last executing test programs:

2.011051709s ago: executing program 1 (id=942):
creat(&(0x7f0000000380)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r0, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000140)=[{&(0x7f0000002640)=""/102385, 0x18ff1}], 0x1}}], 0x48}, 0x0)

1.930283613s ago: executing program 1 (id=943):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r0, &(0x7f0000000000)=[{&(0x7f00000001c0)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
read(r0, 0x0, 0x0)

1.802629374s ago: executing program 1 (id=946):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
io_setup(0xc2, &(0x7f0000000280)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000c40)=[&(0x7f00000005c0)={0x0, 0x0, 0x0, 0x5, 0x2, r1, 0x0, 0x0, 0x7fff, 0x0, 0x3}])

1.479885589s ago: executing program 1 (id=952):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0)
write(r1, 0x0, 0x0)

1.33705189s ago: executing program 1 (id=955):
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$radio(&(0x7f00000000c0), 0x2, 0x2)
preadv2(r3, &(0x7f0000000440)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0)

1.16910773s ago: executing program 3 (id=961):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r2, 0x0)
shutdown(r2, 0x0)

1.116159856s ago: executing program 2 (id=964):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x6}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r2)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @multicast1}, 0x4}}, 0x2e)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="01000000000000000000020000000800090004"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

1.115928506s ago: executing program 0 (id=965):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100000620702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f00000008c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000080)=0x5, 0x4)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r1, &(0x7f00000036c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/4, 0x4}, 0xe}], 0x1, 0x0, 0x0)

1.115776288s ago: executing program 3 (id=966):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000b2a500100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000180)=@ethtool_drvinfo={0x3, "3b296e12d52d00eb82cc420f61e335caec88669e42bdfb3cec880a02de9e1d73", "aa01954b50e1a7d200008f5a3995fa1e7569d25aed9768cf0c2def7d5500", "31cb053e0c8f3e81062f62e0f874b078cef598cf374e31fb58665661e850abd6", "fd1508ebd0c5b39be0c0a8f4394f9dfb56ceccf9f6f1fdfdc100", "78a85ce08babb5877c9ab49084d318f3ce181dd78515a854b784f51f55030e7f", "510f13cf0000000000010001", 0xfffffffd, 0x3ffffff, 0x120000, 0x1}})

1.070762947s ago: executing program 0 (id=967):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x10)
write(0xffffffffffffffff, 0x0, 0x0)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000300)=0x5f)

1.07050435s ago: executing program 2 (id=968):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000046ffff000000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x6b}})

1.070337588s ago: executing program 3 (id=969):
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, 0x0, 0x0)
r0 = io_uring_setup(0x17ba, &(0x7f0000000140))
openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040))
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000340), 0x0, 0x0)
ioctl$CEC_DQEVENT(r1, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r1, 0xc0506107, &(0x7f0000000200)={0x0, 0x0, 0x0, @lost_msgs})
ioctl$IOC_PR_PREEMPT(r1, 0x40046109, &(0x7f0000000040)={0xd0, 0x0, 0x0, 0x4})

1.070172753s ago: executing program 0 (id=970):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000300)={r3, r2}, 0xc)

990.950253ms ago: executing program 2 (id=971):
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="39000000130003474cbb65e1c3e4ffff06000d000100000007000000250000000d0016000c001400000000", 0x2b}], 0x1)
r1 = open_tree(0xffffffffffffff9c, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000500)={'syztnl0\x00', 0x0})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000b00)={'syztnl0\x00', &(0x7f0000000540)={'ip6gre0\x00', <r4=>0x0, 0x4, 0x8, 0x46, 0xe2f, 0x4d, @private0, @loopback, 0x8, 0x80, 0x990a, 0x8000}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000c00)={'syztnl1\x00', 0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000600)='sched_switch\x00', r5}, 0x10)
r6 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x550, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x298, 0x2c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x1c8, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b0)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r1, &(0x7f0000000e80)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000e40)={&(0x7f0000000c40)=ANY=[@ANYBLOB="c8010000", @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000300030000000800030001000000140002006c6f00000000000000000000000000003000018008000100", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYBLOB="140002007767320000000000000000000000000008000100", @ANYRES32=r3, @ANYBLOB="800001800800030001000000080003000000000014000200776730000000000000000000000000001400020076657468305f766c616e0000000000001400020074756e6c30000000000000000000000008000300010000001400020069705f7674693000000000000000000014000200776c616e3000000000000000000000003400018008000100", @ANYRES32=0x0, @ANYBLOB="140002007465616d5f736c6176655f31000000001400020070696d726567310000000000000000004c0001801400020070696d36726567310000000000000000080003000100000008000300030000000800", @ANYRES32=r4, @ANYBLOB="140002006d6163766c616e31000000000000000008000300000000003800018014000200766572745f77696669000800030002000000080003000300", @ANYBLOB], 0x1c8}, 0x1, 0x0, 0x0, 0x200080c4}, 0x48091)
fchdir(0xffffffffffffffff)
setreuid(0x0, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r8, 0x0)
connect$unix(r7, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
socket$unix(0x1, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$nl_xfrm(0x10, 0x3, 0x6)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x15, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)

990.695162ms ago: executing program 0 (id=972):
r0 = syz_io_uring_setup(0x64f9, &(0x7f0000000280)={0x0, 0x1217, 0x10100, 0x3}, &(0x7f0000000540)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x18})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

990.393178ms ago: executing program 3 (id=973):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x2f4}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
connect$pppl2tp(r2, &(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, r1, {}, 0xa}}, 0x26)
sendmmsg$inet(r2, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

930.761193ms ago: executing program 2 (id=974):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='\x00', 0x9801)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10)
recvmmsg(r1, &(0x7f0000002300)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)=""/64, 0x40}], 0x1, &(0x7f0000000540)=""/19, 0x13}}], 0x1, 0x122, 0x0)
fchdir(r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cd0aa7b73340cc2160a1fe3c184b751c51160fbc0cfb91c82f4a9164dda5e67a46d8e841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e10d859e8327ef03fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d72166cb0d3a0ec4bfae563112f4b391aafe234870072858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5be5f6eb2eea0d090014b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ff010000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a30280bc586e79a5dd8076c248e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f5874c24411d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d54aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd8f200000017587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5f7d895de17a10b0a0ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5175d879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c56d0886eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366a9660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e959212181d4bf32ed89c96d421c8171698c49403558fd13c649f90b0911d57eeb298b590581eb00ce383b539ab80fd15445987b1bb4eb512545e1ab65fef310e10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbb1d44925ce66ea1a94e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e15a00adb976064a93e8d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeadc5cf218a6eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041814f60fbbcafa487ee96b368e8769da90b44190e569fe8b1d155d0765baaca5c5548b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751beed5f79de29a67a579150bfb31232d296b9d2977ed027ca90af7088d6466f1501d96a"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x26, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088a81bff88fbffff4000633a77fbac14142ce934a0a662079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

930.454211ms ago: executing program 0 (id=975):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0000006800090300000008000000009700000000000000040065be43630aa666853190bff0a6671cfc7cf3130fc07904c678a62ca97c7790986393b46ba6a3b5aee76b9ced63f9827256d9291ddef3ae67a836d356f27ff727590bba194a9aad5a"], 0x1c}}, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

830.519648ms ago: executing program 2 (id=976):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
futex_waitv(&(0x7f0000000ec0)=[{0x0, 0x0, 0x0, 0x2}], 0x1, 0x0, &(0x7f0000001000)={0x77359400}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
sysinfo(&(0x7f0000000500)=""/58)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
write(r2, 0x0, 0x0)

830.326324ms ago: executing program 3 (id=977):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
recvmmsg(r0, &(0x7f00000078c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newsa={0xf0, 0x12, 0x713, 0x0, 0x0, {{@in6=@private2, @in=@loopback, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@empty}, @in6=@local, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000}, {0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x7}, 0x70bd25, 0x0, 0xa}}, 0xf0}}, 0x0)

719.748025ms ago: executing program 3 (id=978):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0000006800090300000008000000009700000000000000040065be43630aa666853190bff0a6671cfc7cf3130fc07904c678a62ca97c7790986393b46ba6a3b5aee76b9ced"], 0x1c}}, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

719.337228ms ago: executing program 2 (id=979):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0xfffc, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r3, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000008900)=[{&(0x7f0000008500)="88", 0xff12}], 0x1}}], 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001800dd8d000000000000000002000000000000060000000006001500040000001800168014"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001800dd8d0000000000000000020000000000000600000000"], 0x38}}, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24040880}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r6, 0x800448d2, &(0x7f0000000100))

310.651054ms ago: executing program 1 (id=980):
socket(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xfe, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x66, &(0x7f00000006c0)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500005800000000029e907800000000000000000420880b0000000000000800000086dd080088be00100000000000000100000000000000080022eb000000"], 0x0)
syz_emit_ethernet(0x32, &(0x7f00000003c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x100, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='contention_end\x00'}, 0x10)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x3938700}, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@random="39919e8b05b7", @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback, @local}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x5}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff0c, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_clone(0x4d900000, 0x0, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 0 (id=981):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r2}, 0x0, &(0x7f0000000540)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r1}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0))

kernel console output (not intermixed with test programs):

 write } for  pid=6173 comm="syz.2.223" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  121.751464][   T39] audit: type=1400 audit(1725715271.539:290): avc:  denied  { setopt } for  pid=6173 comm="syz.2.223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  122.427429][   T39] audit: type=1400 audit(1725715272.219:291): avc:  denied  { connect } for  pid=6179 comm="syz.1.224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  122.436327][   T39] audit: type=1400 audit(1725715272.219:292): avc:  denied  { setopt } for  pid=6179 comm="syz.1.224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  122.821606][   T39] audit: type=1400 audit(1725715272.609:293): avc:  denied  { map } for  pid=6196 comm="syz.2.232" path="socket:[11048]" dev="sockfs" ino=11048 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  122.832485][   T39] audit: type=1400 audit(1725715272.609:294): avc:  denied  { accept } for  pid=6196 comm="syz.2.232" path="socket:[11048]" dev="sockfs" ino=11048 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  122.845643][   T39] audit: type=1326 audit(1725715272.619:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6198 comm="syz.1.233" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f38e5f7cef9 code=0x0
[  123.041089][   T39] audit: type=1400 audit(1725715272.839:296): avc:  denied  { ioctl } for  pid=6203 comm="syz.3.234" path="socket:[11050]" dev="sockfs" ino=11050 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  123.123296][   T39] audit: type=1400 audit(1725715272.879:297): avc:  denied  { setopt } for  pid=6203 comm="syz.3.234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  123.589948][ T6218] FAULT_INJECTION: forcing a failure.
[  123.589948][ T6218] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.597691][ T6218] CPU: 2 UID: 0 PID: 6218 Comm: syz.3.238 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  123.602443][ T6218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.607255][ T6218] Call Trace:
[  123.608804][ T6218]  <TASK>
[  123.610155][ T6218]  dump_stack_lvl+0x16c/0x1f0
[  123.612306][ T6218]  should_fail_ex+0x497/0x5b0
[  123.614567][ T6218]  _copy_to_user+0x30/0xc0
[  123.616596][ T6218]  simple_read_from_buffer+0xd0/0x160
[  123.618974][ T6218]  proc_fail_nth_read+0x19e/0x280
[  123.621211][ T6218]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.623703][ T6218]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.626229][ T6218]  vfs_read+0x1d4/0xbd0
[  123.628142][ T6218]  ? __fdget_pos+0xeb/0x180
[  123.630205][ T6218]  ? __pfx_vfs_read+0x10/0x10
[  123.632233][ T6218]  ? __pfx___mutex_lock+0x10/0x10
[  123.634396][ T6218]  ? __fget_files+0x256/0x400
[  123.636278][ T6218]  ksys_read+0x12f/0x260
[  123.638070][ T6218]  ? __pfx_ksys_read+0x10/0x10
[  123.640216][ T6218]  do_syscall_64+0xcd/0x250
[  123.642227][ T6218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.644823][ T6218] RIP: 0033:0x7f308cd7b93c
[  123.646802][ T6218] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  123.655144][ T6218] RSP: 002b:00007f308dc11030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  123.658822][ T6218] RAX: ffffffffffffffda RBX: 00007f308cf35f80 RCX: 00007f308cd7b93c
[  123.662253][ T6218] RDX: 000000000000000f RSI: 00007f308dc110a0 RDI: 0000000000000005
[  123.665544][ T6218] RBP: 00007f308dc11090 R08: 0000000000000000 R09: 0000000000000000
[  123.668851][ T6218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.672457][ T6218] R13: 0000000000000000 R14: 00007f308cf35f80 R15: 00007fff1c186f38
[  123.673787][ T5362] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  123.675951][ T6218]  </TASK>
[  123.681446][ T5362] Bluetooth: hci1: Injecting HCI hardware error event
[  123.689321][ T5362] Bluetooth: hci1: hardware error 0x00
[  123.881974][   T39] audit: type=1400 audit(1725715273.669:298): avc:  denied  { create } for  pid=6220 comm="syz.1.239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  123.960334][ T6229] overlayfs: missing 'workdir'
[  123.985525][ T6230] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.242'.
[  123.985942][ T6230] netlink: get zone limit has 8 unknown bytes
[  125.418551][ T6246] netlink: 12 bytes leftover after parsing attributes in process `syz.1.248'.
[  125.554785][ T6247] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6247 comm=syz.1.248
[  125.763250][ T5362] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  125.790522][ T6250] /dev/nullb0: Can't open blockdev
[  126.231404][ T6255] openvswitch: netlink: Unknown nsh attribute 0
[  126.480122][ T6262] overlayfs: missing 'lowerdir'
[  126.496160][ T6262] fuse: Bad value for 'fd'
[  126.507947][ T6262] netlink: 7 bytes leftover after parsing attributes in process `syz.1.251'.
[  126.512236][ T6262] netlink: 156 bytes leftover after parsing attributes in process `syz.1.251'.
[  126.889173][   T39] kauditd_printk_skb: 6 callbacks suppressed
[  126.889188][   T39] audit: type=1400 audit(1725715276.679:305): avc:  denied  { sys_module } for  pid=6267 comm="syz.3.253" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  126.889698][ T6268] Invalid ELF header len 18
[  126.892122][   T39] audit: type=1400 audit(1725715276.679:306): avc:  denied  { module_load } for  pid=6267 comm="syz.3.253" path="/57/bus/bus" dev="tmpfs" ino=331 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[  126.969679][ T6269] tipc: Started in network mode
[  126.974581][ T6269] tipc: Node identity 2007ff, cluster identity 4711
[  126.976089][   T39] audit: type=1400 audit(1725715276.749:307): avc:  denied  { connect } for  pid=6267 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  126.981178][ T6269] tipc: Node number set to 2099199
[  126.984234][ T1212] tipc: Subscription rejected, illegal request
[  126.990046][   T39] audit: type=1400 audit(1725715276.779:308): avc:  denied  { write } for  pid=6267 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  127.003925][   T39] audit: type=1400 audit(1725715276.779:309): avc:  denied  { read } for  pid=6267 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  127.178101][   T39] audit: type=1400 audit(1725715276.969:310): avc:  denied  { create } for  pid=6274 comm="syz.1.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  127.186715][ T6275] 9pnet_fd: Insufficient options for proto=fd
[  127.194337][   T39] audit: type=1400 audit(1725715276.969:311): avc:  denied  { ioctl } for  pid=6274 comm="syz.1.256" path="socket:[10120]" dev="sockfs" ino=10120 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  127.210193][   T39] audit: type=1400 audit(1725715276.969:312): avc:  denied  { write } for  pid=6274 comm="syz.1.256" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  127.220848][   T39] audit: type=1400 audit(1725715276.969:313): avc:  denied  { read } for  pid=6274 comm="syz.1.256" dev="sockfs" ino=10119 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  127.320949][ T1081] sr 2:0:0:0: [sr0] tag#6 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  127.336251][ T1081] sr 2:0:0:0: [sr0] tag#6 Sense Key : Illegal Request [current] 
[  127.339822][ T1081] sr 2:0:0:0: [sr0] tag#6 Add. Sense: Invalid command operation code
[  127.344071][ T1081] sr 2:0:0:0: [sr0] tag#6 CDB: Write(10) 2a 00 00 00 00 00 00 00 04 00
[  127.347891][ T1081] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0
[  127.353917][ T1081] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  127.358839][ T1081] Buffer I/O error on dev sr0, logical block 1, lost async page write
[  127.764148][ T6287] openvswitch: netlink: Unknown nsh attribute 0
[  128.234036][   T39] audit: type=1400 audit(1725715278.019:314): avc:  denied  { getopt } for  pid=6289 comm="syz.0.260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  128.517507][ T6298] warning: `syz.1.261' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  129.685570][ T6309] FAULT_INJECTION: forcing a failure.
[  129.685570][ T6309] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.690862][ T6309] CPU: 3 UID: 0 PID: 6309 Comm: syz.0.265 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  129.696223][ T6309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.703174][ T6309] Call Trace:
[  129.705221][ T6309]  <TASK>
[  129.706974][ T6309]  dump_stack_lvl+0x16c/0x1f0
[  129.709704][ T6309]  should_fail_ex+0x497/0x5b0
[  129.712377][ T6309]  _copy_from_user+0x30/0xf0
[  129.715016][ T6309]  i2cdev_ioctl+0x110/0x820
[  129.717639][ T6309]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  129.720415][ T6309]  ? selinux_file_ioctl+0x180/0x270
[  129.722933][ T6309]  ? selinux_file_ioctl+0xb4/0x270
[  129.725044][ T6309]  ? bpf_lsm_file_ioctl+0x9/0x10
[  129.727217][ T6309]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  129.729719][ T6309]  __x64_sys_ioctl+0x193/0x220
[  129.731889][ T6309]  do_syscall_64+0xcd/0x250
[  129.734179][ T6309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.737218][ T6309] RIP: 0033:0x7f9df477cef9
[  129.738921][ T6309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.747119][ T6309] RSP: 002b:00007f9df54c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  129.751084][ T6309] RAX: ffffffffffffffda RBX: 00007f9df4936058 RCX: 00007f9df477cef9
[  129.754983][ T6309] RDX: 0000000020000500 RSI: 0000000000000720 RDI: 0000000000000006
[  129.758992][ T6309] RBP: 00007f9df54c3090 R08: 0000000000000000 R09: 0000000000000000
[  129.762910][ T6309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.766676][ T6309] R13: 0000000000000000 R14: 00007f9df4936058 R15: 00007ffc09548fe8
[  129.770455][ T6309]  </TASK>
[  130.168065][ T6315] openvswitch: netlink: Unknown nsh attribute 0
[  130.257692][ T6317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.269'.
[  130.439460][ T6323] overlay: Unknown parameter 'measure'
[  130.446331][ T6323] fuse: Bad value for 'fd'
[  130.450816][ T6323] netlink: 7 bytes leftover after parsing attributes in process `syz.2.271'.
[  130.454834][ T6323] netlink: 156 bytes leftover after parsing attributes in process `syz.2.271'.
[  130.815678][ T6327] syz.2.272[6327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  130.815767][ T6327] syz.2.272[6327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.411968][ T6335] netlink: 9412 bytes leftover after parsing attributes in process `syz.2.274'.
[  134.081735][ T6380] netlink: 9412 bytes leftover after parsing attributes in process `syz.3.288'.
[  134.664826][ T6387] /dev/nullb0: Can't open blockdev
[  134.942010][ T6392] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.291'.
[  134.953570][ T6392] netlink: get zone limit has 8 unknown bytes
[  135.721234][ T6399] netlink: 76 bytes leftover after parsing attributes in process `syz.1.292'.
[  136.903529][ T6414] overlayfs: workdir and upperdir must be separate subtrees
[  136.965992][ T6413] overlayfs: missing 'workdir'
[  138.283962][ T6431] overlayfs: missing 'lowerdir'
[  138.289925][ T6431] fuse: Bad value for 'fd'
[  138.304795][ T6431] netlink: 7 bytes leftover after parsing attributes in process `syz.2.302'.
[  138.313966][ T6431] netlink: 156 bytes leftover after parsing attributes in process `syz.2.302'.
[  138.353255][ T6432] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.303'.
[  138.357831][ T6432] netlink: get zone limit has 8 unknown bytes
[  138.493850][ T6435] overlayfs: missing 'lowerdir'
[  138.558332][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[  138.561478][ T1380] ieee802154 phy1 wpan1: encryption failed: -22
[  139.609652][   T39] kauditd_printk_skb: 20 callbacks suppressed
[  139.609667][   T39] audit: type=1400 audit(1725715289.399:335): avc:  denied  { execute } for  pid=6446 comm="syz.1.308" path="/72/blkio.bfq.io_wait_time" dev="tmpfs" ino=420 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  139.764393][   T39] audit: type=1400 audit(1725715289.559:336): avc:  denied  { read } for  pid=6448 comm="syz.1.309" name="ptp0" dev="devtmpfs" ino=715 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  139.779129][   T39] audit: type=1400 audit(1725715289.559:337): avc:  denied  { open } for  pid=6448 comm="syz.1.309" path="/dev/ptp0" dev="devtmpfs" ino=715 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  140.813364][ T6462] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.313'.
[  140.817115][ T6462] netlink: get zone limit has 8 unknown bytes
[  140.847300][ T6464] FAULT_INJECTION: forcing a failure.
[  140.847300][ T6464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.852477][ T6464] CPU: 1 UID: 0 PID: 6464 Comm: syz.0.312 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  140.862207][ T6464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.866647][ T6464] Call Trace:
[  140.868042][ T6464]  <TASK>
[  140.869298][ T6464]  dump_stack_lvl+0x16c/0x1f0
[  140.871250][ T6464]  should_fail_ex+0x497/0x5b0
[  140.873241][ T6464]  _copy_to_user+0x30/0xc0
[  140.874941][ T6464]  simple_read_from_buffer+0xd0/0x160
[  140.877018][ T6464]  proc_fail_nth_read+0x19e/0x280
[  140.878861][ T6464]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  140.881499][ T6464]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  140.883549][ T6464]  vfs_read+0x1d4/0xbd0
[  140.885191][ T6464]  ? __fdget_pos+0xeb/0x180
[  140.886893][ T6464]  ? __pfx_vfs_read+0x10/0x10
[  140.888843][ T6464]  ? __pfx___mutex_lock+0x10/0x10
[  140.890916][ T6464]  ? __fget_files+0x256/0x400
[  140.892669][ T6464]  ksys_read+0x12f/0x260
[  140.894221][ T6464]  ? __pfx_ksys_read+0x10/0x10
[  140.895600][ T6464]  do_syscall_64+0xcd/0x250
[  140.897167][ T6464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.899489][ T6464] RIP: 0033:0x7f9df477b93c
[  140.901769][ T6464] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  140.909517][ T6464] RSP: 002b:00007f9df54e4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  140.912754][ T6464] RAX: ffffffffffffffda RBX: 00007f9df4935f80 RCX: 00007f9df477b93c
[  140.916495][ T6464] RDX: 000000000000000f RSI: 00007f9df54e40a0 RDI: 0000000000000004
[  140.919602][ T6464] RBP: 00007f9df54e4090 R08: 0000000000000000 R09: 0000000000000000
[  140.922590][ T6464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.925929][ T6464] R13: 0000000000000000 R14: 00007f9df4935f80 R15: 00007ffc09548fe8
[  140.928851][ T6464]  </TASK>
[  142.934461][   T39] audit: type=1400 audit(1725715292.729:338): avc:  denied  { create } for  pid=6481 comm="syz.0.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  142.976674][   T39] audit: type=1400 audit(1725715292.769:339): avc:  denied  { mounton } for  pid=6481 comm="syz.0.319" path="/80/file0" dev="tmpfs" ino=445 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  142.977283][ T6482] =======================================================
[  142.977283][ T6482] WARNING: The mand mount option has been deprecated and
[  142.977283][ T6482]          and is ignored by this kernel. Remove the mand
[  142.977283][ T6482]          option from the mount to silence this warning.
[  142.977283][ T6482] =======================================================
[  143.034083][   T39] audit: type=1400 audit(1725715292.829:340): avc:  denied  { unmount } for  pid=5350 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  143.175845][ T6490] netlink: 12 bytes leftover after parsing attributes in process `syz.3.322'.
[  143.200094][   T39] audit: type=1400 audit(1725715292.989:341): avc:  denied  { view } for  pid=6486 comm="syz.0.321" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  143.207453][ T6492] fuse: Unknown parameter 'group_i00000000000000000000'
[  143.403336][ T6497] Failed to initialize the IGMP autojoin socket (err -2)
[  143.413403][   T39] audit: type=1400 audit(1725715293.209:342): avc:  denied  { create } for  pid=6493 comm="syz.2.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  143.866739][ T6506] overlay: Unknown parameter 'measure'
[  143.881283][ T6506] fuse: Bad value for 'fd'
[  143.965552][ T6506] netlink: 7 bytes leftover after parsing attributes in process `syz.3.327'.
[  143.969401][ T6506] netlink: 156 bytes leftover after parsing attributes in process `syz.3.327'.
[  144.388065][   T39] audit: type=1400 audit(1725715294.179:343): avc:  denied  { read write } for  pid=6507 comm="syz.2.328" name="rdma_cm" dev="devtmpfs" ino=1111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  144.429592][   T39] audit: type=1400 audit(1725715294.189:344): avc:  denied  { open } for  pid=6507 comm="syz.2.328" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  144.655477][ T6512] overlay: Unknown parameter 'measure'
[  144.672756][ T6512] fuse: Bad value for 'fd'
[  144.680441][ T6512] netlink: 7 bytes leftover after parsing attributes in process `syz.0.329'.
[  144.684973][ T6512] netlink: 156 bytes leftover after parsing attributes in process `syz.0.329'.
[  145.046999][ T6516] netlink: 76 bytes leftover after parsing attributes in process `syz.3.330'.
[  146.349795][ T6538] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.338'.
[  146.354086][ T6538] netlink: get zone limit has 8 unknown bytes
[  146.525240][ T6541] openvswitch: netlink: Unknown nsh attribute 0
[  147.092648][   T39] audit: type=1400 audit(1725715296.879:345): avc:  denied  { write } for  pid=6549 comm="syz.1.342" name="001" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  147.119345][   T39] audit: type=1400 audit(1725715296.889:346): avc:  denied  { create } for  pid=6549 comm="syz.1.342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  147.129455][   T39] audit: type=1400 audit(1725715296.889:347): avc:  denied  { bind } for  pid=6549 comm="syz.1.342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  147.140649][   T39] audit: type=1400 audit(1725715296.909:348): avc:  denied  { setopt } for  pid=6546 comm="syz.2.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  147.151045][   T39] audit: type=1400 audit(1725715296.929:349): avc:  denied  { append } for  pid=6546 comm="syz.2.341" name="card0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  147.168509][   T39] audit: type=1400 audit(1725715296.959:350): avc:  denied  { rename } for  pid=4815 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  147.179253][   T39] audit: type=1400 audit(1725715296.959:351): avc:  denied  { unlink } for  pid=4815 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  147.190094][   T39] audit: type=1400 audit(1725715296.959:352): avc:  denied  { create } for  pid=4815 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  147.356424][ T6550] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  148.062287][   T39] audit: type=1400 audit(1725715297.849:353): avc:  denied  { create } for  pid=6568 comm="syz.1.346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  148.268942][   T39] audit: type=1400 audit(1725715298.059:354): avc:  denied  { ioctl } for  pid=6568 comm="syz.1.346" path="socket:[11575]" dev="sockfs" ino=11575 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  148.298062][ T6575] openvswitch: netlink: Unknown nsh attribute 0
[  148.799805][ T6598] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.349'.
[  148.804486][ T6598] netlink: get zone limit has 8 unknown bytes
[  149.903100][ T6613] netlink: 'syz.1.355': attribute type 3 has an invalid length.
[  149.906475][ T6613] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.355'.
[  150.559623][ T6608] /dev/nullb0: Can't open blockdev
[  150.971113][ T6628] openvswitch: netlink: Unknown nsh attribute 0
[  152.680125][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  152.680140][   T39] audit: type=1400 audit(1725715302.469:356): avc:  denied  { create } for  pid=6649 comm="syz.0.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  152.709642][   T39] audit: type=1400 audit(1725715302.489:357): avc:  denied  { write } for  pid=6649 comm="syz.0.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  152.718485][   T39] audit: type=1400 audit(1725715302.489:358): avc:  denied  { nlmsg_read } for  pid=6649 comm="syz.0.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  154.255802][   T39] audit: type=1400 audit(1725715304.049:359): avc:  denied  { setopt } for  pid=6683 comm="syz.3.373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  154.547621][ T6686] netlink: 8 bytes leftover after parsing attributes in process `syz.3.375'.
[  155.696625][   T39] audit: type=1400 audit(1725715305.489:360): avc:  denied  { connect } for  pid=6708 comm="syz.0.384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  155.727006][   T39] audit: type=1400 audit(1725715305.519:361): avc:  denied  { write } for  pid=6708 comm="syz.0.384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  156.504009][ T6742] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.393'.
[  156.508121][ T6742] netlink: get zone limit has 8 unknown bytes
[  156.520124][ T6735] netlink: 8 bytes leftover after parsing attributes in process `syz.1.391'.
[  156.825055][ T6745] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  156.829418][ T6745] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  157.252865][   T39] audit: type=1400 audit(1725715307.049:362): avc:  denied  { bind } for  pid=6753 comm="syz.1.398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  157.269811][   T39] audit: type=1400 audit(1725715307.049:363): avc:  denied  { listen } for  pid=6753 comm="syz.1.398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  157.655289][   T39] audit: type=1400 audit(1725715307.449:364): avc:  denied  { block_suspend } for  pid=6752 comm="syz.2.397" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  157.694906][   T39] audit: type=1400 audit(1725715307.489:365): avc:  denied  { read } for  pid=6752 comm="syz.2.397" dev="sockfs" ino=12628 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  157.711956][   T39] audit: type=1400 audit(1725715307.489:366): avc:  denied  { name_bind 0x1000000 } for  pid=6752 comm="syz.2.397" path="socket:[12628]" dev="sockfs" ino=12628 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  157.863339][ T6769] openvswitch: netlink: Unknown nsh attribute 0
[  157.966783][ T6773] overlay: Unknown parameter 'measure'
[  157.981650][ T6773] netlink: 7 bytes leftover after parsing attributes in process `syz.2.404'.
[  157.987978][ T6773] netlink: 156 bytes leftover after parsing attributes in process `syz.2.404'.
[  158.452258][   T39] audit: type=1400 audit(1725715308.249:367): avc:  denied  { create } for  pid=6780 comm="syz.2.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  158.846121][   T39] audit: type=1400 audit(1725715308.629:368): avc:  denied  { create } for  pid=6787 comm="syz.3.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  159.054481][ T6797] openvswitch: netlink: Unknown nsh attribute 0
[  159.124627][   T39] audit: type=1400 audit(1725715308.919:369): avc:  denied  { bind } for  pid=6787 comm="syz.3.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  159.135306][   T39] audit: type=1400 audit(1725715308.919:370): avc:  denied  { ioctl } for  pid=6787 comm="syz.3.408" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  159.199353][ T6807] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.414'.
[  159.210111][ T6807] netlink: get zone limit has 8 unknown bytes
[  159.412016][   T58] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  159.540640][ T6811] futex_wake_op: syz.2.416 tries to shift op by 32; fix this program
[  159.599528][   T58] usb 8-1: unable to get BOS descriptor or descriptor too short
[  159.606166][   T58] usb 8-1: config 7 has an invalid interface number: 163 but max is 0
[  159.609055][   T58] usb 8-1: config 7 has an invalid descriptor of length 117, skipping remainder of the config
[  159.624044][   T58] usb 8-1: config 7 has no interface number 0
[  159.627155][   T58] usb 8-1: config 7 interface 163 altsetting 4 bulk endpoint 0x2 has invalid maxpacket 1023
[  159.631504][   T58] usb 8-1: config 7 interface 163 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[  159.639520][   T58] usb 8-1: config 7 interface 163 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[  159.645969][   T58] usb 8-1: config 7 interface 163 altsetting 4 has 6 endpoint descriptors, different from the interface descriptor's value: 12
[  159.653852][   T58] usb 8-1: config 7 interface 163 has no altsetting 0
[  159.660015][   T58] usb 8-1: New USB device found, idVendor=19d2, idProduct=0050, bcdDevice= 2.12
[  159.666536][   T58] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.669836][   T58] usb 8-1: Product: syz
[  159.671724][   T58] usb 8-1: Manufacturer: syz
[  159.674008][   T58] usb 8-1: SerialNumber: syz
[  159.679511][ T6802] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  159.795604][ T6818] input: syz1 as /devices/virtual/input/input7
[  159.956265][   T39] audit: type=1400 audit(1725715309.749:371): avc:  denied  { setopt } for  pid=6820 comm="syz.2.420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  161.341688][ T6842] FAULT_INJECTION: forcing a failure.
[  161.341688][ T6842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.357842][ T6842] CPU: 0 UID: 0 PID: 6842 Comm: syz.1.425 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  161.363980][ T6842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.368472][ T6842] Call Trace:
[  161.370139][ T6842]  <TASK>
[  161.371492][ T6842]  dump_stack_lvl+0x16c/0x1f0
[  161.373601][ T6842]  should_fail_ex+0x497/0x5b0
[  161.375608][ T6842]  _copy_from_user+0x30/0xf0
[  161.377423][ T6842]  cec_ioctl+0x6c4/0x2930
[  161.379007][ T6842]  ? __pfx_cec_ioctl+0x10/0x10
[  161.380867][ T6842]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  161.383399][ T6842]  ? do_vfs_ioctl+0x515/0x1ad0
[  161.385464][ T6842]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  161.387581][ T6842]  ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470
[  161.390368][ T6842]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  161.393335][ T6842]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  161.396349][ T6842]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  161.399095][ T6842]  ? selinux_file_ioctl+0x180/0x270
[  161.401486][ T6842]  ? selinux_file_ioctl+0xb4/0x270
[  161.403833][ T6842]  ? bpf_lsm_file_ioctl+0x9/0x10
[  161.406310][ T6842]  ? __pfx_cec_ioctl+0x10/0x10
[  161.408340][ T6842]  __x64_sys_ioctl+0x193/0x220
[  161.410463][ T6842]  do_syscall_64+0xcd/0x250
[  161.412606][ T6842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.415532][ T6842] RIP: 0033:0x7f38e5f7cef9
[  161.417505][ T6842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.426431][ T6842] RSP: 002b:00007f38e6e3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.430097][ T6842] RAX: ffffffffffffffda RBX: 00007f38e6136058 RCX: 00007f38e5f7cef9
[  161.433672][ T6842] RDX: 0000000020000100 RSI: 0000000040046109 RDI: 0000000000000007
[  161.437239][ T6842] RBP: 00007f38e6e3f090 R08: 0000000000000000 R09: 0000000000000000
[  161.440667][ T6842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.443825][ T6842] R13: 0000000000000000 R14: 00007f38e6136058 R15: 00007ffd15b70728
[  161.446819][ T6842]  </TASK>
[  161.579138][ T6844] FAULT_INJECTION: forcing a failure.
[  161.579138][ T6844] name failslab, interval 1, probability 0, space 0, times 0
[  161.585990][ T6844] CPU: 3 UID: 0 PID: 6844 Comm: syz.0.426 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  161.590738][ T6844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.595645][ T6844] Call Trace:
[  161.597302][ T6844]  <TASK>
[  161.598946][ T6844]  dump_stack_lvl+0x16c/0x1f0
[  161.601531][ T6844]  should_fail_ex+0x497/0x5b0
[  161.603991][ T6844]  ? fs_reclaim_acquire+0xae/0x160
[  161.606888][ T6844]  should_failslab+0xc2/0x120
[  161.609665][ T6844]  __kmalloc_noprof+0xcb/0x400
[  161.612402][ T6844]  sock_kmalloc+0x111/0x170
[  161.615213][ T6844]  af_alg_sendmsg+0x14a4/0x2a70
[  161.617885][ T6844]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  161.620878][ T6844]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  161.623491][ T6844]  ? __might_fault+0xe3/0x190
[  161.625911][ T6844]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  161.628751][ T6844]  __sys_sendto+0x47f/0x4e0
[  161.631081][ T6844]  ? __pfx___sys_sendto+0x10/0x10
[  161.633424][ T6844]  ? reacquire_held_locks+0x20b/0x4c0
[  161.636092][ T6844]  ? do_user_addr_fault+0xdc7/0x13f0
[  161.638685][ T6844]  __x64_sys_sendto+0xe0/0x1c0
[  161.641059][ T6844]  ? do_syscall_64+0x91/0x250
[  161.643714][ T6844]  ? lockdep_hardirqs_on+0x7c/0x110
[  161.646597][ T6844]  do_syscall_64+0xcd/0x250
[  161.649122][ T6844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.651858][ T6844] RIP: 0033:0x7f9df477ed8c
[  161.653874][ T6844] Code: 2a 5a 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5a 02 00 48 8b
[  161.663512][ T6844] RSP: 002b:00007f9df54e2ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  161.667453][ T6844] RAX: ffffffffffffffda RBX: 00007f9df54e2fc0 RCX: 00007f9df477ed8c
[  161.671610][ T6844] RDX: 0000000000000020 RSI: 00007f9df54e3010 RDI: 0000000000000004
[  161.675888][ T6844] RBP: 0000000000000000 R08: 00007f9df54e2f14 R09: 000000000000000c
[  161.679628][ T6844] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  161.683141][ T6844] R13: 00007f9df54e2f68 R14: 00007f9df54e3010 R15: 0000000000000000
[  161.686971][ T6844]  </TASK>
[  161.698118][ T6846] trusted_key: syz.0.426 sent an empty control message without MSG_MORE.
[  161.843842][   T58] option 8-1:7.163: GSM modem (1-port) converter detected
[  161.874477][   T58] usb 8-1: USB disconnect, device number 2
[  161.890917][   T58] option 8-1:7.163: device disconnected
[  162.081550][ T5362] Bluetooth: hci3: command tx timeout
[  162.141026][ T6857] netlink: 4 bytes leftover after parsing attributes in process `syz.3.429'.
[  162.272047][   T39] audit: type=1400 audit(1725715312.049:372): avc:  denied  { watch watch_reads } for  pid=6856 comm="syz.3.429" path="pipe:[686]" dev="pipefs" ino=686 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  163.170153][ T6868] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.430'.
[  163.191373][ T6868] netlink: get zone limit has 8 unknown bytes
[  163.559885][ T6878] 9pnet_virtio: no channels available for device syz
[  163.958464][ T6880] FAULT_INJECTION: forcing a failure.
[  163.958464][ T6880] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.967900][ T6880] CPU: 0 UID: 0 PID: 6880 Comm: syz.0.435 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  163.972385][ T6880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.976931][ T6880] Call Trace:
[  163.978365][ T6880]  <TASK>
[  163.979727][ T6880]  dump_stack_lvl+0x16c/0x1f0
[  163.981839][ T6880]  should_fail_ex+0x497/0x5b0
[  163.983940][ T6880]  _copy_to_user+0x30/0xc0
[  163.985806][ T6880]  simple_read_from_buffer+0xd0/0x160
[  163.987950][ T6880]  proc_fail_nth_read+0x19e/0x280
[  163.990021][ T6880]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.992364][ T6880]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.994543][ T6880]  vfs_read+0x1d4/0xbd0
[  163.996189][ T6880]  ? __fdget_pos+0xeb/0x180
[  163.997971][ T6880]  ? __pfx_vfs_read+0x10/0x10
[  163.999944][ T6880]  ? __pfx___mutex_lock+0x10/0x10
[  164.001993][ T6880]  ? __fget_files+0x256/0x400
[  164.004149][ T6880]  ksys_read+0x12f/0x260
[  164.005887][ T6880]  ? __pfx_ksys_read+0x10/0x10
[  164.008080][ T6880]  do_syscall_64+0xcd/0x250
[  164.009954][ T6880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.012569][ T6880] RIP: 0033:0x7f9df477b93c
[  164.014510][ T6880] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  164.022433][ T6880] RSP: 002b:00007f9df54e4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  164.025927][ T6880] RAX: ffffffffffffffda RBX: 00007f9df4935f80 RCX: 00007f9df477b93c
[  164.029072][ T6880] RDX: 000000000000000f RSI: 00007f9df54e40a0 RDI: 0000000000000005
[  164.031988][ T6880] RBP: 00007f9df54e4090 R08: 0000000000000000 R09: 0000000000000000
[  164.034937][ T6880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.037887][ T6880] R13: 0000000000000000 R14: 00007f9df4935f80 R15: 00007ffc09548fe8
[  164.041048][ T6880]  </TASK>
[  164.219840][ T6887] overlay: Unknown parameter 'measure'
[  164.309331][ T6887] netlink: 7 bytes leftover after parsing attributes in process `syz.0.437'.
[  164.313881][ T6887] netlink: 156 bytes leftover after parsing attributes in process `syz.0.437'.
[  164.357746][ T6894] input: syz1 as /devices/virtual/input/input8
[  164.408486][ T6894] FAULT_INJECTION: forcing a failure.
[  164.408486][ T6894] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.413917][ T6894] CPU: 0 UID: 0 PID: 6894 Comm: syz.3.439 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  164.418053][ T6894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.424522][ T6894] Call Trace:
[  164.426062][ T6894]  <TASK>
[  164.427130][ T6894]  dump_stack_lvl+0x16c/0x1f0
[  164.432954][ T6894]  should_fail_ex+0x497/0x5b0
[  164.435049][ T6894]  _copy_from_user+0x30/0xf0
[  164.436934][ T6894]  input_event_from_user+0x134/0x3b0
[  164.438991][ T6894]  ? __pfx_input_event_from_user+0x10/0x10
[  164.441502][ T6894]  ? __pfx___might_resched+0x10/0x10
[  164.443878][ T6894]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  164.446470][ T6894]  ? input_event+0x8e/0xa0
[  164.448542][ T6894]  uinput_write+0xbc2/0x12c0
[  164.450671][ T6894]  ? avc_policy_seqno+0x9/0x20
[  164.452791][ T6894]  ? __pfx_uinput_write+0x10/0x10
[  164.454999][ T6894]  ? bpf_lsm_file_permission+0x9/0x10
[  164.457368][ T6894]  ? security_file_permission+0x98/0xc0
[  164.459768][ T6894]  ? __pfx_uinput_write+0x10/0x10
[  164.462007][ T6894]  vfs_write+0x29a/0x1140
[  164.463795][ T6894]  ? __pfx_vfs_write+0x10/0x10
[  164.465954][ T6894]  ? __fget_files+0x256/0x400
[  164.468215][ T6894]  ? __fget_light+0x173/0x210
[  164.470278][ T6894]  ksys_write+0x1f8/0x260
[  164.471937][ T6894]  ? __pfx_ksys_write+0x10/0x10
[  164.474136][ T6894]  do_syscall_64+0xcd/0x250
[  164.476408][ T6894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.479019][ T6894] RIP: 0033:0x7f308cd7cef9
[  164.481024][ T6894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.488948][ T6894] RSP: 002b:00007f308dc11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  164.492415][ T6894] RAX: ffffffffffffffda RBX: 00007f308cf35f80 RCX: 00007f308cd7cef9
[  164.495761][ T6894] RDX: 00000000200005d8 RSI: 00000000200005c0 RDI: 0000000000000003
[  164.499179][ T6894] RBP: 00007f308dc11090 R08: 0000000000000000 R09: 0000000000000000
[  164.502630][ T6894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.506516][ T6894] R13: 0000000000000000 R14: 00007f308cf35f80 R15: 00007fff1c186f38
[  164.510033][ T6894]  </TASK>
[  164.568678][ T6899] netlink: 12 bytes leftover after parsing attributes in process `syz.3.442'.
[  164.712747][ T6905] netlink: 60 bytes leftover after parsing attributes in process `syz.3.443'.
[  164.766406][ T6905] netlink: 'syz.3.443': attribute type 10 has an invalid length.
[  164.779985][ T6905] team0: Device hsr_slave_0 failed to register rx_handler
[  164.852008][  T830] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  164.861803][   T39] audit: type=1400 audit(1725715314.649:373): avc:  denied  { bind } for  pid=6906 comm="syz.2.445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  164.874460][   T39] audit: type=1400 audit(1725715314.649:374): avc:  denied  { write } for  pid=6906 comm="syz.2.445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  165.054404][  T830] usb 6-1: Using ep0 maxpacket: 8
[  165.063132][  T830] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  165.066585][  T830] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  165.080138][  T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  165.096288][  T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  165.102303][  T830] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  165.108987][  T830] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  165.112776][  T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.355179][  T830] usb 6-1: GET_CAPABILITIES returned 0
[  165.357886][  T830] usbtmc 6-1:16.0: can't read capabilities
[  165.560521][ T6900] usbtmc 6-1:16.0: send_request_dev_dep_msg_in returned -90
[  165.585899][ T6918] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.448'.
[  165.590743][ T6918] netlink: get zone limit has 8 unknown bytes
[  165.778013][ T6900] usbtmc 6-1:16.0: stb usb_control_msg returned -32
[  165.782398][ T6923] usbtmc 6-1:16.0: send_request_dev_dep_msg_in returned -90
[  165.799039][   T56] usb 6-1: USB disconnect, device number 3
[  166.439421][ T6936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.451'.
[  167.100114][   T39] audit: type=1400 audit(1725715316.859:375): avc:  denied  { unlink } for  pid=6945 comm="syz.2.454" name="nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  167.329520][ T6956] overlay: Unknown parameter 'measure'
[  167.456510][ T6956] netlink: 7 bytes leftover after parsing attributes in process `syz.3.455'.
[  167.465995][ T6956] netlink: 156 bytes leftover after parsing attributes in process `syz.3.455'.
[  167.834996][ T6963] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.457'.
[  167.845181][ T6963] netlink: get zone limit has 8 unknown bytes
[  168.287169][   T39] audit: type=1400 audit(1725715318.079:376): avc:  denied  { create } for  pid=6969 comm="syz.3.460" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  168.885778][ T6981] netlink: 12 bytes leftover after parsing attributes in process `syz.0.462'.
[  169.918183][ T6995] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.467'.
[  169.925450][ T6995] netlink: get zone limit has 8 unknown bytes
[  170.153025][ T7006] overlay: Unknown parameter 'measure'
[  170.264572][ T7006] netlink: 7 bytes leftover after parsing attributes in process `syz.2.468'.
[  170.268696][ T7006] netlink: 156 bytes leftover after parsing attributes in process `syz.2.468'.
[  170.406534][ T7002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.469'.
[  171.292734][ T7024] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted
[  171.350859][   T39] audit: type=1400 audit(1725715321.139:377): avc:  denied  { getopt } for  pid=7022 comm="syz.2.474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  171.365192][ T7026] input: syz0 as /devices/virtual/input/input9
[  171.722978][ T7030] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.476'.
[  172.002226][ T5394] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  172.169505][   T39] audit: type=1400 audit(1725715321.959:378): avc:  denied  { getopt } for  pid=7037 comm="syz.2.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  172.200765][ T7040] bond0: entered promiscuous mode
[  172.212009][ T7040] bond_slave_0: entered promiscuous mode
[  172.214687][ T7040] bond_slave_1: entered promiscuous mode
[  172.217684][ T5394] usb 5-1: Using ep0 maxpacket: 8
[  172.227445][ T5394] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  172.230961][ T5394] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  172.236110][ T5394] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  172.240447][ T5394] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  172.246520][ T5394] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  172.253870][ T5394] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  172.268200][ T5394] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.486681][ T5394] usb 5-1: GET_CAPABILITIES returned 0
[  172.489455][ T5394] usbtmc 5-1:16.0: can't read capabilities
[  172.750673][ T7051] FAULT_INJECTION: forcing a failure.
[  172.750673][ T7051] name failslab, interval 1, probability 0, space 0, times 0
[  172.756086][ T7051] CPU: 0 UID: 0 PID: 7051 Comm: syz.0.475 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  172.761914][ T7051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  172.767008][ T7051] Call Trace:
[  172.768466][ T7051]  <TASK>
[  172.769699][ T7051]  dump_stack_lvl+0x16c/0x1f0
[  172.771725][ T7051]  should_fail_ex+0x497/0x5b0
[  172.773966][ T7051]  ? fs_reclaim_acquire+0xae/0x160
[  172.776858][ T7051]  should_failslab+0xc2/0x120
[  172.778892][ T7051]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  172.781896][ T7051]  ? alloc_empty_file+0x73/0x1e0
[  172.784011][ T7051]  ? __lock_acquire+0xbdd/0x3cb0
[  172.786133][ T7051]  alloc_empty_file+0x73/0x1e0
[  172.788298][ T7051]  path_openat+0xe0/0x2d20
[  172.790308][ T7051]  ? hlock_class+0x4e/0x130
[  172.792257][ T7051]  ? __lock_acquire+0x1620/0x3cb0
[  172.794179][ T7051]  ? __pfx_path_openat+0x10/0x10
[  172.812380][ T7051]  ? __pfx___lock_acquire+0x10/0x10
[  172.818605][ T7051]  ? find_held_lock+0x2d/0x110
[  172.820656][ T7051]  do_filp_open+0x1dc/0x430
[  172.822494][ T7051]  ? __pfx_do_filp_open+0x10/0x10
[  172.824513][ T7051]  ? find_held_lock+0x2d/0x110
[  172.826435][ T7051]  ? _raw_spin_unlock+0x28/0x50
[  172.828379][ T7051]  ? alloc_fd+0x2d7/0x6c0
[  172.830089][ T7051]  do_sys_openat2+0x17a/0x1e0
[  172.831990][ T7051]  ? __pfx_do_sys_openat2+0x10/0x10
[  172.834348][ T7051]  __x64_sys_openat+0x175/0x210
[  172.836487][ T7051]  ? __pfx___x64_sys_openat+0x10/0x10
[  172.838790][ T7051]  ? ksys_write+0x1ab/0x260
[  172.840807][ T7051]  do_syscall_64+0xcd/0x250
[  172.842805][ T7051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.845219][ T7051] RIP: 0033:0x7f9df477b890
[  172.847086][ T7051] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  172.855523][ T7051] RSP: 002b:00007f9df54c2b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  172.859044][ T7051] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f9df477b890
[  172.862040][ T7051] RDX: 0000000000000002 RSI: 00007f9df54c2c10 RDI: 00000000ffffff9c
[  172.865692][ T7051] RBP: 00007f9df54c2c10 R08: 0000000000000000 R09: 00007f9df54c2987
[  172.869273][ T7051] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  172.872763][ T7051] R13: 0000000000000001 R14: 00007f9df4936058 R15: 00007ffc09548fe8
[  172.876290][ T7051]  </TASK>
[  172.945192][ T7031] usbtmc 5-1:16.0: stb usb_control_msg returned -32
[  172.948301][ T7051] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90
[  172.954668][ T1421] usb 5-1: USB disconnect, device number 3
[  172.978401][ T7055] netlink: 12 bytes leftover after parsing attributes in process `syz.1.482'.
[  173.583075][   T39] audit: type=1400 audit(1725715323.379:379): avc:  denied  { setopt } for  pid=7057 comm="syz.1.483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  173.743595][ T7060] netlink: 8 bytes leftover after parsing attributes in process `syz.0.484'.
[  173.801104][   T39] audit: type=1400 audit(1725715323.589:380): avc:  denied  { setopt } for  pid=7067 comm="syz.3.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  173.809878][   T39] audit: type=1400 audit(1725715323.599:381): avc:  denied  { write } for  pid=7067 comm="syz.3.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  173.818584][   T39] audit: type=1400 audit(1725715323.599:382): avc:  denied  { read } for  pid=7067 comm="syz.3.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  174.296682][ T7075] overlay: Unknown parameter 'measure'
[  174.438678][ T7078] overlay: Unknown parameter 'measure'
[  174.467173][ T7075] netlink: 7 bytes leftover after parsing attributes in process `syz.1.488'.
[  174.471075][ T7075] netlink: 156 bytes leftover after parsing attributes in process `syz.1.488'.
[  174.484848][ T7078] netlink: 7 bytes leftover after parsing attributes in process `syz.0.489'.
[  174.488473][ T7078] netlink: 156 bytes leftover after parsing attributes in process `syz.0.489'.
[  175.393190][ T7082] openvswitch: netlink: Unknown nsh attribute 0
[  175.415447][ T7086] 9pnet_virtio: no channels available for device syz
[  175.540933][   T39] audit: type=1400 audit(1725715325.329:383): avc:  denied  { append } for  pid=7083 comm="syz.1.492" name="file0" dev="9p" ino=36575590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  175.551325][   T39] audit: type=1400 audit(1725715325.329:384): avc:  denied  { open } for  pid=7083 comm="syz.1.492" path="/115/file0/file0" dev="9p" ino=36575590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  175.842453][ T7094] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted
[  176.220750][ T7093] input: syz0 as /devices/virtual/input/input10
[  176.591255][ T7098] netlink: 8 bytes leftover after parsing attributes in process `syz.2.497'.
[  176.919010][   T39] audit: type=1400 audit(1725715326.709:385): avc:  denied  { ioctl } for  pid=7118 comm="syz.1.503" path="/dev/rtc0" dev="devtmpfs" ino=867 ioctlcmd=0x7014 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  176.936227][   T39] audit: type=1400 audit(1725715326.729:386): avc:  denied  { watch_mount } for  pid=7118 comm="syz.1.503" path="/119" dev="tmpfs" ino=671 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  177.379252][ T7126] 9pnet_virtio: no channels available for device syz
[  177.553533][ T7128] netlink: 'syz.0.506': attribute type 1 has an invalid length.
[  177.556828][ T7128] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.506'.
[  177.560808][ T7128] netlink: 5 bytes leftover after parsing attributes in process `syz.0.506'.
[  177.626015][ T7131] openvswitch: netlink: Unknown nsh attribute 0
[  177.996117][   T39] audit: type=1400 audit(1725715327.789:387): avc:  denied  { execute_no_trans } for  pid=7135 comm="syz.2.509" path="/136/file1" dev="tmpfs" ino=754 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  178.112831][   T39] audit: type=1400 audit(1725715327.909:388): avc:  denied  { append } for  pid=7139 comm="syz.0.510" name="001" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  179.046298][ T7158] overlay: Unknown parameter 'measure'
[  179.050664][   T39] audit: type=1400 audit(1725715328.839:389): avc:  denied  { search } for  pid=4815 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  179.073632][ T7158] fuse: Unknown parameter '€„'
[  179.089466][ T7158] netlink: 7 bytes leftover after parsing attributes in process `syz.0.515'.
[  179.093920][ T7158] netlink: 156 bytes leftover after parsing attributes in process `syz.0.515'.
[  179.648293][ T7164] openvswitch: netlink: Unknown nsh attribute 0
[  179.737623][ T7167] FAULT_INJECTION: forcing a failure.
[  179.737623][ T7167] name failslab, interval 1, probability 0, space 0, times 0
[  179.744294][ T7167] CPU: 2 UID: 0 PID: 7167 Comm: syz.0.519 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  179.748672][ T7167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  179.753522][ T7167] Call Trace:
[  179.754848][ T7167]  <TASK>
[  179.756186][ T7167]  dump_stack_lvl+0x16c/0x1f0
[  179.758055][ T7167]  should_fail_ex+0x497/0x5b0
[  179.759660][ T7167]  ? fs_reclaim_acquire+0xae/0x160
[  179.761675][ T7167]  should_failslab+0xc2/0x120
[  179.763663][ T7167]  __kmalloc_noprof+0xcb/0x400
[  179.765880][ T7167]  ? _raw_spin_unlock_irq+0x23/0x50
[  179.768189][ T7167]  usb_hcd_submit_urb+0x6b6/0x2090
[  179.770963][ T7167]  ? __slab_free+0x200/0x4d0
[  179.773467][ T7167]  ? usb_alloc_urb+0x69/0xa0
[  179.775681][ T7167]  ? __pfx_usb_hcd_submit_urb+0x10/0x10
[  179.778102][ T7167]  ? hub_resume+0xaa/0x3f0
[  179.779931][ T7167]  ? usb_resume_interface.constprop.0.isra.0+0x2c8/0x3e0
[  179.782560][ T7167]  ? usb_resume_both+0x274/0x800
[  179.785121][ T7167]  ? __rpm_callback+0xc5/0x4c0
[  179.787256][ T7167]  ? rpm_callback+0x192/0x1d0
[  179.789264][ T7167]  ? rpm_resume+0xd2c/0x1330
[  179.791422][ T7167]  ? __pm_runtime_resume+0xb6/0x170
[  179.793791][ T7167]  ? usb_autoresume_device+0x23/0xe0
[  179.796146][ T7167]  ? usbdev_ioctl+0x2b82/0x4010
[  179.798321][ T7167]  ? __x64_sys_ioctl+0x193/0x220
[  179.800493][ T7167]  ? do_syscall_64+0xcd/0x250
[  179.802456][ T7167]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.804918][ T7167]  usb_submit_urb+0x87c/0x1730
[  179.807071][ T7167]  ? __init_swait_queue_head+0xca/0x150
[  179.810180][ T7167]  usb_start_wait_urb+0x103/0x4c0
[  179.812573][ T7167]  ? __pfx_usb_start_wait_urb+0x10/0x10
[  179.814768][ T7167]  ? __asan_memset+0x23/0x50
[  179.816562][ T7167]  usb_control_msg+0x327/0x4b0
[  179.818599][ T7167]  ? __pfx_usb_control_msg+0x10/0x10
[  179.821178][ T7167]  ? select_task_rq_fair+0x4b9/0x44b0
[  179.823464][ T7167]  hub_ext_port_status+0x14e/0x670
[  179.825396][ T7167]  hub_activate+0x6e6/0x1be0
[  179.827258][ T7167]  ? __pfx_hub_activate+0x10/0x10
[  179.829428][ T7167]  ? find_held_lock+0x2d/0x110
[  179.831518][ T7167]  hub_resume+0xaa/0x3f0
[  179.833347][ T7167]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  179.835907][ T7167]  ? __pfx_hub_resume+0x10/0x10
[  179.837982][ T7167]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  179.840421][ T7167]  ? lockdep_hardirqs_on+0x7c/0x110
[  179.842620][ T7167]  usb_resume_interface.constprop.0.isra.0+0x2c8/0x3e0
[  179.845690][ T7167]  usb_resume_both+0x274/0x800
[  179.848147][ T7167]  ? __pfx_usb_resume_both+0x10/0x10
[  179.850487][ T7167]  ? __pfx_usb_runtime_resume+0x10/0x10
[  179.852903][ T7167]  __rpm_callback+0xc5/0x4c0
[  179.854848][ T7167]  ? __pfx_usb_runtime_resume+0x10/0x10
[  179.857233][ T7167]  rpm_callback+0x192/0x1d0
[  179.859162][ T7167]  ? __pfx_usb_runtime_resume+0x10/0x10
[  179.861563][ T7167]  rpm_resume+0xd2c/0x1330
[  179.863389][ T7167]  ? __pfx_rpm_resume+0x10/0x10
[  179.865437][ T7167]  ? do_raw_spin_lock+0x12d/0x2c0
[  179.867446][ T7167]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  179.869908][ T7167]  ? __pfx___mutex_lock+0x10/0x10
[  179.871942][ T7167]  __pm_runtime_resume+0xb6/0x170
[  179.874951][ T7167]  usb_autoresume_device+0x23/0xe0
[  179.877638][ T7167]  usbdev_ioctl+0x2b82/0x4010
[  179.879837][ T7167]  ? __pfx_usbdev_ioctl+0x10/0x10
[  179.882047][ T7167]  ? do_vfs_ioctl+0x515/0x1ad0
[  179.884394][ T7167]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  179.886750][ T7167]  ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470
[  179.889489][ T7167]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  179.892141][ T7167]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  179.895421][ T7167]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  179.897854][ T7167]  ? selinux_file_ioctl+0x180/0x270
[  179.900139][ T7167]  ? selinux_file_ioctl+0xb4/0x270
[  179.902554][ T7167]  ? bpf_lsm_file_ioctl+0x9/0x10
[  179.904649][ T7167]  ? __pfx_usbdev_ioctl+0x10/0x10
[  179.906577][ T7167]  __x64_sys_ioctl+0x193/0x220
[  179.908703][ T7167]  do_syscall_64+0xcd/0x250
[  179.910794][ T7167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.913800][ T7167] RIP: 0033:0x7f9df477cef9
[  179.916120][ T7167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.925004][ T7167] RSP: 002b:00007f9df54c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  179.928590][ T7167] RAX: ffffffffffffffda RBX: 00007f9df4936058 RCX: 00007f9df477cef9
[  179.932292][ T7167] RDX: 0000000000000000 RSI: 0000000000005521 RDI: 0000000000000003
[  179.935415][ T7167] RBP: 00007f9df54c3090 R08: 0000000000000000 R09: 0000000000000000
[  179.938745][ T7167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.942119][ T7167] R13: 0000000000000001 R14: 00007f9df4936058 R15: 00007ffc09548fe8
[  179.947160][ T7167]  </TASK>
[  179.964076][ T7167] hub 8-0:1.0: hub_ext_port_status failed (err = -12)
[  180.144072][ T7173] netlink: 28 bytes leftover after parsing attributes in process `syz.0.521'.
[  180.258058][   T39] audit: type=1400 audit(1725715330.049:390): avc:  denied  { map } for  pid=7175 comm="syz.3.522" path="socket:[15450]" dev="sockfs" ino=15450 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  180.266988][ T7176] Bluetooth: MGMT ver 1.23
[  180.290694][   T39] audit: type=1400 audit(1725715330.049:391): avc:  denied  { read } for  pid=7175 comm="syz.3.522" path="socket:[15450]" dev="sockfs" ino=15450 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  180.336248][   T39] audit: type=1400 audit(1725715330.059:392): avc:  denied  { write } for  pid=7175 comm="syz.3.522" path="socket:[15457]" dev="sockfs" ino=15457 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  181.594410][ T5361] Bluetooth: hci2: command 0x0406 tx timeout
[  181.602654][ T5361] Bluetooth: hci3: command 0x0406 tx timeout
[  181.602792][ T5359] Bluetooth: hci0: command 0x0406 tx timeout
[  183.112112][ T6563] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  183.340010][ T6563] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  183.358567][ T6563] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  183.373174][ T6563] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  183.388981][ T6563] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.422130][ T7209] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  183.440501][ T6563] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  183.673786][ T7209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.690386][ T7209] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.741739][   T39] audit: type=1400 audit(1725715333.529:393): avc:  denied  { connect } for  pid=7226 comm="syz.3.538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  184.227264][   T39] audit: type=1400 audit(1725715334.019:394): avc:  denied  { setattr } for  pid=7206 comm="syz.2.532" name="gid_map" dev="proc" ino=15525 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  184.761422][ T7239] mkiss: ax0: crc mode is auto.
[  184.875211][ T7240] netlink: 211388 bytes leftover after parsing attributes in process `syz.1.540'.
[  186.974197][   T25] usb 7-1: USB disconnect, device number 3
[  187.452717][   T25] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  187.628768][   T25] usb 7-1: device descriptor read/64, error -71
[  187.902372][   T25] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  188.051999][   T25] usb 7-1: device descriptor read/64, error -71
[  188.172503][   T25] usb usb7-port1: attempt power cycle
[  188.481544][   T39] audit: type=1400 audit(1725715338.269:395): avc:  denied  { map } for  pid=7262 comm="syz.0.545" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  188.583230][   T25] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  188.615508][   T25] usb 7-1: device descriptor read/8, error -71
[  188.689787][   T39] audit: type=1400 audit(1725715338.479:396): avc:  denied  { bind } for  pid=7270 comm="syz.0.547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  188.697997][   T39] audit: type=1400 audit(1725715338.489:397): avc:  denied  { getopt } for  pid=7270 comm="syz.0.547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  188.759458][   T39] audit: type=1400 audit(1725715338.549:398): avc:  denied  { mount } for  pid=7270 comm="syz.0.547" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  188.883330][   T25] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  188.912863][   T25] usb 7-1: device descriptor read/8, error -71
[  189.032593][   T25] usb usb7-port1: unable to enumerate USB device
[  190.138735][ T7276] tipc: Started in network mode
[  190.141008][ T7276] tipc: Node identity 7f000001, cluster identity 4711
[  190.144985][ T7276] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  190.149561][ T7276] netlink: 16 bytes leftover after parsing attributes in process `syz.0.557'.
[  190.255728][ T7280] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.550'.
[  190.418531][ T7283] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  190.435631][ T7283] netlink: 'syz.3.551': attribute type 4 has an invalid length.
[  191.125072][ T7291] openvswitch: netlink: Unknown nsh attribute 0
[  191.973085][   T39] audit: type=1400 audit(1725715341.759:399): avc:  denied  { ioctl } for  pid=7304 comm="syz.1.558" path="socket:[13202]" dev="sockfs" ino=13202 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  192.202714][ T7316] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.562'.
[  192.210493][ T7315] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  192.222608][ T7315] FAULT_INJECTION: forcing a failure.
[  192.222608][ T7315] name failslab, interval 1, probability 0, space 0, times 0
[  192.242097][ T7315] CPU: 2 UID: 0 PID: 7315 Comm: syz.0.563 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  192.248696][ T7315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  192.253190][ T7315] Call Trace:
[  192.254562][ T7315]  <TASK>
[  192.255803][ T7315]  dump_stack_lvl+0x16c/0x1f0
[  192.268063][ T7315]  should_fail_ex+0x497/0x5b0
[  192.270856][ T7315]  should_failslab+0xc2/0x120
[  192.273224][ T7315]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  192.275766][ T7315]  ? skb_clone+0x190/0x3f0
[  192.277902][ T7315]  skb_clone+0x190/0x3f0
[  192.280687][ T7315]  netlink_deliver_tap+0xab3/0xd90
[  192.283965][ T7315]  netlink_unicast+0x5e1/0x7f0
[  192.286608][ T7315]  ? __pfx_netlink_unicast+0x10/0x10
[  192.289758][ T7315]  netlink_sendmsg+0x8b8/0xd70
[  192.292078][ T7315]  ? __pfx_netlink_sendmsg+0x10/0x10
[  192.294608][ T7315]  ? __import_iovec+0x1fd/0x6e0
[  192.296890][ T7315]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  192.299398][ T7315]  ____sys_sendmsg+0xab5/0xc90
[  192.302020][ T7315]  ? copy_msghdr_from_user+0x10b/0x160
[  192.304617][ T7315]  ? __pfx_____sys_sendmsg+0x10/0x10
[  192.307127][ T7315]  ? find_held_lock+0x2d/0x110
[  192.309279][ T7315]  ? __pfx___lock_acquire+0x10/0x10
[  192.311657][ T7315]  ___sys_sendmsg+0x135/0x1e0
[  192.313859][ T7315]  ? __pfx____sys_sendmsg+0x10/0x10
[  192.316657][ T7315]  ? ksys_write+0x21c/0x260
[  192.318955][ T7315]  ? __fget_light+0x173/0x210
[  192.321349][ T7315]  __sys_sendmsg+0x117/0x1f0
[  192.323866][ T7315]  ? __pfx___sys_sendmsg+0x10/0x10
[  192.326701][ T7315]  ? __pfx___seccomp_filter+0x10/0x10
[  192.329564][ T7315]  ? __secure_computing+0x273/0x3f0
[  192.332298][ T7315]  do_syscall_64+0xcd/0x250
[  192.334709][ T7315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.338314][ T7315] RIP: 0033:0x7f9df477cef9
[  192.340426][ T7315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.348791][ T7315] RSP: 002b:00007f9df54e4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.352683][ T7315] RAX: ffffffffffffffda RBX: 00007f9df4935f80 RCX: 00007f9df477cef9
[  192.356201][ T7315] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005
[  192.359648][ T7315] RBP: 00007f9df54e4090 R08: 0000000000000000 R09: 0000000000000000
[  192.363096][ T7315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.367075][ T7315] R13: 0000000000000000 R14: 00007f9df4935f80 R15: 00007ffc09548fe8
[  192.370880][ T7315]  </TASK>
[  192.608639][   T39] audit: type=1400 audit(1725715342.389:400): avc:  denied  { append } for  pid=7308 comm="syz.2.560" name="nvram" dev="devtmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  192.725503][   T39] audit: type=1400 audit(1725715342.519:401): avc:  denied  { append } for  pid=7325 comm="syz.0.567" name="nvme-fabrics" dev="devtmpfs" ino=700 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  193.012600][ T7331] openvswitch: netlink: Unknown nsh attribute 0
[  193.306470][   T39] audit: type=1400 audit(1725715343.099:402): avc:  denied  { getopt } for  pid=7333 comm="syz.2.569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  193.356494][   T39] audit: type=1400 audit(1725715343.149:403): avc:  denied  { read } for  pid=7333 comm="syz.2.569" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  193.369912][   T39] audit: type=1400 audit(1725715343.149:404): avc:  denied  { open } for  pid=7333 comm="syz.2.569" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  193.558477][   T39] audit: type=1400 audit(1725715343.349:405): avc:  denied  { map } for  pid=7340 comm="syz.0.570" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  193.568670][   T39] audit: type=1400 audit(1725715343.349:406): avc:  denied  { execute } for  pid=7340 comm="syz.0.570" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  194.015969][   T39] audit: type=1400 audit(1725715343.809:407): avc:  denied  { mounton } for  pid=7344 comm="syz.1.571" path="/136/file0/file0" dev="9p" ino=36575590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  195.652784][ T7377] openvswitch: netlink: Unknown nsh attribute 0
[  196.713403][   T39] audit: type=1400 audit(1725715346.509:408): avc:  denied  { ioctl } for  pid=7396 comm="syz.2.586" path="socket:[12121]" dev="sockfs" ino=12121 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  196.746395][ T7407] overlay: Unknown parameter 'measure'
[  196.767238][ T7407] fuse: Bad value for 'fd'
[  196.779673][ T7407] netlink: 7 bytes leftover after parsing attributes in process `syz.0.589'.
[  196.785172][ T7407] netlink: 156 bytes leftover after parsing attributes in process `syz.0.589'.
[  196.904737][ T5392] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  197.102061][ T5392] usb 8-1: Using ep0 maxpacket: 32
[  197.106835][ T5392] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  197.110090][ T5392] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  197.126675][ T5392] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  197.131061][ T5392] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  197.150343][ T5392] usb 8-1: config 0 interface 0 has no altsetting 0
[  197.156082][ T5392] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  197.160191][ T5392] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  197.163870][ T5392] usb 8-1: Product: syz
[  197.165644][ T5392] usb 8-1: Manufacturer: syz
[  197.167695][ T5392] usb 8-1: SerialNumber: syz
[  197.174521][ T5392] usb 8-1: config 0 descriptor??
[  197.178940][ T5392] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  197.195417][ T5392] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  197.660236][ T5392] usb 8-1: USB disconnect, device number 3
[  197.671602][ T5392] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  197.918364][ T7424] befs: Unrecognized mount option "ß²*—å9ÃNœvš}¯¸|YÞµžð^’Œ" or missing value
[  197.922947][ T7424] befs: (nbd1): cannot parse mount options
[  198.260722][ T7431] openvswitch: netlink: Unknown nsh attribute 0
[  198.415050][ T7428] befs: Unrecognized mount option "ß" or missing value
[  198.417960][ T7428] befs: (nbd1): cannot parse mount options
[  198.783832][ T7443] overlay: Unknown parameter 'measure'
[  198.787901][ T7443] fuse: Bad value for 'fd'
[  198.792902][ T7443] netlink: 7 bytes leftover after parsing attributes in process `syz.1.599'.
[  198.796341][ T7443] netlink: 156 bytes leftover after parsing attributes in process `syz.1.599'.
[  199.380758][   T39] audit: type=1400 audit(1725715349.169:409): avc:  denied  { read write } for  pid=7448 comm="syz.1.603" name="uhid" dev="devtmpfs" ino=1113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  199.392715][   T39] audit: type=1400 audit(1725715349.169:410): avc:  denied  { open } for  pid=7448 comm="syz.1.603" path="/dev/uhid" dev="devtmpfs" ino=1113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  200.013305][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[  200.016435][ T1380] ieee802154 phy1 wpan1: encryption failed: -22
[  200.091685][   T39] audit: type=1400 audit(1725715349.879:411): avc:  denied  { write } for  pid=7458 comm="syz.0.606" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  200.109630][   T39] audit: type=1400 audit(1725715349.879:412): avc:  denied  { open } for  pid=7458 comm="syz.0.606" path="/dev/sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  200.609638][ T7467] overlay: Unknown parameter 'measure'
[  200.631506][ T7467] fuse: Bad value for 'fd'
[  200.721620][ T7467] netlink: 7 bytes leftover after parsing attributes in process `syz.2.609'.
[  200.742070][ T7467] netlink: 156 bytes leftover after parsing attributes in process `syz.2.609'.
[  201.370584][ T7478] openvswitch: netlink: Unknown nsh attribute 0
[  201.723534][ T5362] Bluetooth: hci3: unexpected event for opcode 0x0c03
[  202.182915][   T39] audit: type=1400 audit(1725715351.969:413): avc:  denied  { read } for  pid=7488 comm="syz.0.616" name="usbmon8" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  202.263759][   T39] audit: type=1400 audit(1725715351.969:414): avc:  denied  { open } for  pid=7488 comm="syz.0.616" path="/dev/usbmon8" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  202.274759][ T7489] Driver unsupported XDP return value 0 on prog  (id 175) dev N/A, expect packet loss!
[  202.302239][ T7491] vivid-000: =================  START STATUS  =================
[  202.305674][ T7491] vivid-000: Test Pattern: 75% Colorbar
[  202.308156][ T7491] vivid-000: Fill Percentage of Frame: 100
[  202.310581][ T7491] vivid-000: Horizontal Movement: No Movement
[  202.313936][ T7491] vivid-000: Vertical Movement: No Movement
[  202.316437][ T7491] vivid-000: OSD Text Mode: All
[  202.318476][ T7491] vivid-000: Show Border: false
[  202.320585][ T7491] vivid-000: Show Square: false
[  202.323506][ T7491] vivid-000: Sensor Flipped Horizontally: false
[  202.326189][ T7491] vivid-000: Sensor Flipped Vertically: false
[  202.328799][ T7491] vivid-000: Insert SAV Code in Image: false
[  202.331374][ T7491] vivid-000: Insert EAV Code in Image: false
[  202.334542][ T7491] vivid-000: Insert Video Guard Band: false
[  202.337151][ T7491] vivid-000: Reduced Framerate: false
[  202.339437][ T7491] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  202.343587][ T7491] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  202.346973][ T7491] vivid-000: Enable Capture Cropping: true
[  202.349632][ T7491] vivid-000: Enable Capture Composing: true
[  202.358016][ T7491] vivid-000: Enable Capture Scaler: true
[  202.360554][ T7491] vivid-000: Timestamp Source: End of Frame
[  202.363701][ T7491] vivid-000: Colorspace: sRGB
[  202.365909][ T7491] vivid-000: Transfer Function: Default
[  202.368386][ T7491] vivid-000: Y'CbCr Encoding: Default
[  202.370797][ T7491] vivid-000: HSV Encoding: Hue 0-179
[  202.374174][ T7491] vivid-000: Quantization: Default
[  202.376642][ T7491] vivid-000: Apply Alpha To Red Only: false
[  202.379308][ T7491] vivid-000: Standard Aspect Ratio: 4x3
[  202.381612][ T7491] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  202.385217][ T7491] vivid-000: DV Timings: 640x480p59 inactive
[  202.387484][ T7491] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  202.390287][ T7491] vivid-000: Maximum EDID Blocks: 2
[  202.393093][ T7491] vivid-000: Limited RGB Range (16-235): false
[  202.395756][ T7491] vivid-000: Rx RGB Quantization Range: Automatic
[  202.398436][ T7491] vivid-000: Power Present: 0x00000001
[  202.400759][ T7491] tpg source WxH: 320x180 (R'G'B)
[  202.403817][ T7491] tpg field: 1
[  202.405409][ T7491] tpg crop: 320x180@0x0
[  202.407134][ T7491] tpg compose: 320x180@0x0
[  202.408876][ T7491] tpg colorspace: 8
[  202.410514][ T7491] tpg transfer function: 0/0
[  202.413382][ T7491] tpg quantization: 0/0
[  202.415313][ T7491] tpg RGB range: 0/2
[  202.416983][ T7491] vivid-000: ==================  END STATUS  ==================
[  202.480068][ T7493] vivid-000: =================  START STATUS  =================
[  202.484582][ T7493] vivid-000: Test Pattern: 75% Colorbar
[  202.487224][ T7493] vivid-000: Fill Percentage of Frame: 100
[  202.489713][ T7493] vivid-000: Horizontal Movement: No Movement
[  202.494106][ T7493] vivid-000: Vertical Movement: No Movement
[  202.496792][ T7493] vivid-000: OSD Text Mode: All
[  202.498717][ T7493] vivid-000: Show Border: false
[  202.500851][ T7493] vivid-000: Show Square: false
[  202.503230][ T7493] vivid-000: Sensor Flipped Horizontally: false
[  202.505809][ T7493] vivid-000: Sensor Flipped Vertically: false
[  202.508395][ T7493] vivid-000: Insert SAV Code in Image: false
[  202.511680][ T7493] vivid-000: Insert EAV Code in Image: false
[  202.514454][ T7493] vivid-000: Insert Video Guard Band: false
[  202.516742][ T7493] vivid-000: Reduced Framerate: false
[  202.518812][ T7493] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  202.522867][ T7493] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  202.526287][ T7493] vivid-000: Enable Capture Cropping: true
[  202.528871][ T7493] vivid-000: Enable Capture Composing: true
[  202.531460][ T7493] vivid-000: Enable Capture Scaler: true
[  202.535112][ T7493] vivid-000: Timestamp Source: End of Frame
[  202.538029][ T7493] vivid-000: Colorspace: sRGB
[  202.540255][ T7493] vivid-000: Transfer Function: Default
[  202.543290][ T7493] vivid-000: Y'CbCr Encoding: Default
[  202.545808][ T7493] vivid-000: HSV Encoding: Hue 0-179
[  202.548156][ T7493] vivid-000: Quantization: Default
[  202.550385][ T7493] vivid-000: Apply Alpha To Red Only: false
[  202.555679][ T7493] vivid-000: Standard Aspect Ratio: 4x3
[  202.558268][ T7493] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  202.561475][ T7493] vivid-000: DV Timings: 640x480p59 inactive
[  202.564899][ T7493] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  202.568889][ T7493] vivid-000: Maximum EDID Blocks: 2
[  202.571736][ T7493] vivid-000: Limited RGB Range (16-235): false
[  202.575006][ T7493] vivid-000: Rx RGB Quantization Range: Automatic
[  202.578582][ T7493] vivid-000: Power Present: 0x00000001
[  202.581589][ T7493] tpg source WxH: 320x180 (R'G'B)
[  202.585002][ T7493] tpg field: 1
[  202.586687][ T7493] tpg crop: 320x180@0x0
[  202.588817][ T7493] tpg compose: 320x180@0x0
[  202.590889][ T7493] tpg colorspace: 8
[  202.598900][ T7493] tpg transfer function: 0/0
[  202.600948][ T7493] tpg quantization: 0/0
[  202.603216][ T7493] tpg RGB range: 0/2
[  202.604876][ T7493] vivid-000: ==================  END STATUS  ==================
[  202.856786][   T39] audit: type=1400 audit(1725715352.649:415): avc:  denied  { create } for  pid=7496 comm="syz.0.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  202.905772][ T7504] FAULT_INJECTION: forcing a failure.
[  202.905772][ T7504] name failslab, interval 1, probability 0, space 0, times 0
[  202.911796][ T7504] CPU: 3 UID: 0 PID: 7504 Comm: syz.2.621 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  202.916171][ T7504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  202.920575][ T7504] Call Trace:
[  202.922048][ T7504]  <TASK>
[  202.923434][ T7504]  dump_stack_lvl+0x16c/0x1f0
[  202.925338][ T7504]  should_fail_ex+0x497/0x5b0
[  202.927297][ T7504]  ? fs_reclaim_acquire+0xae/0x160
[  202.929475][ T7504]  should_failslab+0xc2/0x120
[  202.931427][ T7504]  __kmalloc_noprof+0xcb/0x400
[  202.932892][ T7504]  ? d_absolute_path+0x137/0x1b0
[  202.934739][ T7504]  tomoyo_encode2+0x100/0x3e0
[  202.936547][ T7504]  tomoyo_encode+0x29/0x50
[  202.938137][ T7504]  tomoyo_realpath_from_path+0x19d/0x720
[  202.940176][ T7504]  tomoyo_path_number_perm+0x245/0x590
[  202.942439][ T7504]  ? tomoyo_path_number_perm+0x232/0x590
[  202.944574][ T7504]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  202.947086][ T7504]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  202.949308][ T7504]  ? __fget_files+0x256/0x400
[  202.950954][ T7504]  security_file_ioctl+0x75/0xc0
[  202.953303][ T7504]  __x64_sys_ioctl+0xbb/0x220
[  202.961367][ T7504]  do_syscall_64+0xcd/0x250
[  202.963511][ T7504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.966154][ T7504] RIP: 0033:0x7faf1db7cef9
[  202.968042][ T7504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.976974][ T7504] RSP: 002b:00007faf1ea44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  202.980441][ T7504] RAX: ffffffffffffffda RBX: 00007faf1dd35f80 RCX: 00007faf1db7cef9
[  202.984129][ T7504] RDX: 0000000000000000 RSI: 0000000000005646 RDI: 0000000000000003
[  202.988463][ T7504] RBP: 00007faf1ea44090 R08: 0000000000000000 R09: 0000000000000000
[  202.992233][ T7504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.995589][ T7504] R13: 0000000000000000 R14: 00007faf1dd35f80 R15: 00007ffde079d5c8
[  202.999211][ T7504]  </TASK>
[  203.001798][    C3] vkms_vblank_simulate: vblank timer overrun
[  203.020481][ T7504] ERROR: Out of memory at tomoyo_realpath_from_path.
[  203.027655][ T7504] vivid-000: =================  START STATUS  =================
[  203.037812][ T7504] vivid-000: Test Pattern: 75% Colorbar
[  203.040633][ T7504] vivid-000: Fill Percentage of Frame: 100
[  203.052278][ T7504] vivid-000: Horizontal Movement: No Movement
[  203.054880][ T7504] vivid-000: Vertical Movement: No Movement
[  203.057393][ T7504] vivid-000: OSD Text Mode: All
[  203.059568][ T7504] vivid-000: Show Border: false
[  203.061554][ T7504] vivid-000: Show Square: false
[  203.072197][ T7504] vivid-000: Sensor Flipped Horizontally: false
[  203.075080][ T7504] vivid-000: Sensor Flipped Vertically: false
[  203.077703][ T7504] vivid-000: Insert SAV Code in Image: false
[  203.080141][ T7504] vivid-000: Insert EAV Code in Image: false
[  203.082687][ T7504] vivid-000: Insert Video Guard Band: false
[  203.084922][ T7504] vivid-000: Reduced Framerate: false
[  203.086498][ T7504] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  203.089272][ T7504] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  203.092718][ T7504] vivid-000: Enable Capture Cropping: true
[  203.095118][ T7504] vivid-000: Enable Capture Composing: true
[  203.097773][ T7504] vivid-000: Enable Capture Scaler: true
[  203.100322][ T7504] vivid-000: Timestamp Source: End of Frame
[  203.103535][ T7504] vivid-000: Colorspace: sRGB
[  203.105832][ T7504] vivid-000: Transfer Function: Default
[  203.108038][ T7504] vivid-000: Y'CbCr Encoding: Default
[  203.110573][ T7504] vivid-000: HSV Encoding: Hue 0-179
[  203.113097][ T7504] vivid-000: Quantization: Default
[  203.115350][ T7504] vivid-000: Apply Alpha To Red Only: false
[  203.117142][   T39] audit: type=1400 audit(1725715352.909:416): avc:  denied  { setopt } for  pid=7505 comm="syz.3.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  203.118717][ T7504] vivid-000: Standard Aspect Ratio: 4x3
[  203.129113][ T7504] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  203.132847][ T7504] vivid-000: DV Timings: 640x480p59 inactive
[  203.135497][ T7504] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  203.138435][ T7504] vivid-000: Maximum EDID Blocks: 2
[  203.140507][ T7504] vivid-000: Limited RGB Range (16-235): false
[  203.143514][ T7504] vivid-000: Rx RGB Quantization Range: Automatic
[  203.145934][ T7504] vivid-000: Power Present: 0x00000001
[  203.148093][ T7504] tpg source WxH: 320x180 (R'G'B)
[  203.150080][ T7504] tpg field: 1
[  203.151451][ T7504] tpg crop: 320x180@0x0
[  203.153692][ T7504] tpg compose: 320x180@0x0
[  203.155646][ T7504] tpg colorspace: 8
[  203.157262][ T7504] tpg transfer function: 0/0
[  203.159024][ T7504] tpg quantization: 0/0
[  203.160584][ T7504] tpg RGB range: 0/2
[  203.162321][ T7504] vivid-000: ==================  END STATUS  ==================
[  203.361095][ T5394] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  203.367539][ T7508] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  203.370805][ T7508] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  203.374134][ T7508] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  203.408409][ T5394] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  203.500566][   T39] audit: type=1400 audit(1725715353.289:417): avc:  denied  { read } for  pid=7505 comm="syz.3.623" name="fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  203.510354][   T39] audit: type=1400 audit(1725715353.299:418): avc:  denied  { open } for  pid=7505 comm="syz.3.623" path="/dev/fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  203.691511][ T7518] block nbd0: not configured, cannot reconfigure
[  203.791638][ T7518] netlink: 12 bytes leftover after parsing attributes in process `syz.0.627'.
[  204.346883][ T7529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.630'.
[  204.351107][ T7529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.630'.
[  204.447220][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  204.447254][   T39] audit: type=1400 audit(1725715354.239:422): avc:  denied  { getopt } for  pid=7530 comm="syz.1.632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  205.351032][ T7546] mkiss: ax0: crc mode is auto.
[  205.601577][ T7550] netlink: 8 bytes leftover after parsing attributes in process `syz.2.636'.
[  205.612940][ T7550] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  205.614531][ T7551] input: syz1 as /devices/virtual/input/input11
[  205.624265][ T7550] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  205.678001][   T39] audit: type=1400 audit(1725715355.469:423): avc:  denied  { search } for  pid=7554 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  205.711378][   T39] audit: type=1400 audit(1725715355.469:424): avc:  denied  { read } for  pid=7555 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1484 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  205.738641][   T39] audit: type=1400 audit(1725715355.469:425): avc:  denied  { open } for  pid=7555 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1484 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  205.754350][ T5362] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  205.758177][ T5362] Bluetooth: hci3: Injecting HCI hardware error event
[  205.762378][   T39] audit: type=1400 audit(1725715355.469:426): avc:  denied  { getattr } for  pid=7555 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1484 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  205.762468][   T66] Bluetooth: hci3: hardware error 0x00
[  205.772962][   T39] audit: type=1400 audit(1725715355.489:427): avc:  denied  { write } for  pid=7554 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  205.773000][   T39] audit: type=1400 audit(1725715355.509:428): avc:  denied  { add_name } for  pid=7554 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  205.773034][   T39] audit: type=1400 audit(1725715355.509:429): avc:  denied  { create } for  pid=7554 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  205.831997][   T39] audit: type=1400 audit(1725715355.509:430): avc:  denied  { write open } for  pid=7554 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.lapb5.link" dev="tmpfs" ino=4334 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  205.852230][   T39] audit: type=1400 audit(1725715355.509:431): avc:  denied  { append } for  pid=7554 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" dev="tmpfs" ino=4334 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  206.328975][ T7571] loop0: detected capacity change from 0 to 7
[  206.362193][ T7571] Dev loop0: unable to read RDB block 7
[  206.367105][ T7571]  loop0: unable to read partition table
[  206.372149][ T7571] loop0: partition table beyond EOD, truncated
[  206.375858][ T7571] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éî�±dÆä´à–) failed (rc=-5)
[  206.382333][ T7576] befs: Unrecognized mount option "ß" or missing value
[  206.385228][ T7576] befs: (nbd3): cannot parse mount options
[  206.742589][ T4833] Dev loop0: unable to read RDB block 7
[  206.744543][ T4833]  loop0: unable to read partition table
[  206.747280][ T4833] loop0: partition table beyond EOD, truncated
[  206.747837][ T7601] netlink: 8 bytes leftover after parsing attributes in process `syz.0.644'.
[  206.790372][   T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  206.798560][   T25] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  206.925522][ T5394] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  206.958877][ T5394] hid-generic 0000:0000:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  206.977768][ T4833] Dev loop0: unable to read RDB block 7
[  206.980353][ T4833]  loop0: unable to read partition table
[  206.984728][ T4833] loop0: partition table beyond EOD, truncated
[  207.099571][ T4833] Dev loop0: unable to read RDB block 7
[  207.103558][ T4833]  loop0: unable to read partition table
[  207.117326][ T4833] loop0: partition table beyond EOD, truncated
[  207.362737][ T7622] netlink: 24 bytes leftover after parsing attributes in process `syz.1.649'.
[  207.382112][ T5394] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  207.562103][ T5394] usb 5-1: Using ep0 maxpacket: 8
[  207.566434][ T5394] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 16
[  207.570803][ T5394] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  207.581936][ T5394] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  207.586467][ T5394] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.589730][ T5394] usb 5-1: Product: �
[  207.591490][ T5394] usb 5-1: Manufacturer: ꙩ㒽�톿٬�僶ㆪ螰�䄑깦쬗��⢅ྯ敠䓲㗸⦰誼촌컪쑄嶲幛覤厈￳ᬶᘆ뗢譇꺹⣳ꩬ阌麜逷�仫離놠�쉻ꉥ쬙᡻ꈛ勗
[  207.599293][ T5394] usb 5-1: SerialNumber: Ћ
[  207.772574][ T5362] Bluetooth: hci0: command 0x0406 tx timeout
[  207.782282][   T58] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  207.794155][   T58] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  207.842523][   T66] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  207.845983][ T7620] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.850176][ T7620] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.377557][ T5394] cdc_ncm 5-1:1.0: bind() failure
[  208.421638][ T7643] FAULT_INJECTION: forcing a failure.
[  208.421638][ T7643] name failslab, interval 1, probability 0, space 0, times 0
[  208.428245][ T7643] CPU: 3 UID: 0 PID: 7643 Comm: syz.2.655 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  208.433936][ T7643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.438850][ T7643] Call Trace:
[  208.440186][ T7643]  <TASK>
[  208.441206][ T7643]  dump_stack_lvl+0x16c/0x1f0
[  208.443871][ T7643]  should_fail_ex+0x497/0x5b0
[  208.445802][ T7643]  should_failslab+0xc2/0x120
[  208.447832][ T7643]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  208.449938][ T7643]  ? skb_clone+0x190/0x3f0
[  208.451881][ T7643]  skb_clone+0x190/0x3f0
[  208.453701][ T7643]  netlink_deliver_tap+0xab3/0xd90
[  208.455861][ T7643]  netlink_unicast+0x5e1/0x7f0
[  208.457680][ T7643]  ? __pfx_netlink_unicast+0x10/0x10
[  208.459756][ T7643]  netlink_sendmsg+0x8b8/0xd70
[  208.461870][ T7643]  ? __pfx_netlink_sendmsg+0x10/0x10
[  208.464190][ T7643]  ? __import_iovec+0x1fd/0x6e0
[  208.466306][ T7643]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  208.468418][ T7643]  ____sys_sendmsg+0xab5/0xc90
[  208.470480][ T7643]  ? copy_msghdr_from_user+0x10b/0x160
[  208.472795][ T7643]  ? __pfx_____sys_sendmsg+0x10/0x10
[  208.474991][ T7643]  ? find_held_lock+0x2d/0x110
[  208.476957][ T7643]  ? __pfx___lock_acquire+0x10/0x10
[  208.479141][ T7643]  ___sys_sendmsg+0x135/0x1e0
[  208.481250][ T7643]  ? __pfx____sys_sendmsg+0x10/0x10
[  208.483485][ T7643]  ? ksys_write+0x21c/0x260
[  208.485469][ T7643]  ? __fget_light+0x173/0x210
[  208.487434][ T7643]  __sys_sendmsg+0x117/0x1f0
[  208.489444][ T7643]  ? __pfx___sys_sendmsg+0x10/0x10
[  208.491864][ T7643]  do_syscall_64+0xcd/0x250
[  208.494207][ T7643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.496696][ T7643] RIP: 0033:0x7faf1db7cef9
[  208.498547][ T7643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.506507][ T7643] RSP: 002b:00007faf1ea44038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  208.509997][ T7643] RAX: ffffffffffffffda RBX: 00007faf1dd35f80 RCX: 00007faf1db7cef9
[  208.513316][ T7643] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  208.516695][ T7643] RBP: 00007faf1ea44090 R08: 0000000000000000 R09: 0000000000000000
[  208.520065][ T7643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.523310][ T7643] R13: 0000000000000000 R14: 00007faf1dd35f80 R15: 00007ffde079d5c8
[  208.526781][ T7643]  </TASK>
[  208.748989][ T5394] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  208.751728][ T5394] cdc_ncm 5-1:1.1: bind() failure
[  208.771652][ T5394] usb 5-1: USB disconnect, device number 4
[  208.787976][ T5924] udevd[5924]: failed to send result of seq 13921 to main daemon: Connection refused
[  209.841989][   T66] Bluetooth: hci2: command 0x0406 tx timeout
[  209.842043][   T58] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  209.850319][   T58] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  210.027324][ T7656] block nbd2: not configured, cannot reconfigure
[  210.117183][ T7656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.659'.
[  210.500243][ T7661] netlink: 24 bytes leftover after parsing attributes in process `syz.2.660'.
[  210.661525][ T5394] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  210.682673][ T5394] hid-generic 0000:0000:0000.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  211.072041][   T35] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  211.257628][   T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.263017][   T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.267926][   T35] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  211.275195][   T35] usb 8-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00
[  211.279832][   T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.288103][   T35] usb 8-1: config 0 descriptor??
[  211.944723][ T7683] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.666'.
[  211.954071][   T35] waltop 0003:172F:0038.0006: unknown main item tag 0xe
[  211.957345][   T35] waltop 0003:172F:0038.0006: item fetching failed at offset 4/5
[  211.966069][   T35] waltop 0003:172F:0038.0006: probe with driver waltop failed with error -22
[  212.163262][   T39] kauditd_printk_skb: 15 callbacks suppressed
[  212.163278][   T39] audit: type=1400 audit(1725715361.959:447): avc:  denied  { read } for  pid=7691 comm="syz.1.669" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  212.432055][ T5394] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  212.624691][ T5394] usb 6-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee
[  212.633762][ T5394] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.648503][ T5394] usb 6-1: config 0 descriptor??
[  212.663483][ T5394] usb 6-1: selecting invalid altsetting 1
[  212.714446][ T5394] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -22
[  212.861277][ T7692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.870254][ T7692] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.875079][ T7692] sg_write: data in/out 721423411/135 bytes for SCSI command 0x15-- guessing data in;
[  212.875079][ T7692]    program syz.1.669 not setting count and/or reply_len properly
[  212.900645][   T25] usb 6-1: USB disconnect, device number 4
[  213.899475][   T25] usb 8-1: USB disconnect, device number 4
[  215.808548][   T39] audit: type=1400 audit(1725715365.599:448): avc:  denied  { ioctl } for  pid=7747 comm="syz.2.688" path="socket:[17086]" dev="sockfs" ino=17086 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  215.827488][   T39] audit: type=1400 audit(1725715365.599:449): avc:  denied  { write } for  pid=7747 comm="syz.2.688" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  215.841750][   T39] audit: type=1400 audit(1725715365.609:450): avc:  denied  { read } for  pid=7747 comm="syz.2.688" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  215.853497][   T39] audit: type=1400 audit(1725715365.639:451): avc:  denied  { connect } for  pid=7749 comm="syz.1.692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  216.094107][   T39] audit: type=1400 audit(1725715365.879:452): avc:  denied  { map } for  pid=7765 comm="syz.1.698" path="socket:[19491]" dev="sockfs" ino=19491 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  216.163396][   T39] audit: type=1400 audit(1725715365.949:453): avc:  denied  { bind } for  pid=7769 comm="syz.1.699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  216.188303][   T39] audit: type=1400 audit(1725715365.949:454): avc:  denied  { name_bind } for  pid=7769 comm="syz.1.699" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  216.201263][   T39] audit: type=1400 audit(1725715365.949:455): avc:  denied  { node_bind } for  pid=7769 comm="syz.1.699" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  216.207267][ T7772] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  216.211777][   T39] audit: type=1400 audit(1725715365.959:456): avc:  denied  { listen } for  pid=7769 comm="syz.1.699" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  216.215756][ T7772] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  216.218248][ T7772] vhci_hcd vhci_hcd.0: Device attached
[  216.237160][ T7776] netlink: 72 bytes leftover after parsing attributes in process `syz.1.701'.
[  216.512290][   T56] usb 17-1: new high-speed USB device number 2 using vhci_hcd
[  216.772131][ T5394] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  216.788268][ T7773] vhci_hcd: connection reset by peer
[  216.795757][   T40] vhci_hcd: stop threads
[  216.798350][   T40] vhci_hcd: release socket
[  216.801613][   T40] vhci_hcd: disconnect device
[  216.979511][ T5394] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  216.984697][ T5394] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  216.990586][ T5394] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  216.995046][ T5394] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.002280][ T5394] usb 6-1: config 0 descriptor??
[  217.008767][ T5394] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  217.212343][ T5455] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  217.338406][ T7805] netlink: zone id is out of range
[  217.340933][ T7805] netlink: zone id is out of range
[  217.343763][ T7805] netlink: zone id is out of range
[  217.346106][ T7805] netlink: zone id is out of range
[  217.347929][ T7805] netlink: zone id is out of range
[  217.349483][ T7805] netlink: zone id is out of range
[  217.351438][ T7805] netlink: zone id is out of range
[  217.356336][ T7805] netlink: zone id is out of range
[  217.358453][ T7805] netlink: zone id is out of range
[  217.360418][ T7805] netlink: zone id is out of range
[  217.394877][ T5455] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  217.400749][   T39] kauditd_printk_skb: 5 callbacks suppressed
[  217.400761][   T39] audit: type=1400 audit(1725715367.189:462): avc:  denied  { create } for  pid=7806 comm="syz.2.713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  217.413673][ T5455] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  217.414114][ T7809] bridge0: port 3(bond0) entered disabled state
[  217.418814][ T5455] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  217.418839][ T5455] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  217.418883][ T5455] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  217.429400][ T7809] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.437822][ T5455] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.445054][ T5455] usb 8-1: config 0 descriptor??
[  217.944382][   T39] audit: type=1400 audit(1725715367.729:463): avc:  denied  { execute } for  pid=7785 comm="syz.1.706" name="file0" dev="ramfs" ino=17727 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  217.960224][   T39] audit: type=1400 audit(1725715367.729:464): avc:  denied  { execute_no_trans } for  pid=7785 comm="syz.1.706" path="/180/file0/file0" dev="ramfs" ino=17727 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  218.186065][ T5455] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  218.194546][ T5455] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  218.231341][ T5455] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  218.617090][   T39] audit: type=1400 audit(1725715368.409:465): avc:  denied  { shutdown } for  pid=7826 comm="syz.2.719" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  218.656663][ T7831] loop7: detected capacity change from 0 to 127
[  219.115183][ T7833] team_slave_0: entered promiscuous mode
[  219.118045][ T7833] team_slave_1: entered promiscuous mode
[  219.122243][ T7833] netlink: 'syz.2.721': attribute type 10 has an invalid length.
[  219.131818][ T7833] team_slave_0: left promiscuous mode
[  219.136899][ T7833] team_slave_1: left promiscuous mode
[  219.157900][ T7833] team_slave_0: entered promiscuous mode
[  219.160384][ T7833] team_slave_1: entered promiscuous mode
[  219.168679][ T7833] 8021q: adding VLAN 0 to HW filter on device team0
[  219.173569][ T7833] team0: entered promiscuous mode
[  219.177039][ T7833] bond0: (slave team0): Enslaving as an active interface with an up link
[  219.656146][ T5455] usb 8-1: reset high-speed USB device number 5 using dummy_hcd
[  220.241773][   T35] usb 6-1: USB disconnect, device number 5
[  220.372434][   T39] audit: type=1400 audit(1725715370.159:466): avc:  denied  { read } for  pid=7853 comm="syz.1.728" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  220.381592][   T39] audit: type=1400 audit(1725715370.159:467): avc:  denied  { open } for  pid=7853 comm="syz.1.728" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  220.462079][   T39] audit: type=1400 audit(1725715370.249:468): avc:  denied  { write } for  pid=7857 comm="syz.3.730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  220.504747][   T39] audit: type=1400 audit(1725715370.259:469): avc:  denied  { read } for  pid=7857 comm="syz.3.730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  220.662773][   T39] audit: type=1400 audit(1725715370.449:470): avc:  denied  { bind } for  pid=7866 comm="syz.3.733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  220.671181][   T39] audit: type=1400 audit(1725715370.449:471): avc:  denied  { listen } for  pid=7866 comm="syz.3.733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  221.252155][ T5392] usb 8-1: USB disconnect, device number 5
[  221.692401][   T56] vhci_hcd: vhci_device speed not set
[  222.012253][ T5392] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  222.195955][ T5392] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.200876][ T5392] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  222.206288][ T5392] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.213427][ T5392] usb 6-1: config 0 descriptor??
[  222.641710][ T5392] keytouch 0003:0926:3333.0008: fixing up Keytouch IEC report descriptor
[  222.650121][ T5392] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0926:3333.0008/input/input12
[  222.751323][ T7896] netlink: 12 bytes leftover after parsing attributes in process `syz.0.744'.
[  222.769862][ T7896] bridge_slave_1: left allmulticast mode
[  222.771796][ T7896] bridge_slave_1: left promiscuous mode
[  222.774040][ T7896] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.778967][ T7896] bridge2: port 1(bridge_slave_1) entered blocking state
[  222.781326][ T7896] bridge2: port 1(bridge_slave_1) entered disabled state
[  222.784072][ T7896] bridge_slave_1: entered allmulticast mode
[  222.787634][ T7896] bridge_slave_1: entered promiscuous mode
[  222.964625][ T5392] keytouch 0003:0926:3333.0008: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  223.061058][ T5393] usb 6-1: USB disconnect, device number 6
[  223.292064][ T5390] usb 7-1: new low-speed USB device number 8 using dummy_hcd
[  223.615604][ T5390] usb 7-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[  223.620734][ T5390] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  223.637099][ T5390] usb 7-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[  223.641775][ T5390] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  223.648974][ T5390] usb 7-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[  223.655530][ T5390] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  223.669489][ T5390] usb 7-1: string descriptor 0 read error: -22
[  223.672987][ T5390] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  223.679080][ T5390] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.827232][ T7917] netlink: 8 bytes leftover after parsing attributes in process `syz.0.752'.
[  223.871540][ T5390] adutux 7-1:168.0: interrupt endpoints not found
[  223.997805][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  223.997821][   T39] audit: type=1400 audit(1725715373.789:473): avc:  denied  { connect } for  pid=7923 comm="syz.1.755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  224.020717][   T39] audit: type=1400 audit(1725715373.799:474): avc:  denied  { bind } for  pid=7923 comm="syz.1.755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  224.122060][   T39] audit: type=1400 audit(1725715373.799:475): avc:  denied  { write } for  pid=7923 comm="syz.1.755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  224.134896][ T7924] xt_CT: No such helper "snmp_trap"
[  224.552568][   T39] audit: type=1400 audit(1725715374.329:476): avc:  denied  { getopt } for  pid=7935 comm="syz.1.757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  224.569219][   T39] audit: type=1400 audit(1725715374.329:477): avc:  denied  { write } for  pid=7935 comm="syz.1.757" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  224.884858][ T7953] ip6tnl1: entered allmulticast mode
[  225.803113][ T7964] netlink: 12 bytes leftover after parsing attributes in process `syz.3.768'.
[  225.817123][ T7964] bridge_slave_1: left allmulticast mode
[  225.819520][ T7964] bridge_slave_1: left promiscuous mode
[  225.822470][ T7964] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.830327][ T7964] bridge1: port 1(bridge_slave_1) entered blocking state
[  225.834027][ T7964] bridge1: port 1(bridge_slave_1) entered disabled state
[  225.836972][ T7964] bridge_slave_1: entered allmulticast mode
[  225.840020][ T5390] usb 7-1: USB disconnect, device number 8
[  225.842022][ T7964] bridge_slave_1: entered promiscuous mode
[  225.852685][ T7963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.892728][   T39] audit: type=1400 audit(1725715375.689:478): avc:  denied  { setopt } for  pid=7967 comm="syz.1.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  225.907875][ T7969] netlink: 8 bytes leftover after parsing attributes in process `syz.1.771'.
[  226.124956][   T39] audit: type=1400 audit(1725715375.919:479): avc:  denied  { setopt } for  pid=7985 comm="syz.1.779" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  226.362053][ T5390] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  226.544264][ T5390] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.549216][ T5390] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  226.553787][ T5390] usb 7-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  226.557884][ T5390] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.567315][ T5390] usb 7-1: config 0 descriptor??
[  226.695450][ T5392] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  226.883869][ T5392] usb 8-1: Using ep0 maxpacket: 8
[  226.887424][ T5392] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  226.890949][ T5392] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  226.895221][ T5392] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  226.899205][ T5392] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  226.903620][ T5392] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  226.908375][ T5392] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  226.912166][ T5392] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.983623][ T5390] isku 0003:1E7D:319C.0009: hidraw1: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0
[  227.126761][ T5392] usb 8-1: usb_control_msg returned -32
[  227.129012][ T5392] usbtmc 8-1:16.0: can't read capabilities
[  227.180829][ T5390] isku 0003:1E7D:319C.0009: couldn't init struct isku_device
[  227.185014][ T5390] isku 0003:1E7D:319C.0009: couldn't install keyboard
[  227.188619][ T5390] isku 0003:1E7D:319C.0009: probe with driver isku failed with error -32
[  227.193879][ T5390] usb 7-1: USB disconnect, device number 9
[  227.875698][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x4
[  227.878647][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x2
[  227.881844][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.884713][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.887631][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.890256][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.894796][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.898057][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.901362][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.904658][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.907832][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.910991][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.914188][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.917981][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.920949][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.923756][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  227.927244][ T5390] hid-generic 0000:3000000:0000.000A: hidraw1: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  228.155286][ T8013] netlink: 68 bytes leftover after parsing attributes in process `syz.2.789'.
[  228.232020][ T7990] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  228.926935][ T8033] netlink: 169 bytes leftover after parsing attributes in process `syz.0.796'.
[  229.352083][  T831] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  229.439936][ T5390] usb 8-1: USB disconnect, device number 6
[  229.473893][ T8046] netlink: 12 bytes leftover after parsing attributes in process `syz.3.802'.
[  229.521315][ T8046] netlink: 40 bytes leftover after parsing attributes in process `syz.3.802'.
[  229.526334][ T8046] 8021q: adding VLAN 0 to HW filter on device bond1
[  229.532269][  T831] usb 5-1: Using ep0 maxpacket: 32
[  229.539027][  T831] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  229.544560][  T831] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  229.552864][  T831] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  229.556589][ T8049] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  229.557869][  T831] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  229.560307][ T8049] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  229.561192][ T8049] vhci_hcd vhci_hcd.0: Device attached
[  229.565535][  T831] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.577848][  T831] usb 5-1: config 0 descriptor??
[  229.581565][ T8039] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  229.581586][ T8050] vhci_hcd: connection closed
[  229.587381][ T1110] vhci_hcd: stop threads
[  229.588388][  T831] hub 5-1:0.0: USB hub found
[  229.589436][ T1110] vhci_hcd: release socket
[  229.589476][ T1110] vhci_hcd: disconnect device
[  229.657156][ T8054] RDS: rds_bind could not find a transport for 2001::1, load rds_tcp or rds_rdma?
[  229.797415][  T831] hub 5-1:0.0: 2 ports detected
[  230.830280][ T8039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.833632][ T8039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.129989][ T1110] Bluetooth: (null): Invalid header checksum
[  231.135558][ T1110] Bluetooth: (null): Invalid header checksum
[  231.238974][ T1110] Bluetooth: (null): Invalid header checksum
[  231.353625][ T1110] Bluetooth: (null): Invalid header checksum
[  231.457155][  T831] hub 5-1:0.0: hub_ext_port_status failed (err = -71)
[  231.463410][ T1102] Bluetooth: (null): Invalid header checksum
[  232.472772][  T831] hub 5-1:0.0: set hub depth failed
[  232.475812][   T25] usb 5-1: USB disconnect, device number 5
[  233.266657][ T7859] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  233.476046][ T7859] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  233.480241][ T7859] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  233.485663][ T7859] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.497756][ T7859] usb 7-1: config 0 descriptor??
[  233.540011][ T7859] pwc: Askey VC010 type 2 USB webcam detected.
[  233.730542][ T7859] pwc: send_video_command error -71
[  233.733548][ T7859] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  233.738786][ T7859] Philips webcam 7-1:0.0: probe with driver Philips webcam failed with error -71
[  234.483230][ T7859] usb 7-1: USB disconnect, device number 10
[  234.854491][   T39] audit: type=1400 audit(1725715385.648:480): avc:  denied  { map } for  pid=8106 comm="syz.0.823" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  234.887155][ T7859] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  235.094001][ T7859] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  235.100091][ T7859] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  235.108919][ T7859] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.132415][ T7859] usb 7-1: config 0 descriptor??
[  235.169564][ T7859] pwc: Askey VC010 type 2 USB webcam detected.
[  235.847322][ T7859] pwc: recv_control_msg error -32 req 02 val 2700
[  235.853576][ T7859] pwc: recv_control_msg error -32 req 02 val 2c00
[  235.873648][ T7859] pwc: recv_control_msg error -32 req 04 val 1000
[  235.881773][ T7859] pwc: recv_control_msg error -32 req 04 val 1300
[  235.890916][ T7859] pwc: recv_control_msg error -32 req 04 val 1400
[  236.125279][   T39] audit: type=1400 audit(1725715386.908:481): avc:  denied  { name_connect } for  pid=8116 comm="syz.3.826" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  236.171426][   T39] audit: type=1400 audit(1725715386.958:482): avc:  denied  { bind } for  pid=8116 comm="syz.3.826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  236.331462][ T8130] futex_wake_op: syz.0.831 tries to shift op by 32; fix this program
[  236.491371][ T7859] pwc: recv_control_msg error -71 req 02 val 2100
[  236.497828][ T7859] pwc: recv_control_msg error -71 req 04 val 1500
[  236.500953][ T7859] pwc: recv_control_msg error -71 req 02 val 2500
[  236.504100][ T7859] pwc: recv_control_msg error -71 req 02 val 2400
[  236.507388][ T7859] pwc: recv_control_msg error -71 req 02 val 2600
[  236.510583][ T7859] pwc: recv_control_msg error -71 req 02 val 2900
[  236.514064][ T7859] pwc: recv_control_msg error -71 req 02 val 2800
[  236.519892][ T7859] pwc: recv_control_msg error -71 req 04 val 1100
[  236.522910][ T7859] pwc: recv_control_msg error -71 req 04 val 1200
[  236.529518][ T7859] pwc: Registered as video71.
[  236.533296][ T7859] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb7/7-1/input/input13
[  236.539988][ T7859] usb 7-1: USB disconnect, device number 11
[  236.563162][    T8] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  236.802123][    T8] usb 6-1: Using ep0 maxpacket: 8
[  236.815087][    T8] usb 6-1: config 0 has an invalid interface number: 224 but max is 0
[  236.818285][    T8] usb 6-1: config 0 has no interface number 0
[  236.820682][    T8] usb 6-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice= 3.0e
[  236.824361][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.835909][    T8] usb 6-1: config 0 descriptor??
[  237.045418][ T7859] usb 6-1: USB disconnect, device number 7
[  237.203921][   T39] audit: type=1400 audit(1725715387.998:483): avc:  denied  { getopt } for  pid=8142 comm="syz.3.835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  238.172100][    T8] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  238.372102][    T8] usb 7-1: Using ep0 maxpacket: 8
[  238.376986][    T8] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  238.380148][    T8] usb 7-1: config 0 has no interface number 0
[  238.383201][    T8] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  238.388177][    T8] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  238.392598][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.398577][    T8] usb 7-1: config 0 descriptor??
[  238.416472][    T8] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  238.558760][ T8192] netlink: 169 bytes leftover after parsing attributes in process `syz.0.850'.
[  238.610530][ T5392] usb 7-1: USB disconnect, device number 12
[  238.616802][ T5392] iowarrior 7-1:0.1: I/O-Warror #0 now disconnected
[  238.667953][   T39] audit: type=1400 audit(1725715389.458:484): avc:  denied  { setopt } for  pid=8195 comm="syz.0.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  238.765999][ T8200] loop5: detected capacity change from 0 to 16385
[  238.822424][ T8200] loop5: detected capacity change from 16385 to 16321
[  239.043038][ T8225] random: crng reseeded on system resumption
[  239.046554][   T39] audit: type=1400 audit(1725715389.838:485): avc:  denied  { write } for  pid=8223 comm="syz.1.862" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  240.518346][   T39] audit: type=1400 audit(1725715391.308:486): avc:  denied  { connect } for  pid=8252 comm="syz.2.872" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  240.685824][ T8258] usb usb9: usbfs: process 8258 (syz.2.872) did not claim interface 0 before use
[  240.694283][ T8258] usb usb9: selecting invalid altsetting 21783
[  241.247114][ T8267] netlink: 32 bytes leftover after parsing attributes in process `syz.0.876'.
[  241.266615][ T8267] netlink: 32 bytes leftover after parsing attributes in process `syz.0.876'.
[  241.303080][   T39] audit: type=1400 audit(1725715392.088:487): avc:  denied  { connect } for  pid=8264 comm="syz.2.875" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  243.147265][ T8312] syz.2.893[8312] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  243.147402][ T8312] syz.2.893[8312] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  243.701304][ T8329] net_ratelimit: 21 callbacks suppressed
[  243.701321][ T8329] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  244.839987][ T8356] netlink: 8 bytes leftover after parsing attributes in process `syz.1.904'.
[  245.262267][   T35] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  245.464215][   T35] usb 8-1: Using ep0 maxpacket: 8
[  245.474953][   T35] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  245.479700][   T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 15104, setting to 1024
[  245.486148][   T35] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  245.490509][   T35] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  245.500390][   T35] usb 8-1: New USB device found, idVendor=04ca, idProduct=3bfb, bcdDevice=6e.b5
[  245.504914][   T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.508550][   T35] usb 8-1: Product: syz
[  245.510451][   T35] usb 8-1: Manufacturer: syz
[  245.513209][   T35] usb 8-1: SerialNumber: syz
[  245.518216][   T35] usb 8-1: config 0 descriptor??
[  245.521317][ T8360] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  245.770995][   T35] usb 8-1: USB disconnect, device number 7
[  246.427838][   T39] audit: type=1400 audit(1725715397.218:488): avc:  denied  { ioctl } for  pid=8384 comm="syz.3.916" path="socket:[18050]" dev="sockfs" ino=18050 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  247.595163][   T39] audit: type=1400 audit(1725715398.388:489): avc:  denied  { read } for  pid=8402 comm="syz.0.923" name="loop-control" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  247.615676][   T39] audit: type=1400 audit(1725715398.388:490): avc:  denied  { open } for  pid=8402 comm="syz.0.923" path="/dev/loop-control" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  247.932016][   T39] audit: type=1400 audit(1725715398.708:491): avc:  denied  { ioctl } for  pid=8402 comm="syz.0.923" path="/dev/loop-control" dev="devtmpfs" ino=659 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  250.419764][   T39] audit: type=1326 audit(1725715401.208:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000
[  250.436156][   T39] audit: type=1326 audit(1725715401.208:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000
[  250.449168][   T39] audit: type=1326 audit(1725715401.208:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000
[  250.461373][   T39] audit: type=1326 audit(1725715401.208:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000
[  250.474374][   T39] audit: type=1326 audit(1725715401.218:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000
[  250.575191][   T39] audit: type=1326 audit(1725715401.368:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8480 comm="+}[@" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38e5f7cef9 code=0x7ffc0000
[  251.031639][ T8525] Cannot find del_set index 0 as target
[  251.044015][ T8525] netlink: 104 bytes leftover after parsing attributes in process `syz.2.971'.
[  251.247658][ T8539] netlink: 224 bytes leftover after parsing attributes in process `syz.3.977'.
[  251.357751][ T8545] netlink: 28 bytes leftover after parsing attributes in process `syz.2.979'.
[  251.905998][   T39] kauditd_printk_skb: 77 callbacks suppressed
[  251.906012][   T39] audit: type=1400 audit(1725715402.698:575): avc:  denied  { name_bind } for  pid=8553 comm="syz.1.980" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  252.074367][    C3] 
[  252.075508][    C3] ============================================
[  252.078248][    C3] WARNING: possible recursive locking detected
[  252.080977][    C3] 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 Not tainted
[  252.085731][    C3] --------------------------------------------
[  252.088837][    C3] ksoftirqd/3/34 is trying to acquire lock:
[  252.091440][    C3] ffff88804c4a21d8 (&qs->lock){-.-.}-{2:2}, at: __stack_map_get+0x2a8/0x350
[  252.095358][    C3] 
[  252.095358][    C3] but task is already holding lock:
[  252.098570][    C3] ffff888054d4d1d8 (&qs->lock){-.-.}-{2:2}, at: __stack_map_get+0x2a8/0x350
[  252.102397][    C3] 
[  252.102397][    C3] other info that might help us debug this:
[  252.105890][    C3]  Possible unsafe locking scenario:
[  252.105890][    C3] 
[  252.109148][    C3]        CPU0
[  252.110621][    C3]        ----
[  252.112118][    C3]   lock(&qs->lock);
[  252.113863][    C3]   lock(&qs->lock);
[  252.115635][    C3] 
[  252.115635][    C3]  *** DEADLOCK ***
[  252.115635][    C3] 
[  252.119048][    C3]  May be due to missing lock nesting notation
[  252.119048][    C3] 
[  252.122628][    C3] 4 locks held by ksoftirqd/3/34:
[  252.124836][    C3]  #0: ffffffff8ddb9ec0 (rcu_callback){....}-{0:0}, at: rcu_core+0x7cc/0x16b0
[  252.128751][    C3]  #1: ffffffff8ddb9fe0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0x1d1/0x5a0
[  252.132877][    C3]  #2: ffff888054d4d1d8 (&qs->lock){-.-.}-{2:2}, at: __stack_map_get+0x2a8/0x350
[  252.136887][    C3]  #3: ffffffff8ddb9fe0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590
[  252.140972][    C3] 
[  252.140972][    C3] stack backtrace:
[  252.143570][    C3] CPU: 3 UID: 0 PID: 34 Comm: ksoftirqd/3 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  252.148149][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  252.152864][    C3] Call Trace:
[  252.154356][    C3]  <TASK>
[  252.155682][    C3]  dump_stack_lvl+0x116/0x1f0
[  252.157772][    C3]  __lock_acquire+0x2167/0x3cb0
[  252.159948][    C3]  ? __pfx___lock_acquire+0x10/0x10
[  252.162263][    C3]  lock_acquire+0x1b1/0x560
[  252.164286][    C3]  ? __stack_map_get+0x2a8/0x350
[  252.166487][    C3]  ? __pfx_lock_acquire+0x10/0x10
[  252.168772][    C3]  ? lock_acquire+0x1b1/0x560
[  252.170889][    C3]  _raw_spin_lock_irqsave+0x3a/0x60
[  252.173184][    C3]  ? __stack_map_get+0x2a8/0x350
[  252.175407][    C3]  __stack_map_get+0x2a8/0x350
[  252.177543][    C3]  bpf_prog_00798911c748094f+0x42/0x46
[  252.179931][    C3]  bpf_trace_run2+0x231/0x590
[  252.181998][    C3]  ? __pfx_mark_lock+0x10/0x10
[  252.184119][    C3]  ? __pfx_bpf_trace_run2+0x10/0x10
[  252.186384][    C3]  ? mark_lock+0xb5/0xc60
[  252.188241][    C3]  ? unwind_next_frame+0x51/0x23a0
[  252.190448][    C3]  ? __orc_find+0x104/0x130
[  252.192454][    C3]  __bpf_trace_contention_end+0xca/0x110
[  252.194879][    C3]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[  252.197625][    C3]  ? hlock_class+0x4e/0x130
[  252.199636][    C3]  ? __lock_acquire+0x1620/0x3cb0
[  252.201848][    C3]  trace_contention_end.constprop.0+0xea/0x170
[  252.204547][    C3]  __pv_queued_spin_lock_slowpath+0x27e/0xc90
[  252.207251][    C3]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  252.210088][    C3]  ? lock_acquire+0x1b1/0x560
[  252.212199][    C3]  do_raw_spin_lock+0x210/0x2c0
[  252.214352][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  252.216730][    C3]  _raw_spin_lock_irqsave+0x42/0x60
[  252.219002][    C3]  ? __stack_map_get+0x2a8/0x350
[  252.221178][    C3]  __stack_map_get+0x2a8/0x350
[  252.223266][    C3]  bpf_prog_00798911c748094f+0x42/0x46
[  252.225487][    C3]  bpf_trace_run3+0x240/0x5a0
[  252.227573][    C3]  ? __pfx_bpf_trace_run3+0x10/0x10
[  252.229876][    C3]  ? rcu_core+0x828/0x16b0
[  252.231868][    C3]  ? __pfx_lock_acquire+0x10/0x10
[  252.234052][    C3]  ? rcu_core+0x828/0x16b0
[  252.236057][    C3]  __traceiter_kmem_cache_free+0x35/0x50
[  252.238547][    C3]  kmem_cache_free+0x1dd/0x3a0
[  252.240672][    C3]  ? rcu_core+0x828/0x16b0
[  252.242682][    C3]  ? rcu_core+0x826/0x16b0
[  252.244672][    C3]  rcu_core+0x828/0x16b0
[  252.246567][    C3]  ? __pfx_rcu_core+0x10/0x10
[  252.248664][    C3]  handle_softirqs+0x216/0x8f0
[  252.250790][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[  252.253121][    C3]  ? rcu_is_watching+0x12/0xc0
[  252.255265][    C3]  ? __pfx_run_ksoftirqd+0x10/0x10
[  252.257517][    C3]  ? smpboot_thread_fn+0x59d/0xa10
[  252.259777][    C3]  run_ksoftirqd+0x3a/0x60
[  252.261757][    C3]  smpboot_thread_fn+0x661/0xa10
[  252.263949][    C3]  ? __kthread_parkme+0x148/0x220
[  252.266169][    C3]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  252.268564][    C3]  kthread+0x2c1/0x3a0
[  252.270355][    C3]  ? _raw_spin_unlock_irq+0x23/0x50
[  252.272666][    C3]  ? __pfx_kthread+0x10/0x10
[  252.274726][    C3]  ret_from_fork+0x45/0x80
[  252.276730][    C3]  ? __pfx_kthread+0x10/0x10
[  252.278795][    C3]  ret_from_fork_asm+0x1a/0x30
[  252.280931][    C3]  </TASK>
[  253.432108][   T66] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  253.432188][ T5362] Bluetooth: hci4: command 0x1003 tx timeout
[  261.433668][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[  261.435863][ T1380] ieee802154 phy1 wpan1: encryption failed: -22

VM DIAGNOSIS:
13:23:22  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813c44fe RDX=ffff88801bfa4880
RSI=ffffffff813c451b RDI=0000000000000000 RBP=ffff888054d4d1c0 RSP=ffffc900009876f0
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000000
R12=0000000000000003 R13=0000000000000003 R14=ffff88806a63fc80 R15=ffffed100a9a9a38
RIP=ffffffff813c451c RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f9df4653176 CR3=0000000025574000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd15b70ac0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5fefe6a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5fefe77
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5fefe71
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5fefe85
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5feff0b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5feffe9
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff888054d4d1c0 RCX=ffffffff8b19c2d4 RDX=ffffed100a9a9a39
RSI=0000000000000004 RDI=ffff888054d4d1c0 RBP=0000000000000003 RSP=ffffc900008af560
R8 =0000000000000000 R9 =ffffed100a9a9a38 R10=ffff888054d4d1c3 R11=0000000000000000
R12=ffffed100a9a9a38 R13=0000000000000000 R14=ffff88806a73fc80 R15=0000000000000001
RIP=ffffffff81ea9880 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f9df4937a8c CR3=0000000048c96000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc09549380 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe6a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe77
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe71
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe85
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47eff0b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47effe9
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000040000 RBX=ffff88806a6467c0 RCX=ffffc90006c22000 RDX=0000000000040000
RSI=ffffffff817f9b85 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900229b7520
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed100d4c8cf9 R13=0000000000000001 R14=ffff88806a6467c8 R15=ffff88806a83ffc0
RIP=ffffffff817f9b87 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f9df54e46c0 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000052b38000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe6a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe77
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe71
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe85
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47eff0b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47effe9
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df48ff488 00007f9df48ff480 00007f9df48ff478 00007f9df48ff450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df546d100 00007f9df48ff440 00007f9df48ff458 00007f9df48ff4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df48ff498 00007f9df48ff490 00007f9df48ff488 00007f9df48ff480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85030a45 RDI=ffffffff9a5b4f60 RBP=ffffffff9a5b4f20 RSP=ffffc900008df030
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000030 R14=ffffffff850309e0 R15=0000000000000000
RIP=ffffffff85030a6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f38e6137a8c CR3=000000000db7c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000