02363690bdbea6b0e15e3594dcf6752685cc4ccc8452de1dac3bcab338d8943ddda83add1d5b82f26e39523cc874a39a3655617c763f2bece56bcb2ce8ec65f85a45ffad0fa9753619b3111f187244fc7552dc84cf31da26ba508cbbebced122d2fc175c8c9034116cc0b0f7a263530ba8df349668ed8bcb5479350ea71eb7c71ce24d3eb54cceb9715405c16cf22cc40e37eb9de6712990fe0702bea9dab3090c43eeeebce7d5ce42acefca2f5a0dcee4e64e8b2a822d2d2cb431067e8006f812801ec85cd60e8b37774ca122763f9abdc81661ec7053bde6d2691a7f87cc75e84b6b646d0b6e1ab52734cb74dd2eecf5a7043f0083d3708c85666f140fcdc4bdbbe3a68cfe6e3e0f01cd8633f33daa8c8c09dc4db78b252e53f4373bf0d8c1f47068b4f480b6bdbfa8e0c45b8474d55a3a200f248d33f2fcd832d96df2ab0cd94ba40fce8760dcf57d6c72a401356531f6321287d972b16e823a82f55d63153ea673e0353b7da1217ded6c25fbc3853f1ba1b37eb09758c820daf023c7c9da5cd6a66df05fb476c0453cc31e6b582997ebbef3b63f581eedb22e86f1452fbd2efe132d8377e4b3aa9ac3de5c793ab9ffe650ec5672ded94aac2d459e4c86e47894e2137a8c1bc87e224559570a53024b0bd08f2d232d0dbd9572d0d125c6c2f0f24fdc4e9ee9f3bce44d935d1dc3485395dea8e48e9116ec0d3b2b34beb832f4b6c3096978faf6a5efce8b8678b9087e7d45ec5adfee1cda911cffe95d50bc17a1ebe2e870a39146b9735bae6e09fefffbb6d3bd2d3bd8500ca2584c128b60e80914b299105b9746a9431a657ea1d24ccc17ba3429b844de5436241f7ece379b6786f0d02e895410a41716796a84e8e18b73f833135929dceb312644ba39a12d7af8bf0e00a305911b5da264c7620030bd521dac1b4b9ae18b7125af8363b26e9698cd9d2b7571d1fed246f93541a5100b82e25e5e9e9f033755afad2e9c0cb51742dc7d8a844b9afaa4cfa8f1572fc3ad2b4a0005587041b431ec770fd170e4994a86dcfcdd9e61c257dec3fdead5fadb90354d782fe8fabea3f66e1026cf8b41849b8fba5cd4c3dcd86b85428d9c184241ed8c97a626aad7f64c0b8c71cb889c46a1c3696a269427323e7628f70d852d02d8523b2e8964afd4f2e37be3f1496a6023de2c47f00085d717357aff8008ed4915366c80e71cad19582a33435f8d3072a3b8a367c846abda6a185c295ac4a544d3a75c54b7a704db5207522c78594a3f6878e9d018d1bdb08daab88f93db4d891d4c42f2a0ddc3f5ca950fd33c4bd4cd21a40df741174efe1626e5e995a9a1a920a70fdde4f40b81c7a45c4a7f4b84ebb71edbffbf1cf0a37aaa70b3db2857cbc18d14e24d6c74eac79771ccb4056a1a1ba9b57c18b67d774f57cf39685ba38d00c5351aca518f494923f3bb18d30e0813ad322bda82be9dff70a8c926b5db2edb0d6e93a781f02176b70c260530fa55bc7aa85f2449f0304e565f8ebcd7592c73c5f07627bc06f703643cebe700d40a51773c2fea6eb1433110a6c33787281344b2704234fe3cb00cd6edadf337cbf6b38d306326d7ea389fd0e33cc1dcd31dcc82a6c0425962aac3c7681941fbaf872d444aee9a711b608ac010502b740f1dfd95b4c221257415fca03619789cf000222da8da394921de5a4936e22008628f024a5d52d5964e731d95f51c84fd3091794f3063ed880b22fb3229452c0abf7c1ecb7705dbaa4e16e734e411e1562116d9c1301a7468c9164f8ff971fd715787c636f54f5ea427a327d2bb82a8fff4712a2c3ba7ecc923d6427e6498cc2356f167724bd22e11d86d4a2d0cb57e3df8b8ab6692ba2da225c0ca680f3ceab25b4556c1d218a1d87adca75d27cf735621e00970a28fd7ea13e5bb014e12e6c2900a58c9a62529a911a8b14137754f780cc3a3ff0f440511d6a7364e6389c63679b9834a33560efdcd37442c41afc55e2375e135eccc54698ba120ebbe759e6efe88da6973d45249450e4305a4029a96d433fc2adda5c2a6fc8b4b779fb72165e605378fae8ff6e66279098e8c9670507a0547a5b225988170b88b7abe4fe129410439d6a3e80bf1645e294d5fa19f774a27f5089c90d7995bdbc19fc477ed2ee03e631cb4d0f8385e93ab5f6236bdd23f782cd42e3767aca33ec90cbb512b49a815183a0a1f9bf74beb7a9fc9e4e3500f0e0f42710aef1fb55318bbe1e8ddd608b945c049df26a18ded573c34c34154cd76ee0b3debce1f50c9347797902b17e322a53e8a6ce066335c09aebc67e6f4caa4b78bf581a7e74611185a0a5d2b2ba7e7d11292b7c5f6324c5f437569bac18c35332ba9589ffe2e1b8da3bbfe861f8a973ad2ab14895b618f065dd6a575737950ff16985d42048d761ee9c9db8ac2aa19e56c6c12a3fe570962382593eeec5c999368f2d467e11f024aedca4e73436e4788ee66f57efb2c337ff393ff4b91b06f4884c43e592651ef1e3a9d8b16af9448bda9cabdb54bae587bf8b83c14dd2f036c0bf6ed191a16b9dce241823e1f6141c3892604cdb520c0d3be29404f5bdb2265499ef7a8a71a461ea3e5f6efa3cd2ed986484db53d369c88fccdc23efeede27a75dabd48efb7dc7c51ae313599dc93ade45b9c90f6c2779cf0f93f9020890e4ee0e57636043c76db6d46898b3ce53116035d23937f55913f2510899b23e4524d63ccbf59eab6fdb56e7f5f1b1606e2f706444a311adad679b5732f54a7ff9307dd6183fe9c411d905470bc67067ed11aa63bc10654ac3eb8555e195497864e18f5b0722379a68e58c5c2ebca67a6e0e3c7be00d23419632e8c9c8fac96b94f7d75babb5e0a9d4d1f3d69316e4a198ad8bc5816889f3595f5c33d3721eae290729b4e8d63b2d7f9cf1bafdaa2fae366921a9bedd47c9420476978b1d3b825a8e775afbf853d6dab3b920e0a6a905f14f80931a9e90d0544937d45856d39cac23775171fe61019f83c4c73baf11e3d50ff2f45d3f5a683633bde876b0375120968db1bc24833358c84584225893936a1485800816e81efb716a5522ada9b4bf574880d4c4348d26d4d200ded60a4dc29129643f260e7d80e3ae932c0b4e88df4ee34f2126a81e30f4d10469f4638c9a4d2914a42ea32f94acc4dbc57b132ab365c1027e3a94d65c599c2b38944fb7f5860aaac766956c605d1cd2e7cac579dda0b8d205efe0050a607e98b22ae362ef42228894416c099a3abf6e3dfa5e89b18a170199b1b1516537ebe9ec8facc04c8fddfadf18cbbbc3932f4af9dc6ff9476ce84ef02cff37ede0d11b8ebf54100ad964d6a2dbab271ec9fce925a9b1b00a899bc478ad03afc247f30085c340282886c0233cc6a956894f0f58987982021a95cf61c5fed0c6060467d61c58b64b7d5938ee0e97768f4084bad999180645b9beae750a92888c70d5bfc9b41cea7c9247cbcd5c28979e55b691be24cec4d87579fed548ce118c35460e91b685a917c3ad949d182092cf980004750d6c0cf461885b808804626a9d5b712d647939764c139ba33bb63fedfa4eaa94c4ead284eccbc2c6a06601f537b74502d4a93b23a94e050d85179d9d7ca5b7b18dfc9adca36d184ac88e057de29f81bb34be523bab6bfdd3120efc754cea9ddd7f35f801a1cbdad51d06b324914fff4e07a056ddf783e8d85c237e857ac6ba9a06482ae917d225108c93757ff902a080001a5b5a6d864f1d3cf2a06cff1e7bc682a471792f423bb8f967f428f38b09fcf2c827b87b4c4f7e3f0db812ca7c9be2e347eb00d9e4a424d6627e4142f9b59b80322e07954a41c9139b62ecd5b8ba181087b986a009a93dcbcd3a27121a7ddd6d36b299e8686e5c04a33657cff33e7551fdd6c9be516f50c19b53eb87dd9426cd90ff6718e708539760136dec07a0a3db0e2df8cd94a46067703366b2dc5f897acf28a526163ff1ecbed382e8e65a611e23320a728c9d26342d25de924daa11b5f1893529cc81bc696bbdaa1aa76b472647d905917c6e7c0db6e548ded915c671cefded97ac76a23ba2732371ae22e718cd1a347eb055eec84c3878f5e96f6cb4f9bb0", 0xb81}, {&(0x7f0000004c00)="f2", 0x1}, {&(0x7f0000000040)="0e", 0x1}, {&(0x7f0000001480)="fb", 0x1}, {&(0x7f0000000140)='5', 0x1}, {&(0x7f0000000380)="9c", 0x1}, {&(0x7f0000001640)='e', 0x1}, {&(0x7f0000001740)="fb", 0x1}, {&(0x7f0000001800)="f5", 0x1}, {&(0x7f0000001900)="fa619d2769b95c5113c34171ce2d625a2bd1610dde92e5379d9d36da58e456da234c4392a72ae547c175dec2be231c9226eb1eea889fb39e3359e5564f9ef6ac72709873d0dfb87a7da117db4ca466f2e349826eb459fc792428a1284213f725599bc76aa00cbc647c04215e3f8fed947645d81d694fb71c84335816db613b5e82c65c373598fa2eea5c1a99281eba6b828a48961eb3ea3c763b0425ad60d4ff5d442a8517b1cb6f7769ca66620c0791e715f8edc3d1843d8a962277f5e28c8c97c7172497b33fae6ba7b1c38e0d924630754e2fca05d304c2737e0768c1289947c8160b259169f6b99d8f9008f65dd7e55313280d3fe65b893261417d2c49f0101ba8d7fd4cd6b112efba1bb9a091bb6951a3e19303037a9d12c9cc06c781a80512095d26423a4fe310c6d21a39b7c4b7a3b141f0111f42a645ae46c325280fe6893076a1e8829087c2172f4f35f183fbaa5f73a35decbee48913f47b4fe95315cf2bdfde573deeae3f6c81b99db30b5864c18e87c5419ef0a242db16b1627c1d2d2c28c86400b7e420562f92c0d72ecdaeff5a660de231f2e034608249b80341188f3a5d87ef2760fb83ad02fa8225b4a71d328974163cb92ab8e58e0b4c6ef3f850a87b25eb6ad581f59592f54629a06630d8b68ff41414b69d19d4b1b8dea53471ce9d20dbb6bed976a4124e0168e25c3c1e436c691ebfb7e5046bd1a2763c85a86ec434796f243cca7a321be7288da7c6086487e33184809a4a5a0a17aed6af4d9e8665721087c376986578805cf19986a0cd71d1715d5abdc7a82bdfaf7938c6b5563825315fcf89c1cbfeb435d1c90ea15d92e2eb11679c59c42af2ece598d1c92d00afff8226fbe221deaa152576dc0a71c38fdb8ce519c5661077d6579bf668b86c0d0314ce6400fe334488673c17b4c87c033310ca77a6ce886d4a9f6522d03a1e8760d209bc8104e93c9b4cc48743945900144f0123c5c1f91fdcc17c11be3e46d89341db89f7757ba0c3b4cc15baf73342709e2d98d0f7cd53c9f0fc9e6670b1bedf702e4fc6378e1c3a69edca9081885d51f2c3fe2405e64e5ead0ce253d00fdbe188891d471172638a8c35726b404972040547b4c05cbea77ff0a4cc5dbca3364ed935432857ec50472425de18a3596a348305cbde598d12c82407a4ab3236688b0eedebc6be0502c4028c60d4f53d94ae64c11007ed14eec55079a00bee3344f4dbcc8255f955e65c3d897a64cc307a4d114bf301a9a386af272fd4034cab1273eb52b834ff1dd42f7a09dde67ad8afb448c215272627422b1198b2b99d4b0c8af628f9c6dbbf0c68f4fed9c52d26dd6ce9e6fe37d0ee3d516b77a3659bd248af53bc83dc6374047740820a988380e5c83683b6a0a9d7f7bef0e0f5de1ff7ea2690f45c2a91cefc2078ef57057353e2b0bfa58fd210ef915e52f828281771afbd4c7570011e880c0305ca3e6bc7e74b950c406fac535de15782dddeee902bb44786fadd46b5a3e847e6207c83edb0b74a04774e17d910cbf57b96f37c387f0f290dfaa9dd2c5af6f4246026e7189b552743f4f25697607c3f4aaafb25096facb9eb2f3b4322d53d7b6d17820593d165c8747516dd5f1004bd0b8b2700ca3e40011087e4587a29ff7848adcfa1741e1c70cea919605fdfcd4e6740bf341f9f0a0f83d284e026db5c13f4203a0f4b7f361ef29281bef1ceacf101c5c806c6dc265f93e4c820157b0362c7478215282badd4956d82e9eddb4a5b1337ebc3059083fa979a84b5d3ed605ffa0795bd5b222bfaf0079b2bb2ff189b859abf9124fab3b5ba7c2694bb4c8ade22da3cbc811885febf703b31fa3e64cd7f17887db29f7a8c709538e528f32095239897d621d29b52751ecbd414086cd9448486ed34ac8f2879543d86a6f54a34e34627750595d102ec0c1eaec47bb8a30006b4f7f7f47cddb1613c03c8faea0875bd153c6e7b74b2009fef9802ca542d2039753ea8ca1f3efeb79d6ec9b05829e2eaa3cb593473c306db653de68cf12480ed5901d8dcaa2b5db96fd76562a4d0dbc815b471b34d6ed194da71f514a0ad8d952c2842907312ea75e77b14d72ae97b7b2a9436402937ab87e671c39c2a2a919c4bcfc03b9e99264da18107c20ac464f01d659bb444ccbcadc2aadc151872f8acc1320968ad2123eace76eabe670c9a5f60edb801679d9bb8b3f782f89df656c63fd78ec9c8d9bb424d9ea5ffb6a54f8ab00cfd9868b0102735e1bd20b111761877b7ce0cf92c46d2495da21029e5c89b89f940175c4fce09264d7538539d2c0c6e3fe6b4531d775c0d3d36d07ebe6e3f727bde4289891d200d8f61a9516de553aba66722c3faaddde6a53beb113a4d9cbd62ef601524b64dcf777e95a6d4c0d567dc4a695d80beb0b99297dc801684a7d5729c2e04ed204f0f0638e2a1ef7ad6ed1e241d6c389e0dd7fd4632900dc40f9ac0faa759e8870152478c18943675a37bf4d277423abf8fdf619bc31473d8613ec0edddab6d4340ae0161d4107205", 0x701}, {&(0x7f0000002900)='B', 0xf4240}, {&(0x7f0000000080)='\r', 0x1}, {&(0x7f0000002980)="4fb10ab7e2d4a3b1000edaff6b752688a7955a47ab5d587de885ae84f616b798aa60a8573ef10e4e67c1303c57bcfa3f429b6fe38c319b2b3d4096e5f7f6b967517e34a199bf488296dace1b5b288c432d44e0a27b622f1c315af8b4b7a0f1bb3d427cc39e459c04fa8092d9401b247b711bd5857697f18f731113f15b478c3b34b35512449ffc0d91db56c6e13887ea29e8cddd2fa48c9d01b2e428a42ef843b6d939f42f7eae6b9f2a30bde8f6e32a71868a3cac50ea774044454b32cd4e196c8f002b69a678505cfd0485e10f6cad7d45fa7c54779f4dd0427246e66cea1231633375d3510eaa063f63e1eb30b6b01513c2faf6f7e27bc2b0470559ea0fb11a7b0af81816a9957c56b2a76cec06c74595de81330a225318f87b5eb67266165cc94199ed361453e23144c66339a55015f0627467c378df7ee2cc9e19e720d20b048e81fd01077a6b1f3fd699e6e7c49afd55ef9c2be24dd98511a130c0ec84f7221dd234f7476b7a90b7c7b52f6a1d9def2f5dac87d7a0d15aa6f4949d5dba822b3ff2429ded200e3007cc1bd287baaa1233c7692a8b1d3648e9a5977ec62d968a73c2655d4f95f4fc21eb698cd28c2a26f1d9a144817b1cccbdfdde075585709f9ff8ad40b1268e84ceb48ec488200bf3601ce8e287bd98e9175128a70961f47b685779aed03ec092ace8c350e7a975bd7a770842456375286c05da7b302e1ec723a85dbbd37a634200c1898ea7e8cfc6bb1d4a0411035fdadc8511b5c2850635d01a4e15b41693322e6243c4ffde28f7ce247ec8eef68b2ef189988146fd287859539077850faee753fa437003fb9b393231219b7aeec9d95d75fbb39b3675a4b538c43fdce35cb4857c17574894195269c82f8c742ff12914aedd6dc8147d46476e4ebbd53f620297feb18edd9f56f20ecb23dec82a61a516fec3d539d838deb3cc87b1ac21f7046345cd23c1f371772def24947a81efedb0d88b5b4710cea6ea901f3e497cfcaea6fe180282c6a0452515909ecf2538a1762afc1bffbdd46106a5bbe5ef1899efb0f98ab0913349c15898fb064cd1f0a4ba5117bb949e82aeb1aaf6b7ade48da5e554fbbda6a1b4a804cff9473213bfa88e328fd8a71478cff124c3c3546d01635fbd947e6340cb00b12591ed628459057914ce2dd631425b6da1758d72f535ee0fdcb94f325c10eb734f4a73f248c0f6edade452211d76a5324a48cb31f6447b81c962027ae1cc5326e843e693f5dbd7133bef7d6da55e5aeb57ff44e0576136f078e883bedd05e0baaf32c79b54222ea0b0e5d260e8a4e4730ccc2b593349a07bafe4aa99d4d68ece4ff76aff86a708a69405baa7b9158f4961e66c00f511a6b46608f678e5fffe049617f7df1ad7a3a33a9b76bc05f2e03867b27ebfde563f6e91fc84d5aacf07286fcf470226608395477750dd28bdbd83bdf54b9b41ce119023dde948bfc4748853ef7732c9b14aa3c35c5043164154a1b110ab6ec0978d5d1cf618f9b207d9ecda064a81ed5718b588659edf57bb33582bd4612c221606ee3d65b6d64beebcd376e4baf0e71da1f3e958ea7d50233494d10b1eee558ac0b7763b8c3bf1e332c27d4e59cf91d12101927f248781169d6d75fef7fd26280a3956ffee5c969c2c7e6a1fed3a6c8552c088f92f81e6565e334b26b7d7493c7628e420e8cdfc22d61695a7471a220da716776380e10e798bc7928fd44d5b3a2d85bdec4e4ec00b7f5878ee5b9cf21e265592d4d10af62b466c5351ed36411d6ea154c9781512f801ab5c467ba920846c3e3166365c0e8883d4b0217c69fa2bc4c9636b39434fa0eaaca8526fcd8a2e7eea1c7f25fa1765ae04a79138f42e785749bcc6df17e45c6669324fdfd1a6620db85937f6d6cd140e7ea8bff6631bdc08123f38f7d1291913cb543220331cc7d05705f9f95459faa067c92d929f7e8d03f6efa7fe8c32f927048d193d31adfe18f2474ee2a1b4c0d5568640a3c7d0f431df9611e2655382c8c2ff63617b572ca21e0883d61f9ef20acef4f792e2705a942f79d82c8b92d1c9ae7ebe19ff973f29230d37420644a155215e60d93d5e9e8e71787ade61ae629f740a7922ca29334d68753a59f3ac1bf7d657bdcfb3fd280e9f3d1692af0fd6e6f59f1bed425970be1e86262961b9f76b0d78889faef3c1001b22dc000a329d57d2cc1a21021003d159ce1d13f359dee94c93155364de31e3e5f312f80af9156a451c9e7053cbd11c91e43382e40ac494ce1cb00fbe27e6d09fb4dd0ca0a6d53d7e4defc21dc49e72508a90161f8fe69dd1c19fce62012e57f435ef42b819ce82f35641605c50c831c65240ea14cd86", 0x681}], 0xf)
socket$packet(0x11, 0x3, 0x300)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x7d}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$tty20(0xc, 0x4, 0x1)

1.878534176s ago: executing program 2 (id=556):
r0 = syz_io_uring_setup(0x16d2, &(0x7f00000000c0)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='6'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

1.82734235s ago: executing program 2 (id=557):
syz_open_dev$swradio(0x0, 0x0, 0x2)
r0 = socket$netlink(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000440)=""/202)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = socket(0x0, 0x0, 0x0)
unshare(0x8040080)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x61)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000300)=[@in={0x2, 0x4e24, @multicast1}, @in6={0xa, 0x4e20, 0x1, @remote, 0x1}, @in6={0xa, 0x4e23, 0x76, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x1}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e21, @rand_addr=0x64010102}, @in={0x2, 0x4e21, @rand_addr=0x64010101}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e21, @multicast2}, @in={0x2, 0x4e23, @rand_addr=0x64010100}], 0xb8)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000080000007f00000000000000", @ANYRES32, @ANYBLOB="0008000059acf1c00373994098642fb57e720035", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

1.000124134s ago: executing program 0 (id=558):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffe26)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x44000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000d40), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f0000000000)={0x1, 0xbd13, {<r2=>0xffffffffffffffff}, {0xee00}, 0x10000, 0x4a37})
prctl$PR_SCHED_CORE(0x3e, 0x3, r2, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x81, 0xfff, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f00000000c0), 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x1)
ioctl$TCFLSH(r5, 0x8926, 0x1000000000000)
r6 = socket$unix(0x1, 0x5, 0x0)
dup2(r6, 0xffffffffffffffff)
r7 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b03d25a806f8c6394f90524fc60040f030035000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

892.118414ms ago: executing program 2 (id=559):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x50}}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x44, 0x44, 0x2, [@volatile={0x0, 0x0, 0x2, 0x2, 0x4}, @union={0xd, 0x1, 0x0, 0x5, 0x0, 0x4, [{0x4, 0x5, 0x4}]}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x4}]}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0)
r2 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000063019b0000000000950000000000000071a8d592b2874e8c1d0dff5409307d894d30bbdc92517f18890400000066dece220917c3e29dbc09764747e14957158d3dbadcdef22f3fd78f6d8339811026218d0a7677f9568e7189e444766a55ce43bb745aa696bc09bbaa1fa079b7ee50358c6950cf155860b8b76003fe561428d5aaccfe51b4e86b5520e51a621ef15b7e7459cdc659"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r3, 0x0, {0x1}}, 0x18)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r3}, 0x18)
writev(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='h', 0xfdef}], 0x1)
openat$ipvs(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00'})
bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r3, 0x3, {}, 0xff}, 0x18)
ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, 0x0)
openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
syz_open_procfs(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100800001)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = openat$drirender128(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r5, 0xc02064cc, 0x0)

450.232718ms ago: executing program 2 (id=560):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000035c0)={0x0, 0x3}, 0x8)
sendto$inet6(r0, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0xbcff, 0x0, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="88", 0x1}], 0x1) (fail_nth: 3)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080), 0xc)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0x1}], 0x1)

149.793762ms ago: executing program 2 (id=561):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r1, &(0x7f0000000000), 0x10)
bind$l2tp(r1, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@map=0x1, 0x2e, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r2 = getpid()
r3 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r3, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r5=>0x0})
bind$packet(r3, &(0x7f00000000c0)={0x11, 0x0, r5}, 0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc1)
bind$packet(r4, &(0x7f0000000040)={0x11, 0x4, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x1}, 0x4)
syz_emit_ethernet(0xe, &(0x7f00000003c0)=ANY=[], 0x0)
capget(&(0x7f0000000000)={0x19980330, r2}, &(0x7f0000000040)={0xc, 0xd, 0x174, 0x0, 0x9, 0x6})
ioctl$SIOCAX25ADDUID(r0, 0x89e1, &(0x7f0000000240)={0x3, @null, 0xee00})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000002c0)="1a", 0x1)
write$binfmt_aout(r6, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x13, r6, 0xc9dc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ffecffffffbea100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES16=0x0, @ANYBLOB="0000a8736d07dd896de5557862e0976767000040000000000000000800000085000000b60000009574f629d1c91ca2ea4588111ada3aee5f93dab0be4744c4e11290572b6436888b597ab4e5f63a2ac74f098ca81c09800a10aa553aa2ecf2c203ccfaf5a3ec0d485fb89b60751e51c9a2015942c190e97c04b5974e55a46300e7b20803cb71bc99cc250efe8901104f7141c719c3f4ddcd86316f4c927f199b0917b23e955c1ee27b29c89c1230dd6dcb46a4d88f16c2cea824839f543e9727bf80cbf37df6d57f4e40b6e95ad70369913ac53088e77c5fb2db82"], &(0x7f00000007c0)='GPL\x00', 0xfffffffb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000100)={'ip_vti0\x00', &(0x7f0000000440)={'sit0\x00', 0x0, 0x80, 0x7, 0x24, 0x4, {{0xb, 0x4, 0x2, 0x6, 0x2c, 0x64, 0x0, 0x53, 0x0, 0x0, @multicast1, @empty, {[@timestamp={0x44, 0x18, 0x73, 0x0, 0x4, [0x87, 0x100, 0xef81, 0x10000, 0x10]}]}}}}})
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')

90.208311ms ago: executing program 2 (id=562):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{@in6=@loopback, 0x0, 0x6c}}}, 0xe8)
r0 = io_uring_setup(0x669, &(0x7f00000002c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x8, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect(r1, &(0x7f00000004c0)=@rc={0x1f, @none, 0x8}, 0x80)
syz_emit_vhci(0x0, 0x7)
socket$nl_rdma(0x10, 0x3, 0x14)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 0 (id=563):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000035c0)={0x0, 0x3}, 0x8)
sendto$inet6(r0, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0xbcff, 0x0, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="88", 0x1}], 0x1)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080), 0xc)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0x1}], 0x1)

kernel console output (not intermixed with test programs):

vtap: entered promiscuous mode
[  170.561745][ T6316] netlink: 100 bytes leftover after parsing attributes in process `syz.3.183'.
[  170.607500][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.610260][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.612775][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.615571][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.619036][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.621788][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.624339][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.627363][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.629920][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.632604][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.635155][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.638327][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.641855][ T6227] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.704179][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.707645][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.710188][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.712863][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.715418][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.718952][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.721480][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.724191][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.727561][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.731060][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.734326][ T6227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.738357][ T6227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.742473][ T6227] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.769886][ T6305] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.772322][ T6305] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.774928][ T6305] bridge_slave_0: entered allmulticast mode
[  170.782956][ T6305] bridge_slave_0: entered promiscuous mode
[  170.788003][ T6305] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.790784][ T6305] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.793454][ T6305] bridge_slave_1: entered allmulticast mode
[  170.795517][ T6305] bridge_slave_1: entered promiscuous mode
[  170.812067][ T6227] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.814398][ T6227] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.817214][ T6227] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.819497][ T6227] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.825487][ T1104] hsr_slave_0: left promiscuous mode
[  170.840782][ T1104] hsr_slave_1: left promiscuous mode
[  170.842807][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  170.845177][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.850719][ T1104] hsr_slave_0: left promiscuous mode
[  170.852581][ T1104] hsr_slave_1: left promiscuous mode
[  170.854706][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  170.856796][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  170.863508][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  170.865468][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.883890][ T1104] veth1_macvtap: left promiscuous mode
[  170.885819][ T1104] veth0_macvtap: left promiscuous mode
[  170.888042][ T1104] veth1_vlan: left promiscuous mode
[  170.889844][ T1104] veth0_vlan: left promiscuous mode
[  171.069633][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  171.102624][ T1104] team0 (unregistering): Port device team_slave_0 removed
[  171.686787][ T5347] Bluetooth: hci5: command tx timeout
[  172.441508][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  172.521486][ T1104] team0 (unregistering): Port device team_slave_0 removed
[  173.358628][ T6305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  173.381348][ T6305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  173.442708][ T6305] team0: Port device team_slave_0 added
[  173.539042][ T6305] team0: Port device team_slave_1 added
[  173.766650][ T5347] Bluetooth: hci5: command tx timeout
[  173.840790][ T6305] batman_adv: batadv0: Adding interface: batadv_slave_0
[  173.842672][ T6305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.864522][ T6305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  173.880624][ T6305] batman_adv: batadv0: Adding interface: batadv_slave_1
[  173.882485][ T6305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.890000][ T6305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  173.902817][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.904890][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.120569][ T6305] hsr_slave_0: entered promiscuous mode
[  174.122812][ T6305] hsr_slave_1: entered promiscuous mode
[  174.124846][ T6305] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  174.127434][ T6305] Cannot create hsr debugfs directory
[  174.130729][ T6229] 8021q: adding VLAN 0 to HW filter on device batadv0
[  174.134651][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.139161][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.292348][ T6229] veth0_vlan: entered promiscuous mode
[  174.325720][ T6305] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.336377][ T6229] veth1_vlan: entered promiscuous mode
[  174.351009][ T6229] veth0_macvtap: entered promiscuous mode
[  174.355455][ T6229] veth1_macvtap: entered promiscuous mode
[  174.364694][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.367938][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.370488][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.373254][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.375806][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.379125][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.382075][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.385027][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.387962][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.391267][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.408184][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.410938][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.415396][ T6229] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.423967][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.427013][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.429661][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.432625][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.436330][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.439443][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.442073][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.444779][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.449203][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.454207][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.457008][ T6229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.568631][ T6229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.800136][ T6229] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.821883][ T6229] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.824198][ T6229] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.837483][ T6229] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.839825][ T6229] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.873402][ T6305] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.954613][   T39] audit: type=1400 audit(1728232130.171:335): avc:  denied  { read write } for  pid=6349 comm="syz.3.190" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  174.959294][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.962924][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.963733][   T39] audit: type=1400 audit(1728232130.171:336): avc:  denied  { open } for  pid=6349 comm="syz.3.190" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  174.983586][   T39] audit: type=1400 audit(1728232130.181:337): avc:  denied  { ioctl } for  pid=6349 comm="syz.3.190" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  174.984533][   T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.995915][   T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.041164][ T6305] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.097333][   T39] audit: type=1400 audit(1728232130.311:338): avc:  denied  { unlink } for  pid=6356 comm="syz.1.191" name="#1" dev="tmpfs" ino=30 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  175.103064][   T39] audit: type=1400 audit(1728232130.321:339): avc:  denied  { mount } for  pid=6356 comm="syz.1.191" name="/" dev="overlay" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  175.137498][ T6361] netlink: 36 bytes leftover after parsing attributes in process `syz.1.193'.
[  175.140912][ T6361] bridge_slave_1: left allmulticast mode
[  175.142442][ T6361] bridge_slave_1: left promiscuous mode
[  175.144138][ T6361] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.185431][ T6305] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.291042][ T1104] bridge_slave_1: left allmulticast mode
[  175.292857][ T1104] bridge_slave_1: left promiscuous mode
[  175.295360][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.333276][ T1104] bridge_slave_0: left allmulticast mode
[  175.335277][ T1104] bridge_slave_0: left promiscuous mode
[  175.351479][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.846686][ T5347] Bluetooth: hci5: command tx timeout
[  176.443223][ T6377] block device autoloading is deprecated and will be removed.
[  176.445898][ T6377] syz.3.196: attempt to access beyond end of device
[  176.445898][ T6377] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  177.567370][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.579874][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.585150][ T1104] bond0 (unregistering): Released all slaves
[  178.114401][   T39] audit: type=1400 audit(1728232133.331:340): avc:  denied  { write } for  pid=6381 comm="syz.3.197" name="uinput" dev="devtmpfs" ino=864 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  178.116003][ T6382] input input8: cannot allocate more than FF_MAX_EFFECTS effects
[  178.519748][ T6305] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  178.528377][   T39] audit: type=1400 audit(1728232133.741:341): avc:  denied  { create } for  pid=6388 comm="syz.1.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  178.553669][ T1104] hsr_slave_0: left promiscuous mode
[  178.555887][ T1104] hsr_slave_1: left promiscuous mode
[  178.558200][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.560170][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.561101][   T39] audit: type=1400 audit(1728232133.781:342): avc:  denied  { create } for  pid=6381 comm="syz.3.197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  178.572884][   T39] audit: type=1400 audit(1728232133.781:343): avc:  denied  { connect } for  pid=6381 comm="syz.3.197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  179.131022][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.133187][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  179.194343][ T1104] veth1_macvtap: left promiscuous mode
[  179.195945][ T1104] veth0_macvtap: left promiscuous mode
[  179.197524][ T1104] veth1_vlan: left promiscuous mode
[  179.199008][ T1104] veth0_vlan: left promiscuous mode
[  180.452279][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  180.511404][ T1104] team0 (unregistering): Port device team_slave_0 removed
[  180.991324][ T6305] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  180.994654][ T6305] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  181.006886][ T6305] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  181.116264][ T6305] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.124007][ T6305] 8021q: adding VLAN 0 to HW filter on device team0
[  181.133094][  T212] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.135014][  T212] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.139912][  T212] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.141849][  T212] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.171313][ T6393] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  181.179837][ T6393] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  181.182633][ T6393] Bluetooth: hci10: Opcode 0x0c1a failed: -4
[  181.184248][ T6393] Bluetooth: hci10: Opcode 0x0406 failed: -4
[  181.188081][ T6393] Bluetooth: hci10: Opcode 0x0406 failed: -4
[  181.190982][ T6393] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  181.192586][ T6393] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  181.194645][ T6393] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  181.213540][ T6393] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  181.215193][ T6393] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  181.226332][ T6393] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  181.239057][ T6393] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  181.245024][ T6393] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  181.250864][ T6305] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.256245][ T6393] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  181.264708][ T6305] veth0_vlan: entered promiscuous mode
[  181.270529][ T6305] veth1_vlan: entered promiscuous mode
[  181.287294][ T6305] veth0_macvtap: entered promiscuous mode
[  181.290583][ T6305] veth1_macvtap: entered promiscuous mode
[  181.302136][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.304862][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.307457][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.310174][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.312785][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.315647][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.320784][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.323723][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.326301][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.329269][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.331837][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.334647][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.339094][ T6305] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.344201][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.347128][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.349697][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.352406][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.354978][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.358105][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.360789][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.363520][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.366121][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.369902][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.372462][ T6305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.375214][ T6305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.383392][ T6305] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.385974][ T6409] netlink: 20 bytes leftover after parsing attributes in process `syz.3.202'.
[  181.390742][ T6409] vlan2: entered promiscuous mode
[  181.409783][   T39] audit: type=1400 audit(1728232136.621:344): avc:  denied  { watch watch_reads } for  pid=6408 comm="syz.3.202" path="/proc/55" dev="proc" ino=17370 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  181.418094][ T6305] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.422058][ T6305] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.424751][ T6305] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.430455][ T6305] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.485808][   T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.496178][   T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.522308][   T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.530494][   T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.628706][ T1104] bridge_slave_1: left allmulticast mode
[  181.633377][ T1104] bridge_slave_1: left promiscuous mode
[  181.643420][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.656873][ T1104] bridge_slave_0: left allmulticast mode
[  181.661772][ T1104] bridge_slave_0: left promiscuous mode
[  181.664854][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.269546][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  182.461110][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  182.483649][ T1104] bond0 (unregistering): Released all slaves
[  183.055800][   T39] audit: type=1326 audit(1728232138.271:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6444 comm="syz.3.209" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f67abb7dff9 code=0x0
[  183.189670][ T1104] hsr_slave_0: left promiscuous mode
[  183.206671][ T4770] Bluetooth: hci10: command 0x0c1a tx timeout
[  183.206707][ T5344] Bluetooth: hci0: command 0x0419 tx timeout
[  183.209938][ T5347] Bluetooth: hci2: command 0x0419 tx timeout
[  183.216580][ T5347] Bluetooth: hci3: command 0x0c1a tx timeout
[  183.234116][   T39] audit: type=1400 audit(1728232138.451:346): avc:  denied  { listen } for  pid=6447 comm="syz.2.210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  183.286573][ T5347] Bluetooth: hci5: command 0x0c1a tx timeout
[  183.288259][ T5347] Bluetooth: hci4: command 0x0c1a tx timeout
[  183.344962][   T39] audit: type=1400 audit(1728232138.561:347): avc:  denied  { setattr } for  pid=6447 comm="syz.2.210" name="/" dev="9p" ino=35922398 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  183.354375][   T39] audit: type=1400 audit(1728232138.571:348): avc:  denied  { ioctl } for  pid=6447 comm="syz.2.210" path="/3/file0/file0" dev="9p" ino=35922400 ioctlcmd=0x923 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  183.450204][ T1104] hsr_slave_1: left promiscuous mode
[  183.452621][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.454757][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.457758][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.459812][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.484939][ T1104] veth1_macvtap: left promiscuous mode
[  183.486504][ T1104] veth0_macvtap: left promiscuous mode
[  183.488753][ T1104] veth1_vlan: left promiscuous mode
[  183.492331][ T1104] veth0_vlan: left promiscuous mode
[  184.037943][ T6459] netfs: Couldn't get user pages (rc=-14)
[  184.609298][ T6472] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  184.627557][   T39] audit: type=1400 audit(1728232139.831:349): avc:  denied  { write } for  pid=6460 comm="syz.2.211" laddr=172.20.20.170 lport=256 faddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  185.286584][ T5344] Bluetooth: hci10: command 0x0c1a tx timeout
[  185.296783][ T5344] Bluetooth: hci3: command 0x0c1a tx timeout
[  185.366653][ T5347] Bluetooth: hci5: command 0x0c1a tx timeout
[  185.366730][ T5344] Bluetooth: hci4: command 0x0c1a tx timeout
[  185.739590][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  185.810215][ T1104] team0 (unregistering): Port device team_slave_0 removed
[  186.557126][ T6490] netlink: 32 bytes leftover after parsing attributes in process `syz.3.217'.
[  186.618266][ T6146] IPVS: starting estimator thread 0...
[  186.632756][ T6462] netlink: 'syz.0.206': attribute type 4 has an invalid length.
[  186.716646][ T6491] IPVS: using max 34 ests per chain, 81600 per kthread
[  186.781914][ T6493] netlink: 'syz.0.218': attribute type 1 has an invalid length.
[  186.785131][ T6493] netlink: 'syz.0.218': attribute type 2 has an invalid length.
[  186.800650][ T6493] netlink: 'syz.0.218': attribute type 13 has an invalid length.
[  186.805147][ T6493] netlink: 'syz.0.218': attribute type 58 has an invalid length.
[  186.808573][ T6493] netlink: 152 bytes leftover after parsing attributes in process `syz.0.218'.
[  186.927142][ T6498] capability: warning: `syz.0.220' uses deprecated v2 capabilities in a way that may be insecure
[  186.950559][ T6498] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  186.957354][ T6498] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0
[  187.367215][ T5344] Bluetooth: hci3: command 0x0c1a tx timeout
[  187.367247][ T5347] Bluetooth: hci10: command 0x0c1a tx timeout
[  187.447720][ T5344] Bluetooth: hci5: command 0x0c1a tx timeout
[  187.447743][ T5347] Bluetooth: hci4: command 0x0c1a tx timeout
[  188.526666][ T5347] Bluetooth: hci5: ACL packet for unknown connection handle 201
[  188.530641][   T39] audit: type=1400 audit(1728232143.741:350): avc:  denied  { attach_queue } for  pid=6520 comm="syz.2.227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  188.581947][   T39] audit: type=1400 audit(1728232143.801:351): avc:  denied  { ioctl } for  pid=6518 comm="syz.1.226" path="/dev/vhost-net" dev="devtmpfs" ino=1114 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  188.766390][   T39] audit: type=1400 audit(1728232143.981:352): avc:  denied  { set_context_mgr } for  pid=6525 comm="syz.3.228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  188.796942][   T39] audit: type=1400 audit(1728232144.021:353): avc:  denied  { search } for  pid=4814 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  188.879844][   T39] audit: type=1400 audit(1728232144.101:354): avc:  denied  { read write } for  pid=6528 comm="syz.2.229" name="uhid" dev="devtmpfs" ino=1110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  188.891207][   T39] audit: type=1400 audit(1728232144.101:355): avc:  denied  { open } for  pid=6528 comm="syz.2.229" path="/dev/uhid" dev="devtmpfs" ino=1110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  188.906166][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.912504][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.926400][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.929099][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.936569][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.939280][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.943803][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.952074][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.956389][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.961561][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.967042][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.973090][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.978422][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.983432][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.990718][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.994481][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  188.999915][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.001993][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.004075][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.006080][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.008690][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.010762][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.012745][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.014857][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.017421][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.019491][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.021535][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.023521][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.025594][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.029119][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.031982][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.033972][ T5336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  189.052592][ T5336] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  189.186560][ T1286] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  189.305676][   T39] audit: type=1326 audit(1728232144.521:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6532 comm="syz.3.231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67abb7dff9 code=0x7ffc0000
[  189.312143][   T39] audit: type=1326 audit(1728232144.521:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6532 comm="syz.3.231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67abb7dff9 code=0x7ffc0000
[  189.320912][   T39] audit: type=1326 audit(1728232144.541:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6532 comm="syz.3.231" exe="/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f67abb7dff9 code=0x7ffc0000
[  189.329031][   T39] audit: type=1326 audit(1728232144.541:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6532 comm="syz.3.231" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f67abb74fa7 code=0x7ffc0000
[  189.359283][ T1286] usb 7-1: config 0 has no interfaces?
[  189.360803][ T1286] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  189.363161][ T1286] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.384747][ T1286] usb 7-1: config 0 descriptor??
[  189.750235][ T1286] usb 7-1: USB disconnect, device number 2
[  190.554734][ T6544] FAULT_INJECTION: forcing a failure.
[  190.554734][ T6544] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  190.568277][ T6544] CPU: 2 UID: 0 PID: 6544 Comm: syz.2.234 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  190.571011][ T6544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.573782][ T6544] Call Trace:
[  190.574659][ T6544]  <TASK>
[  190.575437][ T6544]  dump_stack_lvl+0x16c/0x1f0
[  190.576730][ T6544]  should_fail_ex+0x497/0x5b0
[  190.577984][ T6544]  ? fs_reclaim_acquire+0xae/0x160
[  190.579323][ T6544]  should_fail_alloc_page+0xe7/0x130
[  190.580708][ T6544]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  190.582310][ T6544]  ? stack_depot_save_flags+0x28/0x8f0
[  190.583731][ T6544]  __alloc_pages_noprof+0x190/0x25c0
[  190.585105][ T6544]  ? kasan_save_stack+0x33/0x60
[  190.586382][ T6544]  ? kasan_save_track+0x14/0x30
[  190.587652][ T6544]  ? __kasan_kmalloc+0xaa/0xb0
[  190.588896][ T6544]  ? __kmalloc_noprof+0x1e8/0x400
[  190.590212][ T6544]  ? bio_kmalloc+0x41/0x70
[  190.591380][ T6544]  ? blk_rq_map_kern+0x400/0x760
[  190.592673][ T6544]  ? scsi_execute_cmd+0xc09/0xf40
[  190.594007][ T6544]  ? sr_check_events+0x1f3/0xab0
[  190.595302][ T6544]  ? cdrom_check_events+0x65/0x110
[  190.596637][ T6544]  ? sr_block_check_events+0xc4/0x100
[  190.598031][ T6544]  ? disk_check_events+0xbe/0x410
[  190.599340][ T6544]  ? disk_check_media_change+0x101/0x280
[  190.600798][ T6544]  ? sr_block_open+0xe1/0x270
[  190.602037][ T6544]  ? blkdev_get_whole+0x96/0x290
[  190.603330][ T6544]  ? bdev_open+0x2c7/0xe20
[  190.604506][ T6544]  ? blkdev_open+0x36c/0x450
[  190.605724][ T6544]  ? do_dentry_open+0x6ca/0x1530
[  190.607011][ T6544]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  190.608484][ T6544]  ? do_sys_openat2+0x17a/0x1e0
[  190.609767][ T6544]  ? do_syscall_64+0xcd/0x250
[  190.611213][ T6544]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  190.612807][ T6544]  ? policy_nodemask+0xea/0x4e0
[  190.614140][ T6544]  alloc_pages_mpol_noprof+0x2c9/0x610
[  190.615596][ T6544]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  190.617189][ T6544]  ? trace_kmalloc+0x2d/0xe0
[  190.618427][ T6544]  ? __kmalloc_noprof+0x207/0x400
[  190.619760][ T6544]  blk_rq_map_kern+0x465/0x760
[  190.621026][ T6544]  scsi_execute_cmd+0xc09/0xf40
[  190.622322][ T6544]  ? __pfx_mark_lock+0x10/0x10
[  190.623579][ T6544]  ? hlock_class+0x4e/0x130
[  190.624786][ T6544]  ? __lock_acquire+0x163e/0x3ce0
[  190.626117][ T6544]  ? __pfx_scsi_execute_cmd+0x10/0x10
[  190.627483][ T6544]  ? __lock_acquire+0x163e/0x3ce0
[  190.628737][ T6544]  ? hlock_class+0x4e/0x130
[  190.629944][ T6544]  sr_check_events+0x1f3/0xab0
[  190.631210][ T6544]  ? __pfx_sr_check_events+0x10/0x10
[  190.632605][ T6544]  ? hlock_class+0x4e/0x130
[  190.633818][ T6544]  ? mark_lock+0xb5/0xc60
[  190.634961][ T6544]  ? __pfx___lock_acquire+0x10/0x10
[  190.636325][ T6544]  ? lock_acquire.part.0+0x11b/0x380
[  190.637722][ T6544]  ? find_held_lock+0x2d/0x110
[  190.638985][ T6544]  cdrom_check_events+0x65/0x110
[  190.640284][ T6544]  sr_block_check_events+0xc4/0x100
[  190.641655][ T6544]  disk_check_events+0xbe/0x410
[  190.642931][ T6544]  ? _raw_spin_unlock_irq+0x23/0x50
[  190.644292][ T6544]  disk_check_media_change+0x101/0x280
[  190.645722][ T6544]  ? __pfx_disk_check_media_change+0x10/0x10
[  190.647288][ T6544]  ? lockdep_hardirqs_on+0x7c/0x110
[  190.648655][ T6544]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  190.650183][ T6544]  ? __pm_runtime_resume+0xc3/0x170
[  190.651550][ T6544]  sr_block_open+0xe1/0x270
[  190.652745][ T6544]  ? __pfx___mutex_lock+0x10/0x10
[  190.654084][ T6544]  ? __pfx_sr_block_open+0x10/0x10
[  190.655435][ T6544]  ? __pfx_sr_block_open+0x10/0x10
[  190.656775][ T6544]  blkdev_get_whole+0x96/0x290
[  190.658047][ T6544]  bdev_open+0x2c7/0xe20
[  190.659166][ T6544]  blkdev_open+0x36c/0x450
[  190.660346][ T6544]  do_dentry_open+0x6ca/0x1530
[  190.661619][ T6544]  ? __pfx_blkdev_open+0x10/0x10
[  190.662919][ T6544]  vfs_open+0x82/0x3f0
[  190.663996][ T6544]  ? may_open+0x1f2/0x400
[  190.665136][ T6544]  path_openat+0x1e6a/0x2d60
[  190.666371][ T6544]  ? __pfx_path_openat+0x10/0x10
[  190.667671][ T6544]  ? __pfx___lock_acquire+0x10/0x10
[  190.669039][ T6544]  do_filp_open+0x1dc/0x430
[  190.670239][ T6544]  ? __pfx_do_filp_open+0x10/0x10
[  190.671555][ T6544]  ? find_held_lock+0x2d/0x110
[  190.672824][ T6544]  ? _raw_spin_unlock+0x28/0x50
[  190.674115][ T6544]  ? alloc_fd+0x2d7/0x6c0
[  190.675376][ T6544]  do_sys_openat2+0x17a/0x1e0
[  190.676634][ T6544]  ? __pfx_do_sys_openat2+0x10/0x10
[  190.678036][ T6544]  ? __fget_files+0x244/0x3f0
[  190.679284][ T6544]  __x64_sys_openat+0x175/0x210
[  190.680583][ T6544]  ? __pfx___x64_sys_openat+0x10/0x10
[  190.682007][ T6544]  ? ksys_write+0x1ad/0x260
[  190.683223][ T6544]  do_syscall_64+0xcd/0x250
[  190.684434][ T6544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.686006][ T6544] RIP: 0033:0x7f3c5417dff9
[  190.687193][ T6544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.692185][ T6544] RSP: 002b:00007f3c54f05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  190.694409][ T6544] RAX: ffffffffffffffda RBX: 00007f3c54335f80 RCX: 00007f3c5417dff9
[  190.696466][ T6544] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  190.698528][ T6544] RBP: 00007f3c54f05090 R08: 0000000000000000 R09: 0000000000000000
[  190.700587][ T6544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.702667][ T6544] R13: 0000000000000001 R14: 00007f3c54335f80 R15: 00007ffce9152d18
[  190.704742][ T6544]  </TASK>
[  190.705701][    C2] vkms_vblank_simulate: vblank timer overrun
[  192.594018][ T6561] input: syz0 as /devices/virtual/input/input9
[  192.600750][ T6561] netlink: 20 bytes leftover after parsing attributes in process `syz.2.238'.
[  193.729612][   T39] kauditd_printk_skb: 4353 callbacks suppressed
[  193.731586][   T39] audit: type=1400 audit(1728232148.951:4711): avc:  denied  { ioctl } for  pid=6579 comm="syz.3.245" path="socket:[18944]" dev="sockfs" ino=18944 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  193.747530][ T5347] Bluetooth: hci10: unexpected cc 0x0c58 length: 4 > 2
[  193.750882][ T5347] Bluetooth: hci10: unexpected event for opcode 0x0c58
[  193.928087][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  193.929870][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[  194.479711][   T39] audit: type=1400 audit(1728232149.701:4712): avc:  denied  { ioctl } for  pid=6582 comm="syz.2.246" path="socket:[7809]" dev="sockfs" ino=7809 ioctlcmd=0x4947 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  194.490388][ T6583] netlink: 'syz.2.246': attribute type 10 has an invalid length.
[  194.492444][ T6583] ipvlan1: entered promiscuous mode
[  194.494201][ T6583] batman_adv: batadv0: Adding interface: ipvlan1
[  194.495881][ T6583] batman_adv: batadv0: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  194.498676][   T39] audit: type=1400 audit(1728232149.711:4713): avc:  denied  { bind } for  pid=6582 comm="syz.2.246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  194.502451][ T6583] batman_adv: batadv0: Not using interface ipvlan1 (retrying later): interface not active
[  194.589157][   T39] audit: type=1326 audit(1728232149.811:4714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6586 comm="syz.1.248" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb4edb7dff9 code=0x0
[  194.713840][   T39] audit: type=1400 audit(1728232149.931:4715): avc:  denied  { setopt } for  pid=6609 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  195.230871][   T39] audit: type=1400 audit(1728232150.441:4716): avc:  denied  { create } for  pid=6612 comm="syz.1.251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  195.296611][   T39] audit: type=1400 audit(1728232150.461:4717): avc:  denied  { setopt } for  pid=6612 comm="syz.1.251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  195.302398][   T39] audit: type=1400 audit(1728232150.481:4718): avc:  denied  { write } for  pid=6612 comm="syz.1.251" name="ppp" dev="devtmpfs" ino=714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  195.310019][ T6617] netlink: 16 bytes leftover after parsing attributes in process `syz.1.251'.
[  195.313699][ T6617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.251'.
[  196.293863][   T39] audit: type=1400 audit(1728232151.511:4719): avc:  denied  { block_suspend } for  pid=6619 comm="syz.2.254" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  196.299781][   T39] audit: type=1400 audit(1728232151.521:4720): avc:  denied  { module_load } for  pid=6619 comm="syz.2.254" path="/sys/power/wakeup_count" dev="sysfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  196.444123][ T6630] netlink: 4 bytes leftover after parsing attributes in process `syz.1.258'.
[  196.756609][ T5336] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[  196.896685][ T5336] usb 6-1: device descriptor read/64, error -71
[  197.137235][ T5336] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[  197.266959][ T5336] usb 6-1: device descriptor read/64, error -71
[  197.376763][ T5336] usb usb6-port1: attempt power cycle
[  197.768186][ T5347] Bluetooth: hci10: Controller not accepting commands anymore: ncmd = 0
[  197.770518][ T5347] Bluetooth: hci10: Injecting HCI hardware error event
[  197.773281][ T5347] Bluetooth: hci10: hardware error 0x00
[  198.143732][ T4770] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  198.147029][ T4770] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  198.157097][ T4770] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  198.161261][ T4770] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  198.166266][ T4770] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  198.168783][ T4770] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  198.234580][ T6657] FAULT_INJECTION: forcing a failure.
[  198.234580][ T6657] name failslab, interval 1, probability 0, space 0, times 0
[  198.238009][ T6657] CPU: 2 UID: 0 PID: 6657 Comm: syz.2.266 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  198.240737][ T6657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  198.243514][ T6657] Call Trace:
[  198.244392][ T6657]  <TASK>
[  198.245170][ T6657]  dump_stack_lvl+0x16c/0x1f0
[  198.246414][ T6657]  should_fail_ex+0x497/0x5b0
[  198.247648][ T6657]  ? fs_reclaim_acquire+0xae/0x160
[  198.248977][ T6657]  should_failslab+0xc2/0x120
[  198.250218][ T6657]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  198.251616][ T6657]  ? getname_flags.part.0+0x4c/0x550
[  198.252997][ T6657]  getname_flags.part.0+0x4c/0x550
[  198.254356][ T6657]  ? __pfx_ksys_write+0x10/0x10
[  198.255637][ T6657]  getname_flags+0x93/0xf0
[  198.256815][ T6657]  __x64_sys_symlinkat+0x86/0xc0
[  198.258128][ T6657]  do_syscall_64+0xcd/0x250
[  198.259334][ T6657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.260926][ T6657] RIP: 0033:0x7f3c5417dff9
[  198.262106][ T6657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.267021][ T6657] RSP: 002b:00007f3c54ee4038 EFLAGS: 00000246 ORIG_RAX: 000000000000010a
[  198.269183][ T6657] RAX: ffffffffffffffda RBX: 00007f3c54336058 RCX: 00007f3c5417dff9
[  198.271240][ T6657] RDX: 0000000020000480 RSI: ffffffffffffffff RDI: 0000000020000440
[  198.273302][ T6657] RBP: 00007f3c54ee4090 R08: 0000000000000000 R09: 0000000000000000
[  198.275359][ T6657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.277422][ T6657] R13: 0000000000000000 R14: 00007f3c54336058 R15: 00007ffce9152d18
[  198.279476][ T6657]  </TASK>
[  198.280387][    C2] vkms_vblank_simulate: vblank timer overrun
[  198.286707][ T5336] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[  198.318782][ T5336] usb 6-1: device descriptor read/8, error -71
[  198.428331][ T6649] chnl_net:caif_netlink_parms(): no params data found
[  198.556565][ T5336] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[  198.617260][ T5336] usb 6-1: device descriptor read/8, error -71
[  198.652255][ T6649] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.654256][ T6649] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.656284][ T6649] bridge_slave_0: entered allmulticast mode
[  198.664711][ T6649] bridge_slave_0: entered promiscuous mode
[  198.671034][ T6649] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.673174][ T6649] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.684641][ T6649] bridge_slave_1: entered allmulticast mode
[  198.688195][ T6649] bridge_slave_1: entered promiscuous mode
[  198.738044][ T5336] usb usb6-port1: unable to enumerate USB device
[  198.758394][ T6649] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.771935][ T6649] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.849709][ T6649] team0: Port device team_slave_0 added
[  198.854975][ T6649] team0: Port device team_slave_1 added
[  198.916352][ T6649] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.918458][ T6649] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.926060][ T6649] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.933041][ T6649] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.935097][ T6649] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.942600][ T6649] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.100376][ T6649] hsr_slave_0: entered promiscuous mode
[  199.107000][ T6649] hsr_slave_1: entered promiscuous mode
[  199.126026][ T6649] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  199.128441][ T6649] Cannot create hsr debugfs directory
[  199.250884][ T6672] FAULT_INJECTION: forcing a failure.
[  199.250884][ T6672] name failslab, interval 1, probability 0, space 0, times 0
[  199.254328][ T6672] CPU: 3 UID: 0 PID: 6672 Comm: syz.3.269 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  199.257071][ T6672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  199.259855][ T6672] Call Trace:
[  199.260740][ T6672]  <TASK>
[  199.261529][ T6672]  dump_stack_lvl+0x16c/0x1f0
[  199.262777][ T6672]  should_fail_ex+0x497/0x5b0
[  199.264020][ T6672]  ? fs_reclaim_acquire+0xae/0x160
[  199.265365][ T6672]  should_failslab+0xc2/0x120
[  199.266607][ T6672]  __kmalloc_noprof+0xcb/0x400
[  199.267992][ T6672]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  199.269489][ T6672]  tomoyo_realpath_from_path+0xb9/0x720
[  199.270949][ T6672]  ? tomoyo_path_number_perm+0x232/0x590
[  199.272441][ T6672]  tomoyo_path_number_perm+0x245/0x590
[  199.273890][ T6672]  ? tomoyo_path_number_perm+0x232/0x590
[  199.275354][ T6672]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  199.276946][ T6672]  ? trace_lock_acquire+0x14a/0x1d0
[  199.278334][ T6672]  ? lock_acquire+0x2f/0xb0
[  199.279537][ T6672]  ? __fget_files+0x40/0x3f0
[  199.280763][ T6672]  ? __fget_files+0x244/0x3f0
[  199.282014][ T6672]  security_file_ioctl+0x9b/0x240
[  199.283344][ T6672]  __x64_sys_ioctl+0xbb/0x220
[  199.284587][ T6672]  do_syscall_64+0xcd/0x250
[  199.285800][ T6672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.287352][ T6672] RIP: 0033:0x7f67abb7dff9
[  199.288530][ T6672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.293559][ T6672] RSP: 002b:00007f67ac923038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  199.295722][ T6672] RAX: ffffffffffffffda RBX: 00007f67abd35f80 RCX: 00007f67abb7dff9
[  199.297820][ T6672] RDX: 0000000020000000 RSI: 000000004008af30 RDI: 0000000000000003
[  199.299892][ T6672] RBP: 00007f67ac923090 R08: 0000000000000000 R09: 0000000000000000
[  199.301957][ T6672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.304009][ T6672] R13: 0000000000000000 R14: 00007f67abd35f80 R15: 00007fff37afec88
[  199.306078][ T6672]  </TASK>
[  199.315627][ T6672] ERROR: Out of memory at tomoyo_realpath_from_path.
[  199.398683][ T6649] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.564386][ T6649] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.613735][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  199.613747][   T39] audit: type=1400 audit(1728232154.831:4724): avc:  denied  { write } for  pid=6684 comm="syz.3.274" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  199.846681][ T5347] Bluetooth: hci10: Opcode 0x0c03 failed: -110
[  200.253898][ T5347] Bluetooth: hci1: command tx timeout
[  200.572065][ T6649] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.445480][ T6649] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.705242][ T6649] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  201.719093][ T6649] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  201.839842][   T39] audit: type=1400 audit(1728232157.061:4725): avc:  denied  { map } for  pid=6705 comm="syz.3.281" path="socket:[19249]" dev="sockfs" ino=19249 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  201.882059][  T212] bridge_slave_1: left allmulticast mode
[  201.882092][  T212] bridge_slave_1: left promiscuous mode
[  201.882177][  T212] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.884264][  T212] bridge_slave_0: left allmulticast mode
[  201.884276][  T212] bridge_slave_0: left promiscuous mode
[  201.884340][  T212] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.264054][   T39] audit: type=1400 audit(1728232157.481:4726): avc:  denied  { mount } for  pid=6717 comm="syz.1.285" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  202.336678][ T5347] Bluetooth: hci1: command tx timeout
[  202.717310][  T212] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  202.726864][  T212] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  202.731043][  T212] bond0 (unregistering): Released all slaves
[  202.735015][ T6649] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  202.754386][ T6649] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  202.787193][   T39] audit: type=1400 audit(1728232158.011:4727): avc:  denied  { watch } for  pid=6721 comm="syz.1.286" path="/26/cgroup.kill" dev="tmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  202.796797][   T39] audit: type=1400 audit(1728232158.011:4728): avc:  denied  { watch_sb watch_reads } for  pid=6721 comm="syz.1.286" path="/26/cgroup.kill" dev="tmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  202.803170][   T39] audit: type=1400 audit(1728232158.011:4729): avc:  denied  { watch watch_reads } for  pid=6721 comm="syz.1.286" path="/26" dev="tmpfs" ino=161 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  202.811023][   T39] audit: type=1400 audit(1728232158.011:4730): avc:  denied  { setattr } for  pid=6721 comm="syz.1.286" name="ptmx" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ptmx_t tclass=chr_file permissive=1
[  203.009159][ T6732] FAULT_INJECTION: forcing a failure.
[  203.009159][ T6732] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  203.013380][ T6732] CPU: 3 UID: 0 PID: 6732 Comm: syz.1.288 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  203.016111][ T6732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.018861][ T6732] Call Trace:
[  203.019723][ T6732]  <TASK>
[  203.020480][ T6732]  dump_stack_lvl+0x16c/0x1f0
[  203.021657][ T6732]  should_fail_ex+0x497/0x5b0
[  203.022875][ T6732]  _copy_to_user+0x30/0xc0
[  203.024026][ T6732]  sctp_getsockopt+0x6fc/0x74a0
[  203.025300][ T6732]  ? avc_has_perm_noaudit+0x119/0x3a0
[  203.026702][ T6732]  ? __pfx_lock_release+0x10/0x10
[  203.028251][ T6732]  ? trace_lock_acquire+0x14a/0x1d0
[  203.029622][ T6732]  ? __pfx_mark_lock+0x10/0x10
[  203.030831][ T6732]  ? __pfx_sctp_getsockopt+0x10/0x10
[  203.032177][ T6732]  ? avc_has_perm+0x11b/0x1c0
[  203.033377][ T6732]  ? __pfx___lock_acquire+0x10/0x10
[  203.034684][ T6732]  ? find_held_lock+0x2d/0x110
[  203.035886][ T6732]  ? __might_fault+0x13b/0x190
[  203.037148][ T6732]  ? __pfx_lock_release+0x10/0x10
[  203.038467][ T6732]  ? trace_lock_acquire+0x14a/0x1d0
[  203.039826][ T6732]  ? lock_acquire+0x2f/0xb0
[  203.041008][ T6732]  ? __might_fault+0xe3/0x190
[  203.042249][ T6732]  ? __might_fault+0xe3/0x190
[  203.043484][ T6732]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  203.045028][ T6732]  ? do_sock_getsockopt+0x3fe/0x800
[  203.046400][ T6732]  do_sock_getsockopt+0x3fe/0x800
[  203.047748][ T6732]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  203.049201][ T6732]  ? __fget_files+0x244/0x3f0
[  203.050458][ T6732]  __sys_getsockopt+0x1a1/0x270
[  203.051715][ T6732]  ? __pfx___sys_getsockopt+0x10/0x10
[  203.053079][ T6732]  ? fput+0x30/0x390
[  203.054070][ T6732]  ? ksys_write+0x1ad/0x260
[  203.055216][ T6732]  ? __pfx_ksys_write+0x10/0x10
[  203.056458][ T6732]  __x64_sys_getsockopt+0xbd/0x160
[  203.057783][ T6732]  ? do_syscall_64+0x91/0x250
[  203.059017][ T6732]  ? lockdep_hardirqs_on+0x7c/0x110
[  203.060372][ T6732]  do_syscall_64+0xcd/0x250
[  203.061580][ T6732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.063108][ T6732] RIP: 0033:0x7fb4edb7dff9
[  203.064268][ T6732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.069220][ T6732] RSP: 002b:00007fb4ee98e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  203.071362][ T6732] RAX: ffffffffffffffda RBX: 00007fb4edd35f80 RCX: 00007fb4edb7dff9
[  203.073407][ T6732] RDX: 0000000000000073 RSI: 0000000000000084 RDI: 0000000000000003
[  203.075454][ T6732] RBP: 00007fb4ee98e090 R08: 00000000200004c0 R09: 0000000000000000
[  203.077499][ T6732] R10: 0000000020000540 R11: 0000000000000246 R12: 0000000000000001
[  203.079537][ T6732] R13: 0000000000000000 R14: 00007fb4edd35f80 R15: 00007ffd25e1f388
[  203.081586][ T6732]  </TASK>
[  203.253028][ T6649] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.260585][ T6649] 8021q: adding VLAN 0 to HW filter on device team0
[  203.265259][ T1102] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.267176][ T1102] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.277531][ T1109] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.279422][ T1109] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.286397][   T39] audit: type=1400 audit(1728232158.501:4731): avc:  denied  { connect } for  pid=6735 comm="syz.3.290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  203.295539][   T39] audit: type=1400 audit(1728232158.511:4732): avc:  denied  { write } for  pid=6735 comm="syz.3.290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  203.308970][   T39] audit: type=1400 audit(1728232158.511:4733): avc:  denied  { ioctl } for  pid=6735 comm="syz.3.290" path="socket:[19804]" dev="sockfs" ino=19804 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  203.360423][  T212] hsr_slave_0: left promiscuous mode
[  203.367207][  T212] hsr_slave_1: left promiscuous mode
[  203.369336][  T212] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  203.371306][  T212] batman_adv: batadv0: Removing interface: batadv_slave_0
[  203.373651][  T212] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  203.375591][  T212] batman_adv: batadv0: Removing interface: batadv_slave_1
[  203.395234][  T212] veth1_macvtap: left promiscuous mode
[  203.396927][  T212] veth0_macvtap: left promiscuous mode
[  203.398458][  T212] veth1_vlan: left promiscuous mode
[  203.399854][  T212] veth0_vlan: left promiscuous mode
[  204.119417][  T212] team0 (unregistering): Port device team_slave_1 removed
[  204.237354][  T212] team0 (unregistering): Port device team_slave_0 removed
[  204.408468][ T5347] Bluetooth: hci1: command tx timeout
[  204.804844][ T6649] 8021q: adding VLAN 0 to HW filter on device batadv0
[  204.828544][ T6649] veth0_vlan: entered promiscuous mode
[  204.834612][ T6649] veth1_vlan: entered promiscuous mode
[  204.863742][ T6649] veth0_macvtap: entered promiscuous mode
[  204.868590][ T6649] veth1_macvtap: entered promiscuous mode
[  204.881062][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.883895][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.886413][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.890683][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.893238][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.895995][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.898836][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.901616][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.904162][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.909712][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.913128][ T6649] batman_adv: batadv0: Interface activated: batadv_slave_0
[  204.917924][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.920991][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.923499][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.926166][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.929595][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.932292][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.934822][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.937800][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.940338][ T6649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.943033][ T6649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.946387][ T6649] batman_adv: batadv0: Interface activated: batadv_slave_1
[  204.951814][ T6649] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  204.956578][ T6649] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  204.956835][ T6755] syz.1.295 uses obsolete (PF_INET,SOCK_PACKET)
[  204.958901][ T6649] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  204.962865][ T6649] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.038954][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.041040][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  205.057464][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.059525][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  205.087778][ T6757] netlink: 100 bytes leftover after parsing attributes in process `syz.0.263'.
[  205.149607][   T39] audit: type=1400 audit(1728232160.371:4734): avc:  denied  { connect } for  pid=6762 comm="syz.1.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  205.155620][   T39] audit: type=1400 audit(1728232160.371:4735): avc:  denied  { setopt } for  pid=6762 comm="syz.1.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  205.160926][   T39] audit: type=1400 audit(1728232160.371:4736): avc:  denied  { read } for  pid=6762 comm="syz.1.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  205.711063][   T39] audit: type=1400 audit(1728232160.931:4737): avc:  denied  { getopt } for  pid=6775 comm="syz.1.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  205.774761][ T6780] netlink: 16 bytes leftover after parsing attributes in process `syz.1.302'.
[  206.008722][ T6782] FAULT_INJECTION: forcing a failure.
[  206.008722][ T6782] name failslab, interval 1, probability 0, space 0, times 0
[  206.012180][ T6782] CPU: 3 UID: 0 PID: 6782 Comm: syz.0.303 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  206.014969][ T6782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  206.017777][ T6782] Call Trace:
[  206.018667][ T6782]  <TASK>
[  206.019456][ T6782]  dump_stack_lvl+0x16c/0x1f0
[  206.020757][ T6782]  should_fail_ex+0x497/0x5b0
[  206.022036][ T6782]  ? fs_reclaim_acquire+0xae/0x160
[  206.023392][ T6782]  should_failslab+0xc2/0x120
[  206.024650][ T6782]  __kmalloc_cache_noprof+0x6b/0x300
[  206.026055][ T6782]  ? snd_pcm_oss_change_params_locked+0x20c/0x3a60
[  206.027773][ T6782]  snd_pcm_oss_change_params_locked+0x20c/0x3a60
[  206.029455][ T6782]  ? trace_contention_end+0xea/0x140
[  206.030860][ T6782]  ? __mutex_lock+0x1a6/0x9c0
[  206.032111][ T6782]  ? __pfx___lock_acquire+0x10/0x10
[  206.033500][ T6782]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  206.035282][ T6782]  ? snd_pcm_oss_make_ready+0xc4/0x1b0
[  206.036725][ T6782]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  206.038222][ T6782]  ? __pfx___mutex_lock+0x10/0x10
[  206.039561][ T6782]  ? snd_pcm_stream_unlock_irq+0x90/0xb0
[  206.041047][ T6782]  snd_pcm_oss_make_ready+0xe6/0x1b0
[  206.042454][ T6782]  snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0
[  206.044057][ T6782]  ? lockdep_hardirqs_on+0x7c/0x110
[  206.045452][ T6782]  snd_pcm_oss_poll+0x99a/0xb80
[  206.046750][ T6782]  ? __pfx_snd_pcm_oss_poll+0x10/0x10
[  206.048165][ T6782]  ? __fget_files+0x244/0x3f0
[  206.049426][ T6782]  do_select+0xc9a/0x17b0
[  206.050589][ T6782]  ? __pfx_snd_pcm_oss_poll+0x10/0x10
[  206.052004][ T6782]  ? __pfx_do_select+0x10/0x10
[  206.053288][ T6782]  ? hlock_class+0x4e/0x130
[  206.054507][ T6782]  ? mark_lock+0xb5/0xc60
[  206.055653][ T6782]  ? hlock_class+0x4e/0x130
[  206.056863][ T6782]  ? mark_lock+0xb5/0xc60
[  206.058009][ T6782]  ? __pfx___pollwait+0x10/0x10
[  206.059302][ T6782]  ? __pfx_pollwake+0x10/0x10
[  206.060555][ T6782]  ? __pfx_pollwake+0x10/0x10
[  206.061829][ T6782]  ? lock_acquire+0x2f/0xb0
[  206.063030][ T6782]  ? __might_fault+0xe3/0x190
[  206.064277][ T6782]  ? __might_fault+0xe3/0x190
[  206.065534][ T6782]  ? core_sys_select+0x459/0xb80
[  206.066848][ T6782]  core_sys_select+0x459/0xb80
[  206.068314][ T6782]  ? __pfx_core_sys_select+0x10/0x10
[  206.069732][ T6782]  ? get_pid_task+0xfc/0x250
[  206.070996][ T6782]  ? set_user_sigmask+0x217/0x2a0
[  206.072326][ T6782]  ? __pfx_set_user_sigmask+0x10/0x10
[  206.073756][ T6782]  do_pselect.constprop.0+0x1a0/0x1f0
[  206.075174][ T6782]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  206.076747][ T6782]  __x64_sys_pselect6+0x183/0x240
[  206.078094][ T6782]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  206.079581][ T6782]  do_syscall_64+0xcd/0x250
[  206.080802][ T6782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.082410][ T6782] RIP: 0033:0x7f217577dff9
[  206.083605][ T6782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.088660][ T6782] RSP: 002b:00007f2176494038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  206.090885][ T6782] RAX: ffffffffffffffda RBX: 00007f2175935f80 RCX: 00007f217577dff9
[  206.092972][ T6782] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000040
[  206.095067][ T6782] RBP: 00007f2176494090 R08: 0000000000000000 R09: 0000000000000000
[  206.097167][ T6782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.099299][ T6782] R13: 0000000000000000 R14: 00007f2175935f80 R15: 00007ffdfcdddeb8
[  206.101415][ T6782]  </TASK>
[  206.453973][ T6787] netlink: 16 bytes leftover after parsing attributes in process `syz.0.305'.
[  206.497114][ T5347] Bluetooth: hci1: command tx timeout
[  209.709304][   T39] audit: type=1400 audit(1728232164.921:4738): avc:  denied  { execute } for  pid=6799 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  209.715944][   T39] audit: type=1400 audit(1728232164.921:4739): avc:  denied  { execute_no_trans } for  pid=6799 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  209.866543][ T4770] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  209.869998][ T4770] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  209.876599][ T4770] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  209.879540][ T4770] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  209.881723][ T4770] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  209.884116][ T4770] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  210.010870][ T6805] chnl_net:caif_netlink_parms(): no params data found
[  210.082549][ T6805] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.084520][ T6805] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.089039][ T6805] bridge_slave_0: entered allmulticast mode
[  210.091107][ T6805] bridge_slave_0: entered promiscuous mode
[  210.094984][ T6805] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.096953][ T6805] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.098837][ T6805] bridge_slave_1: entered allmulticast mode
[  210.100821][ T6805] bridge_slave_1: entered promiscuous mode
[  210.132701][ T6805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.139302][ T6805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.163754][ T6805] team0: Port device team_slave_0 added
[  210.167767][ T6805] team0: Port device team_slave_1 added
[  210.191063][ T6805] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.193321][ T6805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.203326][ T6805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.207183][ T6805] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.209010][ T6805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.215621][ T6805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.248004][ T6805] hsr_slave_0: entered promiscuous mode
[  210.250839][ T6805] hsr_slave_1: entered promiscuous mode
[  210.383493][ T6805] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.590361][ T6805] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.689211][ T6805] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.740289][ T6805] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.825017][ T6805] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  210.859148][ T6805] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  211.452932][ T6805] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  211.702144][ T6805] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  211.782003][ T6805] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.789286][ T6805] 8021q: adding VLAN 0 to HW filter on device team0
[  211.793403][   T82] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.795314][   T82] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.800105][   T82] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.802041][   T82] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.891048][ T6805] 8021q: adding VLAN 0 to HW filter on device batadv0
[  211.909184][ T6805] veth0_vlan: entered promiscuous mode
[  211.914929][ T6805] veth1_vlan: entered promiscuous mode
[  211.924706][ T6805] veth0_macvtap: entered promiscuous mode
[  211.927970][ T5347] Bluetooth: hci0: command tx timeout
[  211.930278][ T6805] veth1_macvtap: entered promiscuous mode
[  211.938210][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  211.940947][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.943540][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  211.946205][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.948959][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  211.951629][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.954304][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  211.957181][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.963989][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  211.966869][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.969947][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  211.972761][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.977156][ T6805] batman_adv: batadv0: Interface activated: batadv_slave_0
[  211.980866][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.983776][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.987455][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.990215][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.992761][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.995440][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.998608][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.001310][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.003864][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.006758][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.009282][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.012024][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.015394][ T6805] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.021631][ T6805] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.025068][ T6805] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.027790][ T6805] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.030082][ T6805] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.049794][ T6855] binder: 6854:6855 ioctl 80089203 20000000 returned -22
[  212.095097][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.101860][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.113801][  T212] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.116261][  T212] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.785466][   T39] audit: type=1400 audit(1728232168.001:4740): avc:  denied  { open } for  pid=6868 comm="syz.3.321" path="/dev/ptyqb" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  212.791643][   T39] audit: type=1400 audit(1728232168.001:4741): avc:  denied  { ioctl } for  pid=6868 comm="syz.3.321" path="/dev/ptyqb" dev="devtmpfs" ino=138 ioctlcmd=0x5414 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  213.102240][ T5347] Bluetooth: hci4: unexpected event for opcode 0x0c38
[  213.110413][   T39] audit: type=1400 audit(1728232168.331:4742): avc:  denied  { mount } for  pid=6871 comm="syz.1.322" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  213.118219][   T39] audit: type=1400 audit(1728232168.331:4743): avc:  denied  { remount } for  pid=6871 comm="syz.1.322" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  213.138776][ T6874] netlink: 'syz.2.323': attribute type 4 has an invalid length.
[  213.140926][ T6874] netlink: 164 bytes leftover after parsing attributes in process `syz.2.323'.
[  213.144841][   T39] audit: type=1400 audit(1728232168.361:4744): avc:  denied  { bind } for  pid=6873 comm="syz.2.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  213.226291][ T6877] FAULT_INJECTION: forcing a failure.
[  213.226291][ T6877] name failslab, interval 1, probability 0, space 0, times 0
[  213.230669][ T6877] CPU: 2 UID: 0 PID: 6877 Comm: syz.2.324 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  213.233479][ T6877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.236280][ T6877] Call Trace:
[  213.237174][ T6877]  <TASK>
[  213.237968][ T6877]  dump_stack_lvl+0x16c/0x1f0
[  213.239225][ T6877]  should_fail_ex+0x497/0x5b0
[  213.240478][ T6877]  ? fs_reclaim_acquire+0xae/0x160
[  213.241843][ T6877]  should_failslab+0xc2/0x120
[  213.243095][ T6877]  kmem_cache_alloc_node_noprof+0x71/0x310
[  213.244634][ T6877]  ? __alloc_skb+0x2b1/0x380
[  213.245900][ T6877]  __alloc_skb+0x2b1/0x380
[  213.247093][ T6877]  ? __pfx___alloc_skb+0x10/0x10
[  213.248414][ T6877]  ? selinux_socket_getpeersec_dgram+0x1a5/0x370
[  213.250100][ T6877]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  213.251861][ T6877]  netlink_alloc_large_skb+0x69/0x130
[  213.253311][ T6877]  netlink_sendmsg+0x689/0xd70
[  213.254592][ T6877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.255997][ T6877]  ? __import_iovec+0x1fd/0x6e0
[  213.257306][ T6877]  ____sys_sendmsg+0xaaf/0xc90
[  213.258572][ T6877]  ? copy_msghdr_from_user+0x10b/0x160
[  213.260023][ T6877]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.261435][ T6877]  ? __pfx___lock_acquire+0x10/0x10
[  213.262819][ T6877]  ___sys_sendmsg+0x135/0x1e0
[  213.264081][ T6877]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.265476][ T6877]  ? lock_acquire+0x2f/0xb0
[  213.266709][ T6877]  ? __fget_files+0x40/0x3f0
[  213.267967][ T6877]  ? fdget+0x176/0x210
[  213.269100][ T6877]  __sys_sendmsg+0x117/0x1f0
[  213.270357][ T6877]  ? __pfx___sys_sendmsg+0x10/0x10
[  213.271726][ T6877]  ? __fget_files+0x244/0x3f0
[  213.273006][ T6877]  do_syscall_64+0xcd/0x250
[  213.274246][ T6877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.275826][ T6877] RIP: 0033:0x7feeb457dff9
[  213.277054][ T6877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.282080][ T6877] RSP: 002b:00007feeb528e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.284277][ T6877] RAX: ffffffffffffffda RBX: 00007feeb4735f80 RCX: 00007feeb457dff9
[  213.286483][ T6877] RDX: 0000000000000080 RSI: 0000000020000380 RDI: 0000000000000008
[  213.288566][ T6877] RBP: 00007feeb528e090 R08: 0000000000000000 R09: 0000000000000000
[  213.290664][ T6877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.292755][ T6877] R13: 0000000000000000 R14: 00007feeb4735f80 R15: 00007ffe1dd7abe8
[  213.294854][ T6877]  </TASK>
[  213.300556][ T6877] netlink: 'syz.2.324': attribute type 9 has an invalid length.
[  213.304687][ T6877] bond_slave_0: entered promiscuous mode
[  213.306418][ T6877] bond_slave_1: entered promiscuous mode
[  213.308212][ T6877] macvlan2: entered promiscuous mode
[  213.309729][ T6877] bond0: entered promiscuous mode
[  213.312158][ T6877] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  213.388218][ T6882] netlink: 'syz.2.326': attribute type 9 has an invalid length.
[  213.392615][ T6882] macvlan3: entered promiscuous mode
[  213.394619][ T6882] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  213.550173][   T39] audit: type=1400 audit(1728232168.771:4745): avc:  denied  { view } for  pid=6885 comm="syz.2.328" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  213.559362][ T6887] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.328'.
[  213.626372][   T39] audit: type=1400 audit(1728232168.841:4746): avc:  denied  { unmount } for  pid=6229 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  213.694683][ T6893] mmap: syz.3.330 (6893) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  214.006820][ T5347] Bluetooth: hci0: command tx timeout
[  214.581016][ T6905] FAULT_INJECTION: forcing a failure.
[  214.581016][ T6905] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.584657][ T6905] CPU: 2 UID: 0 PID: 6905 Comm: syz.1.334 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  214.587400][ T6905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  214.590194][ T6905] Call Trace:
[  214.591070][ T6905]  <TASK>
[  214.591852][ T6905]  dump_stack_lvl+0x16c/0x1f0
[  214.593101][ T6905]  should_fail_ex+0x497/0x5b0
[  214.594350][ T6905]  _copy_from_user+0x30/0xf0
[  214.595560][ T6905]  sctp_setsockopt+0x204a/0xb810
[  214.596849][ T6905]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  214.598606][ T6905]  ? finish_task_switch.isra.0+0x212/0xcc0
[  214.600128][ T6905]  ? __pfx_sctp_setsockopt+0x10/0x10
[  214.601515][ T6905]  ? find_held_lock+0x2d/0x110
[  214.602775][ T6905]  ? selinux_socket_setsockopt+0x6a/0x80
[  214.604248][ T6905]  ? sock_common_setsockopt+0x2e/0xf0
[  214.605664][ T6905]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  214.607225][ T6905]  do_sock_setsockopt+0x222/0x480
[  214.608546][ T6905]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  214.610006][ T6905]  ? fdget+0x176/0x210
[  214.611086][ T6905]  __sys_setsockopt+0x1a4/0x270
[  214.612379][ T6905]  ? __pfx___sys_setsockopt+0x10/0x10
[  214.613797][ T6905]  ? fput+0x30/0x390
[  214.614828][ T6905]  ? ksys_write+0x1ad/0x260
[  214.616024][ T6905]  __x64_sys_setsockopt+0xbd/0x160
[  214.617370][ T6905]  ? do_syscall_64+0x91/0x250
[  214.618603][ T6905]  ? lockdep_hardirqs_on+0x7c/0x110
[  214.619964][ T6905]  do_syscall_64+0xcd/0x250
[  214.621159][ T6905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.622714][ T6905] RIP: 0033:0x7fb4edb7dff9
[  214.623894][ T6905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.629004][ T6905] RSP: 002b:00007fb4ee98e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  214.631203][ T6905] RAX: ffffffffffffffda RBX: 00007fb4edd35f80 RCX: 00007fb4edb7dff9
[  214.633276][ T6905] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 0000000000000006
[  214.635335][ T6905] RBP: 00007fb4ee98e090 R08: 000000000001000f R09: 0000000000000000
[  214.637356][ T6905] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  214.639295][ T6905] R13: 0000000000000000 R14: 00007fb4edd35f80 R15: 00007ffd25e1f388
[  214.641264][ T6905]  </TASK>
[  214.700895][ T6907] netlink: 100 bytes leftover after parsing attributes in process `syz.1.335'.
[  214.808453][ T6911] FAULT_INJECTION: forcing a failure.
[  214.808453][ T6911] name failslab, interval 1, probability 0, space 0, times 0
[  214.811859][ T6911] CPU: 3 UID: 0 PID: 6911 Comm: syz.1.337 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  214.814631][ T6911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  214.817413][ T6911] Call Trace:
[  214.818293][ T6911]  <TASK>
[  214.819069][ T6911]  dump_stack_lvl+0x16c/0x1f0
[  214.820316][ T6911]  should_fail_ex+0x497/0x5b0
[  214.821563][ T6911]  ? fs_reclaim_acquire+0xae/0x160
[  214.822903][ T6911]  should_failslab+0xc2/0x120
[  214.824140][ T6911]  __kmalloc_cache_noprof+0x6b/0x300
[  214.825532][ T6911]  ? __scm_send+0xebf/0x15d0
[  214.826754][ T6911]  __scm_send+0xebf/0x15d0
[  214.827935][ T6911]  ? avc_has_perm+0x11b/0x1c0
[  214.829178][ T6911]  ? __pfx___scm_send+0x10/0x10
[  214.830470][ T6911]  ? __pfx_mark_lock+0x10/0x10
[  214.831725][ T6911]  ? find_held_lock+0x2d/0x110
[  214.832993][ T6911]  unix_dgram_sendmsg+0x86b/0x19e0
[  214.834344][ T6911]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  214.836095][ T6911]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  214.837551][ T6911]  ____sys_sendmsg+0xaaf/0xc90
[  214.838809][ T6911]  ? __pfx_____sys_sendmsg+0x10/0x10
[  214.840195][ T6911]  ? __pfx___lock_acquire+0x10/0x10
[  214.841564][ T6911]  ___sys_sendmsg+0x135/0x1e0
[  214.842805][ T6911]  ? __pfx____sys_sendmsg+0x10/0x10
[  214.844174][ T6911]  ? lock_acquire+0x2f/0xb0
[  214.845375][ T6911]  ? __fget_files+0x40/0x3f0
[  214.846600][ T6911]  ? fdget+0x176/0x210
[  214.847681][ T6911]  __sys_sendmmsg+0x1a1/0x450
[  214.848922][ T6911]  ? __pfx___sys_sendmmsg+0x10/0x10
[  214.850297][ T6911]  ? vfs_write+0x14d/0x1140
[  214.851497][ T6911]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  214.853074][ T6911]  ? fput+0x30/0x390
[  214.854116][ T6911]  ? ksys_write+0x1ad/0x260
[  214.855313][ T6911]  ? __pfx_ksys_write+0x10/0x10
[  214.856594][ T6911]  __x64_sys_sendmmsg+0x9c/0x100
[  214.857905][ T6911]  ? lockdep_hardirqs_on+0x7c/0x110
[  214.859268][ T6911]  do_syscall_64+0xcd/0x250
[  214.860464][ T6911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.862012][ T6911] RIP: 0033:0x7fb4edb7dff9
[  214.863188][ T6911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.868145][ T6911] RSP: 002b:00007fb4ee98e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  214.870341][ T6911] RAX: ffffffffffffffda RBX: 00007fb4edd35f80 RCX: 00007fb4edb7dff9
[  214.872387][ T6911] RDX: 0000000000000001 RSI: 000000002000f8c0 RDI: 0000000000000004
[  214.874516][ T6911] RBP: 00007fb4ee98e090 R08: 0000000000000000 R09: 0000000000000000
[  214.876555][ T6911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.878598][ T6911] R13: 0000000000000000 R14: 00007fb4edd35f80 R15: 00007ffd25e1f388
[  214.880640][ T6911]  </TASK>
[  215.038001][   T39] audit: type=1400 audit(1728232170.261:4747): avc:  denied  { getopt } for  pid=6916 comm="syz.1.340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  215.046360][   T39] audit: type=1400 audit(1728232170.261:4748): avc:  denied  { setopt } for  pid=6916 comm="syz.1.340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  215.076436][   T39] audit: type=1400 audit(1728232170.291:4749): avc:  denied  { accept } for  pid=6918 comm="syz.1.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  215.113135][ T6921] netlink: 'syz.1.342': attribute type 9 has an invalid length.
[  215.121553][ T6921] bond_slave_0: entered promiscuous mode
[  215.123074][ T6921] bond_slave_1: entered promiscuous mode
[  215.124560][ T6921] macvlan2: entered promiscuous mode
[  215.125905][ T6921] bond0: entered promiscuous mode
[  215.129221][ T6921] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  216.086637][ T5347] Bluetooth: hci0: command tx timeout
[  216.278531][ T6938] netlink: 100 bytes leftover after parsing attributes in process `syz.1.347'.
[  216.886422][ T6961] netlink: 100 bytes leftover after parsing attributes in process `syz.1.356'.
[  217.126988][ T5347] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  217.129620][ T5347] Bluetooth: hci4: Injecting HCI hardware error event
[  217.132568][ T5347] Bluetooth: hci4: hardware error 0x00
[  217.723009][ T6983] netlink: 100 bytes leftover after parsing attributes in process `syz.2.365'.
[  217.814936][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.2.367'.
[  218.106592][ T5336] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  218.174297][ T4770] Bluetooth: hci0: command tx timeout
[  218.256580][ T5336] usb 7-1: Using ep0 maxpacket: 8
[  218.260648][ T5336] usb 7-1: config 0 has no interfaces?
[  218.262125][ T5336] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  218.264524][ T5336] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.270013][ T5336] usb 7-1: config 0 descriptor??
[  218.526401][ T6994] FAULT_INJECTION: forcing a failure.
[  218.526401][ T6994] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.536743][ T6994] CPU: 2 UID: 0 PID: 6994 Comm: syz.2.368 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  218.539533][ T6994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  218.542346][ T6994] Call Trace:
[  218.543237][ T6994]  <TASK>
[  218.544030][ T6994]  dump_stack_lvl+0x16c/0x1f0
[  218.545290][ T6994]  should_fail_ex+0x497/0x5b0
[  218.546543][ T6994]  _copy_to_user+0x30/0xc0
[  218.547727][ T6994]  simple_read_from_buffer+0xd0/0x160
[  218.549145][ T6994]  proc_fail_nth_read+0x198/0x270
[  218.550503][ T6994]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  218.551929][ T6994]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  218.553342][ T6994]  vfs_read+0x1ce/0xbd0
[  218.554452][ T6994]  ? __fget_files+0x23a/0x3f0
[  218.555700][ T6994]  ? fdget_pos+0x24c/0x360
[  218.556886][ T6994]  ? __pfx_lock_release+0x10/0x10
[  218.558226][ T6994]  ? trace_lock_acquire+0x14a/0x1d0
[  218.559611][ T6994]  ? __pfx_vfs_read+0x10/0x10
[  218.560859][ T6994]  ? __pfx___mutex_lock+0x10/0x10
[  218.562204][ T6994]  ? __fget_files+0x244/0x3f0
[  218.563453][ T6994]  ksys_read+0x12f/0x260
[  218.564582][ T6994]  ? __pfx_ksys_read+0x10/0x10
[  218.565864][ T6994]  do_syscall_64+0xcd/0x250
[  218.567077][ T6994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.568633][ T6994] RIP: 0033:0x7feeb457ca3c
[  218.569831][ T6994] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  218.574848][ T6994] RSP: 002b:00007feeb528e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  218.577026][ T6994] RAX: ffffffffffffffda RBX: 00007feeb4735f80 RCX: 00007feeb457ca3c
[  218.579097][ T6994] RDX: 000000000000000f RSI: 00007feeb528e0a0 RDI: 0000000000000012
[  218.581095][ T6994] RBP: 00007feeb528e090 R08: 0000000000000000 R09: 0000000000000000
[  218.583057][ T6994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.584963][ T6994] R13: 0000000000000000 R14: 00007feeb4735f80 R15: 00007ffe1dd7abe8
[  218.587038][ T6994]  </TASK>
[  219.185573][ T7018] netlink: 100 bytes leftover after parsing attributes in process `syz.1.375'.
[  219.206609][ T5347] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  219.211777][ T7020] hfs: invalid gid -1
[  219.212979][ T7020] hfs: unable to parse mount options
[  219.214675][   T39] audit: type=1400 audit(1728232174.431:4750): avc:  denied  { remount } for  pid=7019 comm="syz.1.376" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  219.220861][ T7020] =======================================================
[  219.220861][ T7020] WARNING: The mand mount option has been deprecated and
[  219.220861][ T7020]          and is ignored by this kernel. Remove the mand
[  219.220861][ T7020]          option from the mount to silence this warning.
[  219.220861][ T7020] =======================================================
[  219.226761][ T7021] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  219.252765][ T7024] netlink: 8 bytes leftover after parsing attributes in process `syz.1.377'.
[  219.264825][ T5336] usb 7-1: USB disconnect, device number 3
[  220.026142][ T7036] input: syz0 as /devices/virtual/input/input10
[  220.046438][ T7036] netlink: 20 bytes leftover after parsing attributes in process `syz.3.382'.
[  220.908922][ T7046] netlink: 100 bytes leftover after parsing attributes in process `syz.3.385'.
[  221.126311][ T7054] netlink: 8 bytes leftover after parsing attributes in process `syz.3.388'.
[  221.469423][ T7068] netlink: 100 bytes leftover after parsing attributes in process `syz.1.394'.
[  221.972840][ T7074] netlink: 8 bytes leftover after parsing attributes in process `syz.2.398'.
[  222.044079][ T4770] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  222.048357][ T4770] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  222.051442][ T4770] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  222.053907][ T4770] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  222.056420][ T4770] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  222.059598][ T4770] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  222.134028][ T7079] chnl_net:caif_netlink_parms(): no params data found
[  222.208863][ T7079] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.210751][ T7079] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.216822][ T7079] bridge_slave_0: entered allmulticast mode
[  222.218941][ T7079] bridge_slave_0: entered promiscuous mode
[  222.221682][ T7079] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.223638][ T7079] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.226208][ T7079] bridge_slave_1: entered allmulticast mode
[  222.229044][ T7079] bridge_slave_1: entered promiscuous mode
[  222.289571][ T7079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  222.293249][ T7079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  222.342843][ T7079] team0: Port device team_slave_0 added
[  222.355139][ T7079] team0: Port device team_slave_1 added
[  222.364270][ T7097] netlink: 100 bytes leftover after parsing attributes in process `syz.3.403'.
[  222.398801][ T7079] batman_adv: batadv0: Adding interface: batadv_slave_0
[  222.400644][ T7079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.412321][ T7079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  222.421178][ T7079] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.423080][ T7079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.433991][ T7079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  222.465288][ T7079] hsr_slave_0: entered promiscuous mode
[  222.471303][ T7079] hsr_slave_1: entered promiscuous mode
[  222.473257][ T7079] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  222.475322][ T7079] Cannot create hsr debugfs directory
[  222.613745][ T7079] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.676920][ T7079] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.794280][ T7079] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.986409][ T7079] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.992185][ T7103] netlink: 8 bytes leftover after parsing attributes in process `syz.1.406'.
[  223.646809][ T5347] Bluetooth: hci0: unexpected cc 0x0c58 length: 4 > 2
[  223.650186][ T5347] Bluetooth: hci0: unexpected event for opcode 0x0c58
[  224.093077][ T5347] Bluetooth: hci6: command tx timeout
[  224.520246][ T7079] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  224.560941][ T7079] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  224.584329][ T7079] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  224.592411][ T7079] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  224.627814][ T7079] 8021q: adding VLAN 0 to HW filter on device bond0
[  224.635397][ T7079] 8021q: adding VLAN 0 to HW filter on device team0
[  224.639557][  T212] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.641419][  T212] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.647776][  T212] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.649677][  T212] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.774479][ T7079] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.813110][ T7079] veth0_vlan: entered promiscuous mode
[  224.819073][ T7079] veth1_vlan: entered promiscuous mode
[  224.833756][ T7079] veth0_macvtap: entered promiscuous mode
[  224.839192][ T7079] veth1_macvtap: entered promiscuous mode
[  224.845299][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.859766][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.865554][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.870952][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.873995][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.879133][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.881766][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.884549][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.890848][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.893678][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.896302][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.901817][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.910005][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.912771][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.918051][ T7079] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.923158][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.925936][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.931016][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.933805][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.936382][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.940887][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.943509][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.946258][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.952218][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.955005][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.963837][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.971353][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.974033][ T7079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.981710][ T7079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.985365][ T7079] batman_adv: batadv0: Interface activated: batadv_slave_1
[  225.029233][ T7079] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.210828][ T7079] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.213703][ T7079] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.216058][ T7079] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.254135][  T212] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  225.258636][  T212] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  225.268963][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  225.271547][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.166573][ T5347] Bluetooth: hci6: command tx timeout
[  226.231898][ T7147] netlink: 100 bytes leftover after parsing attributes in process `syz.2.414'.
[  226.261915][ T7149] netlink: 8 bytes leftover after parsing attributes in process `syz.2.415'.
[  227.270510][ T7156] netlink: 'syz.2.417': attribute type 4 has an invalid length.
[  227.691505][ T5347] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  227.694970][ T5347] Bluetooth: hci0: Injecting HCI hardware error event
[  227.699285][ T5347] Bluetooth: hci0: hardware error 0x00
[  228.256995][ T4770] Bluetooth: hci6: command tx timeout
[  229.482720][ T7187] netlink: 96 bytes leftover after parsing attributes in process `syz.0.427'.
[  229.553410][ T7193] netlink: 20 bytes leftover after parsing attributes in process `syz.0.430'.
[  229.557630][ T7193] vlan2: entered promiscuous mode
[  229.766617][ T5347] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  230.324565][ T7204] No control pipe specified
[  230.336592][ T5347] Bluetooth: hci6: command tx timeout
[  231.512753][ T7221] netlink: 96 bytes leftover after parsing attributes in process `syz.2.437'.
[  232.551324][ T4770] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  232.554608][ T4770] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  232.558462][ T4770] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  232.562186][ T4770] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  232.564403][ T4770] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  232.566294][ T4770] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  232.642153][ T7236] chnl_net:caif_netlink_parms(): no params data found
[  232.700868][ T7250] netlink: 96 bytes leftover after parsing attributes in process `syz.0.447'.
[  232.735358][ T7253] input input11: cannot allocate more than FF_MAX_EFFECTS effects
[  232.768089][ T7236] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.770162][ T7236] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.772146][ T7236] bridge_slave_0: entered allmulticast mode
[  232.774979][ T7236] bridge_slave_0: entered promiscuous mode
[  232.778624][ T7236] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.781233][ T7236] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.783183][ T7236] bridge_slave_1: entered allmulticast mode
[  232.785254][ T7236] bridge_slave_1: entered promiscuous mode
[  232.861304][ T7236] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.869153][ T7236] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.903989][ T7236] team0: Port device team_slave_0 added
[  232.910664][ T7236] team0: Port device team_slave_1 added
[  232.937342][ T7236] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.939429][ T7236] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.946401][ T7236] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.953559][ T7236] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.955542][ T7236] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.967256][ T7236] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  232.984209][   T39] audit: type=1400 audit(1728232188.201:4751): avc:  denied  { write } for  pid=4814 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  232.996503][   T39] audit: type=1400 audit(1728232188.201:4752): avc:  denied  { remove_name } for  pid=4814 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  233.013500][   T39] audit: type=1400 audit(1728232188.201:4753): avc:  denied  { add_name } for  pid=4814 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  233.024914][ T7236] hsr_slave_0: entered promiscuous mode
[  233.027183][ T7236] hsr_slave_1: entered promiscuous mode
[  233.029311][ T7236] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  233.031540][ T7236] Cannot create hsr debugfs directory
[  233.147683][ T7236] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.215686][ T7236] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.367025][ T7236] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.564132][ T7236] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.736784][ T7236] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  233.781619][ T7236] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  233.784875][ T7236] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  233.789952][ T7236] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  233.828413][ T7236] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.837295][ T7236] 8021q: adding VLAN 0 to HW filter on device team0
[  233.843513][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.845448][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.851147][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.853135][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.269143][ T7236] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.291866][ T7236] veth0_vlan: entered promiscuous mode
[  234.296424][ T7236] veth1_vlan: entered promiscuous mode
[  234.313291][ T7236] veth0_macvtap: entered promiscuous mode
[  234.316350][ T7236] veth1_macvtap: entered promiscuous mode
[  234.322737][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.325435][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.328161][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.330930][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.334074][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.337922][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.340775][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.343433][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.346069][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.349199][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.351815][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.354626][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.361043][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.363861][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.366667][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.369359][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.372804][ T7236] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.382088][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.384855][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.387687][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.390513][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.393159][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.395925][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.402157][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.404939][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.407862][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.410646][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.414019][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.416893][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.419501][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.422249][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.424865][ T7236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.427889][ T7236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.431394][ T7236] batman_adv: batadv0: Interface activated: batadv_slave_1
[  234.435956][ T7236] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.442324][ T7236] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.444720][ T7236] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.447462][ T7236] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.531394][ T6288] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.533546][ T6288] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.553592][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.555763][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.604057][ T7286] No control pipe specified
[  234.606337][ T7289] netlink: 100 bytes leftover after parsing attributes in process `syz.0.455'.
[  234.646792][ T4770] Bluetooth: hci7: command tx timeout
[  236.727281][ T4770] Bluetooth: hci7: command tx timeout
[  237.367823][ T7326] netlink: 100 bytes leftover after parsing attributes in process `syz.3.464'.
[  237.480300][ T7334] No control pipe specified
[  238.807000][ T4770] Bluetooth: hci7: command tx timeout
[  239.256087][ T7357] netlink: 100 bytes leftover after parsing attributes in process `syz.1.475'.
[  239.611983][   T39] audit: type=1400 audit(1728232194.831:4754): avc:  denied  { append } for  pid=7370 comm="syz.3.480" name="video7" dev="devtmpfs" ino=895 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  239.629690][ T7373] FAULT_INJECTION: forcing a failure.
[  239.629690][ T7373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.636938][ T7373] CPU: 2 UID: 0 PID: 7373 Comm: syz.3.480 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  239.639726][ T7373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.642682][ T7373] Call Trace:
[  239.643567][ T7373]  <TASK>
[  239.644351][ T7373]  dump_stack_lvl+0x16c/0x1f0
[  239.645615][ T7373]  should_fail_ex+0x497/0x5b0
[  239.646868][ T7373]  _copy_from_user+0x30/0xf0
[  239.648092][ T7373]  snd_seq_oss_write+0x398/0x7b0
[  239.649421][ T7373]  ? __pfx_snd_seq_oss_write+0x10/0x10
[  239.650852][ T7373]  ? inode_security+0x101/0x130
[  239.652138][ T7373]  ? __pfx_odev_write+0x10/0x10
[  239.653454][ T7373]  odev_write+0x51/0xa0
[  239.654565][ T7373]  vfs_write+0x28e/0x1140
[  239.655714][ T7373]  ? __fget_files+0x23a/0x3f0
[  239.656968][ T7373]  ? __pfx_lock_release+0x10/0x10
[  239.658306][ T7373]  ? trace_lock_acquire+0x14a/0x1d0
[  239.659677][ T7373]  ? __pfx_vfs_write+0x10/0x10
[  239.660954][ T7373]  ? lock_acquire+0x2f/0xb0
[  239.662177][ T7373]  ? __fget_files+0x40/0x3f0
[  239.663428][ T7373]  ? __fget_files+0x244/0x3f0
[  239.664679][ T7373]  ksys_write+0x12f/0x260
[  239.665843][ T7373]  ? __pfx_ksys_write+0x10/0x10
[  239.667140][ T7373]  do_syscall_64+0xcd/0x250
[  239.668339][ T7373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.669894][ T7373] RIP: 0033:0x7ff2f237dff9
[  239.671065][ T7373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.676052][ T7373] RSP: 002b:00007ff2f30e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  239.678230][ T7373] RAX: ffffffffffffffda RBX: 00007ff2f2536058 RCX: 00007ff2f237dff9
[  239.680291][ T7373] RDX: 000000000000fd85 RSI: 0000000020000080 RDI: 0000000000000007
[  239.682349][ T7373] RBP: 00007ff2f30e2090 R08: 0000000000000000 R09: 0000000000000000
[  239.684404][ T7373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.686458][ T7373] R13: 0000000000000000 R14: 00007ff2f2536058 R15: 00007ffdb06a4ea8
[  239.688515][ T7373]  </TASK>
[  240.886625][ T4770] Bluetooth: hci7: command tx timeout
[  241.066214][   T39] audit: type=1400 audit(1728232196.281:4755): avc:  denied  { watch_mount } for  pid=7390 comm="syz.0.484" path="/25" dev="tmpfs" ino=152 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  241.076135][ T7391] netlink: 188 bytes leftover after parsing attributes in process `syz.0.484'.
[  241.083570][ T7391] netlink: 'syz.0.484': attribute type 1 has an invalid length.
[  241.096629][   T39] audit: type=1400 audit(1728232196.321:4756): avc:  denied  { ioctl } for  pid=7390 comm="syz.0.484" path="socket:[24632]" dev="sockfs" ino=24632 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  243.984010][   T39] audit: type=1400 audit(1728232199.201:4757): avc:  denied  { append } for  pid=7439 comm="syz.1.499" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  244.024744][ T7445] FAULT_INJECTION: forcing a failure.
[  244.024744][ T7445] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.029730][ T7445] CPU: 2 UID: 0 PID: 7445 Comm: syz.3.498 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  244.032532][ T7445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.035360][ T7445] Call Trace:
[  244.036267][ T7445]  <TASK>
[  244.037078][ T7445]  dump_stack_lvl+0x16c/0x1f0
[  244.038351][ T7445]  should_fail_ex+0x497/0x5b0
[  244.039615][ T7445]  _copy_from_user+0x30/0xf0
[  244.040852][ T7445]  tty_ioctl+0xca2/0x15d0
[  244.042016][ T7445]  ? __pfx_tty_ioctl+0x10/0x10
[  244.043298][ T7445]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  244.045108][ T7445]  ? trace_lock_acquire+0x14a/0x1d0
[  244.046503][ T7445]  ? selinux_file_ioctl+0x180/0x270
[  244.047886][ T7445]  ? selinux_file_ioctl+0xb4/0x270
[  244.049257][ T7445]  ? __pfx_tty_ioctl+0x10/0x10
[  244.050563][ T7445]  __x64_sys_ioctl+0x18f/0x220
[  244.051841][ T7445]  do_syscall_64+0xcd/0x250
[  244.053083][ T7445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.054641][ T7445] RIP: 0033:0x7ff2f237dff9
[  244.055828][ T7445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.060866][ T7445] RSP: 002b:00007ff2f3184038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  244.063058][ T7445] RAX: ffffffffffffffda RBX: 00007ff2f2535f80 RCX: 00007ff2f237dff9
[  244.065129][ T7445] RDX: 0000000000000000 RSI: 0000000000005414 RDI: 0000000000000003
[  244.067197][ T7445] RBP: 00007ff2f3184090 R08: 0000000000000000 R09: 0000000000000000
[  244.069281][ T7445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.071358][ T7445] R13: 0000000000000000 R14: 00007ff2f2535f80 R15: 00007ffdb06a4ea8
[  244.073453][ T7445]  </TASK>
[  244.105372][ T7450] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  244.346578][ T5375] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  244.380545][   T39] audit: type=1400 audit(1728232199.601:4758): avc:  denied  { name_bind } for  pid=7454 comm="syz.0.504" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  244.476568][ T5375] usb 6-1: device descriptor read/64, error -71
[  244.726736][ T5375] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  244.856744][ T5375] usb 6-1: device descriptor read/64, error -71
[  244.968417][ T5375] usb usb6-port1: attempt power cycle
[  245.310343][ T5375] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  245.327035][ T5375] usb 6-1: device descriptor read/8, error -71
[  245.576599][ T5375] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  245.597043][ T5375] usb 6-1: device descriptor read/8, error -71
[  245.707456][ T5375] usb usb6-port1: unable to enumerate USB device
[  246.811745][   T39] audit: type=1400 audit(1728232202.031:4759): avc:  denied  { ioctl } for  pid=7479 comm="syz.2.511" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=24441 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  246.818782][   T39] audit: type=1400 audit(1728232202.031:4760): avc:  denied  { setopt } for  pid=7479 comm="syz.2.511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  247.643573][   T39] audit: type=1400 audit(1728232202.861:4761): avc:  denied  { getopt } for  pid=7499 comm="syz.2.519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  247.700818][   T39] audit: type=1804 audit(1728232202.911:4762): pid=7504 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.520" name="/newroot/54/file0/file0" dev="9p" ino=35922400 res=1 errno=0
[  248.012485][ T7516] FAULT_INJECTION: forcing a failure.
[  248.012485][ T7516] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.020433][ T7516] CPU: 3 UID: 0 PID: 7516 Comm: syz.3.523 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  248.023199][ T7516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.025971][ T7516] Call Trace:
[  248.026864][ T7516]  <TASK>
[  248.027650][ T7516]  dump_stack_lvl+0x16c/0x1f0
[  248.028905][ T7516]  should_fail_ex+0x497/0x5b0
[  248.030167][ T7516]  _copy_to_user+0x30/0xc0
[  248.031348][ T7516]  simple_read_from_buffer+0xd0/0x160
[  248.032777][ T7516]  proc_fail_nth_read+0x198/0x270
[  248.034113][ T7516]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  248.035552][ T7516]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  248.037037][ T7516]  vfs_read+0x1ce/0xbd0
[  248.038145][ T7516]  ? __fget_files+0x23a/0x3f0
[  248.039391][ T7516]  ? fdget_pos+0x24c/0x360
[  248.040574][ T7516]  ? __pfx_lock_release+0x10/0x10
[  248.041918][ T7516]  ? trace_lock_acquire+0x14a/0x1d0
[  248.043278][ T7516]  ? __pfx_vfs_read+0x10/0x10
[  248.044517][ T7516]  ? __pfx___mutex_lock+0x10/0x10
[  248.045854][ T7516]  ? __fget_files+0x244/0x3f0
[  248.047098][ T7516]  ksys_read+0x12f/0x260
[  248.048228][ T7516]  ? __pfx_ksys_read+0x10/0x10
[  248.049515][ T7516]  do_syscall_64+0xcd/0x250
[  248.050722][ T7516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.052296][ T7516] RIP: 0033:0x7ff2f237ca3c
[  248.053821][ T7516] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  248.058776][ T7516] RSP: 002b:00007ff2f3184030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  248.061389][ T7516] RAX: ffffffffffffffda RBX: 00007ff2f2535f80 RCX: 00007ff2f237ca3c
[  248.063426][ T7516] RDX: 000000000000000f RSI: 00007ff2f31840a0 RDI: 0000000000000005
[  248.065470][ T7516] RBP: 00007ff2f3184090 R08: 0000000000000000 R09: 0000000000000000
[  248.067502][ T7516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.069575][ T7516] R13: 0000000000000000 R14: 00007ff2f2535f80 R15: 00007ffdb06a4ea8
[  248.071645][ T7516]  </TASK>
[  248.253209][ T5375] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  248.442906][ T5375] usb 5-1: Using ep0 maxpacket: 8
[  248.445517][ T5375] usb 5-1: config 0 has no interfaces?
[  248.447074][ T5375] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  248.449426][ T5375] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.458058][ T5375] usb 5-1: config 0 descriptor??
[  249.034013][ T7534] program syz.2.528 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  249.045450][   T39] audit: type=1400 audit(1728232204.261:4763): avc:  denied  { create } for  pid=7536 comm="syz.1.530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  249.052100][ T7534] netlink: 4 bytes leftover after parsing attributes in process `syz.2.528'.
[  249.167632][ T7539] 9pnet_fd: Insufficient options for proto=fd
[  249.169944][   T39] audit: type=1400 audit(1728232204.391:4764): avc:  denied  { ioctl } for  pid=7536 comm="syz.1.530" path="socket:[25636]" dev="sockfs" ino=25636 ioctlcmd=0x620f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  249.218392][  T829] usb 5-1: USB disconnect, device number 2
[  251.320701][ T7571] autofs: Bad value for 'fd'
[  253.914359][ T7607] autofs: Bad value for 'fd'
[  254.182128][   T39] audit: type=1400 audit(1728232209.401:4765): avc:  denied  { ioctl } for  pid=7610 comm="syz.3.552" path="socket:[25069]" dev="sockfs" ino=25069 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  254.215896][   T39] audit: type=1326 audit(1728232209.431:4766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7610 comm="syz.3.552" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f237dff9 code=0x7ffc0000
[  254.225832][   T39] audit: type=1326 audit(1728232209.431:4767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7610 comm="syz.3.552" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f237dff9 code=0x7ffc0000
[  254.232951][   T39] audit: type=1326 audit(1728232209.431:4768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7610 comm="syz.3.552" exe="/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7ff2f237dff9 code=0x7ffc0000
[  254.243892][   T39] audit: type=1326 audit(1728232209.431:4769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7610 comm="syz.3.552" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f237dff9 code=0x7ffc0000
[  254.251284][   T39] audit: type=1326 audit(1728232209.431:4770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7610 comm="syz.3.552" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff2f237dff9 code=0x7ffc0000
[  254.261599][   T39] audit: type=1326 audit(1728232209.431:4771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7610 comm="syz.3.552" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f237dff9 code=0x7ffc0000
[  254.268280][   T39] audit: type=1326 audit(1728232209.431:4772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7610 comm="syz.3.552" exe="/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ff2f237dff9 code=0x7ffc0000
[  254.274164][   T39] audit: type=1326 audit(1728232209.431:4773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7610 comm="syz.3.552" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff2f237e033 code=0x7ffc0000
[  254.284395][   T39] audit: type=1326 audit(1728232209.451:4774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7610 comm="syz.3.552" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff2f237e033 code=0x7ffc0000
[  254.707752][ T7621] netlink: 8 bytes leftover after parsing attributes in process `syz.2.551'.
[  254.739703][ T7623] FAULT_INJECTION: forcing a failure.
[  254.739703][ T7623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.743785][ T7623] CPU: 3 UID: 0 PID: 7623 Comm: syz.2.556 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  254.746650][ T7623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  254.749423][ T7623] Call Trace:
[  254.750306][ T7623]  <TASK>
[  254.751104][ T7623]  dump_stack_lvl+0x16c/0x1f0
[  254.752357][ T7623]  should_fail_ex+0x497/0x5b0
[  254.753628][ T7623]  _copy_to_user+0x30/0xc0
[  254.754796][ T7623]  simple_read_from_buffer+0xd0/0x160
[  254.756198][ T7623]  proc_fail_nth_read+0x198/0x270
[  254.757531][ T7623]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  254.758972][ T7623]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  254.760428][ T7623]  vfs_read+0x1ce/0xbd0
[  254.761546][ T7623]  ? __fget_files+0x23a/0x3f0
[  254.762797][ T7623]  ? fdget_pos+0x24c/0x360
[  254.763974][ T7623]  ? __pfx_lock_release+0x10/0x10
[  254.765305][ T7623]  ? trace_lock_acquire+0x14a/0x1d0
[  254.766662][ T7623]  ? __pfx_vfs_read+0x10/0x10
[  254.767893][ T7623]  ? __pfx___mutex_lock+0x10/0x10
[  254.769229][ T7623]  ? __fget_files+0x244/0x3f0
[  254.770472][ T7623]  ksys_read+0x12f/0x260
[  254.771587][ T7623]  ? __pfx_ksys_read+0x10/0x10
[  254.772872][ T7623]  do_syscall_64+0xcd/0x250
[  254.774082][ T7623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.775633][ T7623] RIP: 0033:0x7feeb457ca3c
[  254.776813][ T7623] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  254.781778][ T7623] RSP: 002b:00007feeb528e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  254.783928][ T7623] RAX: ffffffffffffffda RBX: 00007feeb4735f80 RCX: 00007feeb457ca3c
[  254.785984][ T7623] RDX: 000000000000000f RSI: 00007feeb528e0a0 RDI: 0000000000000005
[  254.788088][ T7623] RBP: 00007feeb528e090 R08: 0000000000000000 R09: 0000000000000000
[  254.790137][ T7623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.792177][ T7623] R13: 0000000000000000 R14: 00007feeb4735f80 R15: 00007ffe1dd7abe8
[  254.794243][ T7623]  </TASK>
[  255.436642][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  255.438497][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[  255.800618][ T7634] netlink: 'syz.0.558': attribute type 3 has an invalid length.
[  255.802958][ T7634] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.558'.
[  256.516054][ T7669] autofs: Unknown parameter '0x0000000000000000'
[  256.807864][ T7671] 
[  256.808561][ T7671] ======================================================
[  256.810389][ T7671] WARNING: possible circular locking dependency detected
[  256.812199][ T7671] 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0 Not tainted
[  256.814260][ T7671] ------------------------------------------------------
[  256.817253][ T7671] syz.2.562/7671 is trying to acquire lock:
[  256.818789][ T7671] ffff888057bf6258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x6d/0x3b0
[  256.821750][ T7671] 
[  256.821750][ T7671] but task is already holding lock:
[  256.823644][ T7671] ffff88804bc0d528 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x235/0x700
[  256.825947][ T7671] 
[  256.825947][ T7671] which lock already depends on the new lock.
[  256.825947][ T7671] 
[  256.828596][ T7671] 
[  256.828596][ T7671] the existing dependency chain (in reverse order) is:
[  256.830903][ T7671] 
[  256.830903][ T7671] -> #3 (&d->lock){+.+.}-{3:3}:
[  256.832735][ T7671]        __mutex_lock+0x175/0x9c0
[  256.834060][ T7671]        __rfcomm_dlc_close+0x235/0x700
[  256.835498][ T7671]        rfcomm_dlc_close+0x1eb/0x240
[  256.836910][ T7671]        __rfcomm_sock_close+0xa7/0x230
[  256.838348][ T7671]        rfcomm_sock_shutdown+0xd5/0x230
[  256.839898][ T7671]        rfcomm_sock_release+0x5d/0x140
[  256.841349][ T7671]        __sock_release+0xb0/0x270
[  256.842681][ T7671]        sock_close+0x1c/0x30
[  256.843906][ T7671]        __fput+0x3f6/0xb60
[  256.845102][ T7671]        task_work_run+0x14e/0x250
[  256.846439][ T7671]        get_signal+0x1ca/0x2770
[  256.847732][ T7671]        arch_do_signal_or_restart+0x90/0x7e0
[  256.849323][ T7671]        syscall_exit_to_user_mode+0x150/0x2a0
[  256.850921][ T7671]        do_syscall_64+0xda/0x250
[  256.852234][ T7671]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.853901][ T7671] 
[  256.853901][ T7671] -> #2 (rfcomm_mutex){+.+.}-{3:3}:
[  256.855821][ T7671]        __mutex_lock+0x175/0x9c0
[  256.857137][ T7671]        rfcomm_dlc_exists+0x5f/0x1a0
[  256.858561][ T7671]        rfcomm_dev_ioctl+0x9e6/0x1ca0
[  256.860019][ T7671]        rfcomm_sock_ioctl+0xb4/0xe0
[  256.861394][ T7671]        sock_do_ioctl+0x116/0x280
[  256.862719][ T7671]        sock_ioctl+0x228/0x6c0
[  256.863982][ T7671]        __x64_sys_ioctl+0x18f/0x220
[  256.865362][ T7671]        do_syscall_64+0xcd/0x250
[  256.866671][ T7671]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.868332][ T7671] 
[  256.868332][ T7671] -> #1 (rfcomm_ioctl_mutex){+.+.}-{3:3}:
[  256.870388][ T7671]        __mutex_lock+0x175/0x9c0
[  256.871698][ T7671]        rfcomm_dev_ioctl+0x905/0x1ca0
[  256.873130][ T7671]        rfcomm_sock_ioctl+0xb4/0xe0
[  256.874493][ T7671]        sock_do_ioctl+0x116/0x280
[  256.875815][ T7671]        sock_ioctl+0x228/0x6c0
[  256.877082][ T7671]        __x64_sys_ioctl+0x18f/0x220
[  256.878448][ T7671]        do_syscall_64+0xcd/0x250
[  256.879786][ T7671]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.881435][ T7671] 
[  256.881435][ T7671] -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}:
[  256.883810][ T7671]        __lock_acquire+0x250b/0x3ce0
[  256.885198][ T7671]        lock_acquire.part.0+0x11b/0x380
[  256.886640][ T7671]        lock_sock_nested+0x3a/0xf0
[  256.887986][ T7671]        rfcomm_sk_state_change+0x6d/0x3b0
[  256.889502][ T7671]        __rfcomm_dlc_close+0x28c/0x700
[  256.890925][ T7671]        rfcomm_dlc_close+0x1eb/0x240
[  256.892311][ T7671]        __rfcomm_sock_close+0xa7/0x230
[  256.893751][ T7671]        rfcomm_sock_shutdown+0xd5/0x230
[  256.895192][ T7671]        rfcomm_sock_release+0x5d/0x140
[  256.896612][ T7671]        __sock_release+0xb0/0x270
[  256.897943][ T7671]        sock_close+0x1c/0x30
[  256.899162][ T7671]        __fput+0x3f6/0xb60
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  256.900344][ T7671]        task_work_run+0x14e/0x250
[  256.901880][ T7671]        get_signal+0x1ca/0x2770
[  256.903181][ T7671]        arch_do_signal_or_restart+0x90/0x7e0
[  256.904756][ T7671]        syscall_exit_to_user_mode+0x150/0x2a0
[  256.906360][ T7671]        do_syscall_64+0xda/0x250
[  256.907672][ T7671]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.909344][ T7671] 
[  256.909344][ T7671] other info that might help us debug this:
[  256.909344][ T7671] 
[  256.911946][ T7671] Chain exists of:
[  256.911946][ T7671]   sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM --> rfcomm_mutex --> &d->lock
[  256.911946][ T7671] 
[  256.915499][ T7671]  Possible unsafe locking scenario:
[  256.915499][ T7671] 
[  256.917429][ T7671]        CPU0                    CPU1
[  256.918816][ T7671]        ----                    ----
[  256.920200][ T7671]   lock(&d->lock);
[  256.921216][ T7671]                                lock(rfcomm_mutex);
[  256.922937][ T7671]                                lock(&d->lock);
[  256.924568][ T7671]   lock(sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM);
[  256.926187][ T7671] 
[  256.926187][ T7671]  *** DEADLOCK ***
[  256.926187][ T7671] 
[  256.928267][ T7671] 3 locks held by syz.2.562/7671:
[  256.929580][ T7671]  #0: ffff88804b503e08 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x270
[  256.932296][ T7671]  #1: ffffffff90173388 (rfcomm_mutex){+.+.}-{3:3}, at: rfcomm_dlc_close+0x33/0x240
[  256.934732][ T7671]  #2: ffff88804bc0d528 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x235/0x700
[  256.937134][ T7671] 
[  256.937134][ T7671] stack backtrace:
[  256.938664][ T7671] CPU: 3 UID: 0 PID: 7671 Comm: syz.2.562 Not tainted 6.12.0-rc1-syzkaller-00349-g8f602276d390 #0
[  256.941368][ T7671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  256.944129][ T7671] Call Trace:
[  256.945009][ T7671]  <TASK>
[  256.945783][ T7671]  dump_stack_lvl+0x116/0x1f0
[  256.947106][ T7671]  print_circular_bug+0x41c/0x610
[  256.948417][ T7671]  check_noncircular+0x31a/0x400
[  256.949721][ T7671]  ? __pfx_check_noncircular+0x10/0x10
[  256.951135][ T7671]  ? lockdep_lock+0xc6/0x200
[  256.952351][ T7671]  ? __pfx_lockdep_lock+0x10/0x10
[  256.953677][ T7671]  __lock_acquire+0x250b/0x3ce0
[  256.954952][ T7671]  ? __pfx___lock_acquire+0x10/0x10
[  256.956296][ T7671]  ? __mutex_trylock_common+0xea/0x250
[  256.957717][ T7671]  ? __pfx___mutex_trylock_common+0x10/0x10
[  256.959250][ T7671]  ? __rfcomm_dlc_close+0x235/0x700
[  256.960599][ T7671]  lock_acquire.part.0+0x11b/0x380
[  256.961927][ T7671]  ? rfcomm_sk_state_change+0x6d/0x3b0
[  256.963334][ T7671]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  256.964778][ T7671]  ? rcu_is_watching+0x12/0xc0
[  256.966034][ T7671]  ? trace_lock_acquire+0x14a/0x1d0
[  256.967383][ T7671]  ? rfcomm_sk_state_change+0x6d/0x3b0
[  256.968788][ T7671]  ? lock_acquire+0x2f/0xb0
[  256.969989][ T7671]  ? rfcomm_sk_state_change+0x6d/0x3b0
[  256.971400][ T7671]  lock_sock_nested+0x3a/0xf0
[  256.972636][ T7671]  ? rfcomm_sk_state_change+0x6d/0x3b0
[  256.974057][ T7671]  rfcomm_sk_state_change+0x6d/0x3b0
[  256.975424][ T7671]  __rfcomm_dlc_close+0x28c/0x700
[  256.976736][ T7671]  rfcomm_dlc_close+0x1eb/0x240
[  256.978010][ T7671]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  256.979534][ T7671]  __rfcomm_sock_close+0xa7/0x230
[  256.980852][ T7671]  rfcomm_sock_shutdown+0xd5/0x230
[  256.982196][ T7671]  rfcomm_sock_release+0x5d/0x140
[  256.983508][ T7671]  __sock_release+0xb0/0x270
[  256.984720][ T7671]  ? __pfx_sock_close+0x10/0x10
[  256.985991][ T7671]  sock_close+0x1c/0x30
[  256.987079][ T7671]  __fput+0x3f6/0xb60
[  256.988131][ T7671]  ? _raw_spin_unlock_irq+0x23/0x50
[  256.989670][ T7671]  task_work_run+0x14e/0x250
[  256.990880][ T7671]  ? __pfx_task_work_run+0x10/0x10
[  256.992207][ T7671]  get_signal+0x1ca/0x2770
[  256.993398][ T7671]  ? __pfx_task_work_add+0x10/0x10
[  256.994733][ T7671]  ? __pfx_get_signal+0x10/0x10
[  256.996005][ T7671]  arch_do_signal_or_restart+0x90/0x7e0
[  256.997442][ T7671]  ? __pfx___sys_connect+0x10/0x10
[  256.998769][ T7671]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  257.000364][ T7671]  ? rcu_is_watching+0x12/0xc0
[  257.001623][ T7671]  syscall_exit_to_user_mode+0x150/0x2a0
[  257.003082][ T7671]  do_syscall_64+0xda/0x250
[  257.004272][ T7671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.005820][ T7671] RIP: 0033:0x7feeb457dff9
[  257.006991][ T7671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.011948][ T7671] RSP: 002b:00007feeb528e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  257.014113][ T7671] RAX: fffffffffffffffc RBX: 00007feeb4735f80 RCX: 00007feeb457dff9
[  257.016163][ T7671] RDX: 0000000000000080 RSI: 00000000200004c0 RDI: 0000000000000005
[  257.018207][ T7671] RBP: 00007feeb45f0296 R08: 0000000000000000 R09: 0000000000000000
[  257.020244][ T7671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  257.022298][ T7671] R13: 0000000000000000 R14: 00007feeb4735f80 R15: 00007ffe1dd7abe8
[  257.024344][ T7671]  </TASK>
[  257.648616][ T6378] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.727295][ T6378] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.646648][ T5347] Bluetooth: hci7: command 0x0405 tx timeout
[  258.777254][ T6378] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.618404][ T6378] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.246714][ T6378] bridge_slave_1: left allmulticast mode
[  260.248245][ T6378] bridge_slave_1: left promiscuous mode
[  260.249778][ T6378] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.519002][ T6378] bridge_slave_0: left allmulticast mode
[  260.520526][ T6378] bridge_slave_0: left promiscuous mode
[  260.522065][ T6378] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.677926][ T6378] bond0 (unregistering): left promiscuous mode
[  261.679714][ T6378] bond_slave_0: left promiscuous mode
[  261.681510][ T6378] bond_slave_1: left promiscuous mode
[  262.566756][ T6378] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  262.570222][ T6378] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  262.573801][ T6378] bond0 (unregistering): Released all slaves
[  264.330014][   T39] kauditd_printk_skb: 8 callbacks suppressed
[  264.330026][   T39] audit: type=1400 audit(1728232219.551:4783): avc:  denied  { setrlimit } for  pid=7733 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  264.526646][ T6378] hsr_slave_0: left promiscuous mode
[  264.547252][ T6378] hsr_slave_1: left promiscuous mode
[  264.549312][ T6378] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  264.552790][ T6378] batman_adv: batadv0: Removing interface: batadv_slave_0
[  264.567830][ T6378] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.569823][ T6378] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.574778][ T6378] veth1_macvtap: left promiscuous mode
[  264.576243][ T6378] veth0_macvtap: left promiscuous mode
[  264.578521][ T6378] veth1_vlan: left promiscuous mode
[  264.579932][ T6378] veth0_vlan: left promiscuous mode

VM DIAGNOSIS:
16:30:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc90004ad7b80 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff84bfb984 RDI=ffffc90004ad7b80 RBP=ffffffff84bfb970 RSP=ffffc90000007f60
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffffc90000007ff8
R12=0000000000000000 R13=dffffc0000000000 R14=ffffc900076efb40 R15=ffffc90004ad7b48
RIP=ffffffff84bfb9ad RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff2f3141f98 CR3=000000000df7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=000000007ffbffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb06a5240 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff2f23f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff2f23f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff2f23f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff2f23f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff2f23f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff2f23f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=7fffffffffffffff RCX=ffffffff8b22fe7e RDX=0000000000000000
RSI=ffffffff8bd1a040 RDI=ffffc90004ad7ba8 RBP=ffffc90004ad7ba0 RSP=ffffc90004ad7a18
R8 =0000000000000000 R9 =fffffbfff20be6e1 R10=ffffffff905f370f R11=0000000000000001
R12=dffffc0000000000 R13=0000000000000002 R14=ffffc90004ad7ba8 R15=0000000000000000
RIP=ffffffff816b1c60 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f79145d06c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020256000 CR3=000000004b8fa000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=000000007ffbffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b89b9f8e2d870e99 2045d02ce9181d70
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3c6171c26b20679f 9cf88ae7f40499d3
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4491ae1cc8775382 435f9ee717da5f57
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3db34f9d334c60ee 2ecb0b7841283bb1
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000008700
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 009c3180009c32d8 ad320000a4360000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000143009c354e 0000001f009c354f
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 009c31a910da0000 762a0000518b0000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6ebc000027120000 00000ae3de200000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e92c9918d4319312 f82fcab3834a1e12
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c90094e7985bd07f 4861ff0c255854fd
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff2f250b488 00007ff2f250b480 00007ff2f250b478 00007ff2f250b450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff2f306d100 00007ff2f250b440 00007ff2f250b458 00007ff2f250b4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff2f250b498 00007ff2f250b490 00007ff2f250b488 00007ff2f250b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000c9004c RBX=0000000000000002 RCX=ffffffff8b21ceb9 RDX=ffffed100d507026
RSI=ffffffff8bd1a040 RDI=ffffffff81647d7c RBP=ffffed1003b5f000 RSP=ffffc90000197e08
R8 =0000000000000000 R9 =ffffed100d507025 R10=ffff88806a83812b R11=0000000000000001
R12=0000000000000002 R13=ffff88801daf8000 R14=ffffffff905f3708 R15=0000000000000000
RIP=ffffffff8b21e29f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fad4e73ef98 CR3=000000006380c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feeb45f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feeb45f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feeb45f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feeb45f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feeb45f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feeb45f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feeb470b488 00007feeb470b480 00007feeb470b478 00007feeb470b450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feeb526d100 00007feeb470b440 00007feeb4700004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feeb470b498 00007feeb470b490 00007feeb470b488 00007feeb470b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff850a6d70 RDI=ffffffff9aae3b40 RBP=ffffffff9aae3b00 RSP=ffffc9000697f168
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff355c7ba R15=dffffc0000000000
RIP=ffffffff850a6d97 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007feeb528e6c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2e9fc6c0 CR3=000000006380c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000003fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000072 ffffffff8a5e2e77
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000085
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff8881866742c0 0000000000000072
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff8881066742c0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff818070ab
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 000000000000000a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff8881066742c0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fad4d9f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fad4d9f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ffffffffff600000 00007fad4d97d000 ffffffff8100a2d8
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff8881866742c0 0000000400000000 0000000b000c000e
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff8881866742c0 00000001066742c0 ffffffff813ee840
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff8881066742c0 ffff8881866742c0 ffffffff813ee97c
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 000000000000003f 000000000000002e ffffffff813ee888
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff8881866742c0 00000001066742c0 ffffffff813ee840
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff8881866742c0 00000001066742c0 ffffffff813ee840
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 afcbbe1c9444835b c4d7eb7dc42aca1a 22e8f44792a197e6 d614925f0d7d9029
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000