last executing test programs:

13.491014673s ago: executing program 3 (id=1099):
r0 = socket$inet6(0xa, 0x2, 0x0) (async, rerun: 64)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) (rerun: 64)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1e}, {0x85, 0x0, 0x0, 0x15}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000080)=0x8, 0x4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg0\x00'}) (async, rerun: 64)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0xe22}, 0x1c) (async, rerun: 64)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001400add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

13.440789322s ago: executing program 3 (id=1100):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newtaction={0x14, 0x1e, 0x109, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x2b1e}, 0x4000040)

13.439517289s ago: executing program 3 (id=1101):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000240)={0x8, 0x1, 0x9})
r1 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newsa={0x15c, 0x10, 0x1, 0x0, 0x25dfdbfd, {{@in6=@private2, @in6=@empty, 0x4000, 0x0, 0x3, 0x3, 0x0, 0x20}, {@in=@broadcast, 0x0, 0x33}, @in6=@mcast2, {0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x4}, {}, {}, 0x0, 0x0, 0xa, 0x1}, [@extra_flags={0x8, 0x18, 0x9e4}, @algo_auth={0x63, 0x1, {{'sha256-ce\x00'}, 0xd8, "eb7706a9637ef7af3ed95b65d694474888f6f9c230b79f20d02bdc"}}]}, 0x15c}}, 0x20000000)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000006f80)=ANY=[@ANYBLOB="a03700002d00012826bd7000fcdbdf250400000005000b"], 0x37a0}, 0x1, 0x0, 0x0, 0x4000d}, 0x20004004)

13.356756766s ago: executing program 3 (id=1103):
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f0000000240)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x870bd2d, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x5}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x8, 0x4000000, 0x0, 0x1ff, 0x80000}}, @TCA_SAMPLE_RATE={0x8}]}, {0x4}, {0xc}, {0xc, 0x8, {0x4}}}}]}]}, 0x70}}, 0x20048000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x24, 0x2b, 0xb, 0x70bd2a, 0x0, {0x5}, [@typed={0x8, 0x3, 0x0, 0x0, @ipv4=@empty}, @nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x5b}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x20080c40)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RNDADDENTROPY(r6, 0x40045201, &(0x7f0000000000)=ANY=[])
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x1)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8], 0x90}}, 0x0)

13.090532015s ago: executing program 3 (id=1104):
rt_sigaction(0xd, &(0x7f00000000c0)={&(0x7f0000000100)="c4e189f4adfeefffffc441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000e1f563df", 0xdc000006, 0x0}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$kcm(0x10, 0x2, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_open_dev$video4linux(&(0x7f0000000080), 0xae, 0xa82)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$VT_GETSTATE(r3, 0x5603, 0x0)
r4 = dup(r2)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) (async)
ioctl$VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000340)={0x9, @vbi={0x1ff, 0x7, 0x8000, 0x0, [0xf, 0x9], [0x3ff, 0x8], 0x108}})
syz_emit_ethernet(0x4e, &(0x7f00000002c0)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @mld={0x83, 0x0, 0x0, 0xfffe, 0x0, @mcast2}}}}}}, 0x0) (async)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0) (async)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x80) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
setsockopt$MRT6_DONE(r4, 0x29, 0xc9, 0x0, 0x0)

13.087717552s ago: executing program 3 (id=1105):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x7) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='aufs\x00', 0x0, 0x0) (async)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x20020, &(0x7f0000000080)=ANY=[@ANYBLOB="ebb0ebcaa99588924947659d2785f3549f3fb7243f656037"]) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0) (async)
pipe2$watch_queue(&(0x7f0000000040), 0x80) (async)
recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x2, 0x0)

12.952187414s ago: executing program 32 (id=1105):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x7) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='aufs\x00', 0x0, 0x0) (async)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x20020, &(0x7f0000000080)=ANY=[@ANYBLOB="ebb0ebcaa99588924947659d2785f3549f3fb7243f656037"]) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0) (async)
pipe2$watch_queue(&(0x7f0000000040), 0x80) (async)
recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x2, 0x0)

4.788940152s ago: executing program 0 (id=1195):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_VDPA_GET_AS_NUM(r1, 0x8004af7a, &(0x7f0000000040))
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22)
writev(r2, &(0x7f0000000000)=[{&(0x7f00000006c0)='\t', 0x2003f}], 0x1)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000780)={0x3, 0x0, [{0x77774000, 0x46, &(0x7f0000000500)=""/70}, {0xeeee8000, 0xcd, &(0x7f0000000580)=""/205}, {0x4000, 0xef, &(0x7f0000000680)=""/239}]})
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000800), 0x58000, 0x0)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000840)=0x8000)
memfd_secret(0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/disk', 0x169a82, 0x0)
sendfile(r4, r4, 0x0, 0x30)
ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc0186419, &(0x7f00000004c0)={0x5, &(0x7f0000000080)=""/44, &(0x7f0000000440)=[{0xab2a, 0xd5, 0x4, &(0x7f00000000c0)=""/213}, {0x2800000, 0x109, 0x16, &(0x7f0000000880)=""/265}, {0x8000200, 0x5a, 0x7ee45fab, &(0x7f00000002c0)=""/90}, {0x2, 0x96, 0x2c, &(0x7f0000000340)=""/150}, {0x9b76, 0x36, 0x400009, &(0x7f0000000400)=""/54}]})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x1, 0x0, 0x3, {0x0, 0x0, 0x0, 0x0, 0xc010}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0xfff}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x8000)
syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x18f840)

2.649433284s ago: executing program 0 (id=1226):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
close(r0)
ioctl$SIOCGSKNS(r0, 0x894c, &(0x7f0000000040)={'bridge_slave_0\x00', 0x400})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x80000, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x40047451, &(0x7f0000000180))
ioctl$TUNGETVNETLE(r0, 0x40047451, &(0x7f00000002c0))
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc)
setsockopt$inet6_opts(r2, 0x29, 0x36, &(0x7f0000000000)=@dstopts={0x8, 0x2, '\x00', [@calipso={0x7, 0x10, {0x2, 0x2, 0x4, 0x38, [0x6]}}]}, 0x20)

1.660823908s ago: executing program 0 (id=1245):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000000001c001700"], 0x38}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x200, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x58}, @val={0x8, 0x3, r2}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x2000c000)

1.657633851s ago: executing program 0 (id=1247):
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x0, 'rose0\x00', {}, 0xfff})
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="d6833f06f0a705e5525dfa3b56bede73c6302a3f3b40fda011672000c1bd4ff04843a4adc4ca2fbf41868dab762f482d9b75ed3e0a8c005f1c02f438b936d4b2768b4cbb8559be6909c888333b485ea3d0fdd0f50cd9f45022a12107758ad3b527385a469a598d1dbfb452639c819188acab5eba3ab4b92bd5c15e392dc70df61610f4f282f6c3875091616a7dc94729c22c6f5fcd3619fd69e51bc258f7110dcb3f06048a736f70a80cfd225d9db67e063328bf8f54b9d9e6138bac23bed70b223f3d9482", 0xc5, 0x0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) (async)
gettid()
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x207)
ftruncate(r0, 0x2)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xb4, r1, 0x300, 0x70bd25, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xd}, {0x6, 0x11, 0x9}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xba3}, {0x6, 0x11, 0x3}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xc}, {0x6, 0x11, 0x1}}]}, 0xb4}, 0x1, 0x0, 0x0, 0x40}, 0x4c001) (async, rerun: 32)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x34, r1, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004}, 0x11) (async)
socket(0x1d, 0x5, 0x8) (async)
r3 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
finit_module(r3, &(0x7f0000000480)='/dev/net/tun\x00', 0x1) (async)
r4 = syz_open_dev$audion(&(0x7f00000004c0), 0xb20, 0x400040) (async)
r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000500), 0x400880, 0x0)
ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000540)={r5, 0x0, 0x8000, 0x4000}) (async)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x7c, 0x3, 0x8, 0x201, 0x0, 0x0, {0xb, 0x0, 0x1}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x4c, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8, 0x8, 0x1, 0x0, 0xfffff000}, @CTA_TIMEOUT_SCTP_SHUTDOWN_SENT={0x8, 0x5, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_SCTP_SHUTDOWN_SENT={0x8, 0x5, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_SCTP_COOKIE_WAIT={0x8, 0x2, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT={0x8, 0x7, 0x1, 0x0, 0x7f}, @CTA_TIMEOUT_SCTP_SHUTDOWN_RECD={0x8, 0x6, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_SCTP_CLOSED={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_SCTP_COOKIE_ECHOED={0x8, 0x3, 0x1, 0x0, 0xfffffff8}, @CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8, 0x8, 0x1, 0x0, 0x800}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x88fb}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x9100}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10000000) (async)
write$binfmt_elf64(r3, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0x30, 0x5, 0x7, 0x71, 0xffffffffffffffa9, 0x3, 0x3e, 0x7, 0x36c, 0x40, 0x39f, 0x5, 0x9, 0x38, 0x2, 0x9, 0x7, 0x1}, [{0x5, 0x9, 0x602, 0x7, 0x24, 0x2, 0x10, 0xffffffff}, {0x3, 0x0, 0x7, 0x4, 0x9, 0x3, 0x2, 0x1}], "3d7968557b036ee053f387ef71a24650f9e7039c07cdd9069ee686df694d72b1ad6dbee3c970b6e17bfdd21ac7ebccd8ea00b8c4243c4972d8aac2abda97250f460da4ad8614a65362517ecf19b77404cf0d0b", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x703)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000e00), 0x5d3082, 0x0) (async, rerun: 64)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000e80), r5) (rerun: 64)
sendmsg$IPVS_CMD_SET_SERVICE(r7, &(0x7f0000000f80)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000ec0)={0x78, r8, 0x8, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x59}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x4, 0x24}}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2b}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x1}, 0x4000) (async, rerun: 64)
ioctl$I2C_SMBUS(r5, 0x720, &(0x7f0000001000)={0x1, 0x9, 0xa0d3, &(0x7f0000000fc0)={0xd, "7a019b469783f8ae1f75b82c45184be3e19af806903c50024b474f152869f50beb"}}) (async, rerun: 64)
r9 = accept4(r4, &(0x7f0000001040)=@x25={0x9, @remote}, &(0x7f00000010c0)=0x80, 0x800)
getsockopt$IP_SET_OP_GET_BYINDEX(r9, 0x1, 0x53, &(0x7f0000001100)={0x7, 0x7, 0x1}, &(0x7f0000001140)=0x28)
r10 = syz_open_dev$loop(&(0x7f0000001180), 0xe, 0x200040)
ioctl$LOOP_SET_FD(r10, 0x4c00, r2) (async)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001200), r7)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r6, &(0x7f00000013c0)={&(0x7f00000011c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001380)={&(0x7f0000001240)={0x108, r11, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x6}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x9}, @ETHTOOL_A_LINKINFO_HEADER={0x80, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x6}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0xe}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x7}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x52}, @ETHTOOL_A_LINKINFO_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}]}]}, 0x108}, 0x1, 0x0, 0x0, 0x8001}, 0x8810) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x11, 0x14, &(0x7f00000014c0)=@raw=[@map_idx={0x18, 0x8, 0x5, 0x0, 0xe}, @call={0x85, 0x0, 0x0, 0x7c}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @tail_call, @map_val={0x18, 0x1, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x9}, @call={0x85, 0x0, 0x0, 0x63}], &(0x7f0000001580)='GPL\x00', 0x9, 0x16, &(0x7f00000015c0)=""/22, 0x40f00, 0x22, '\x00', 0x0, 0x0, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001600)={0x4, 0x0, 0x5f08a1e8, 0x6}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000001640)=[0xffffffffffffffff, r5, r4, r7, r4], &(0x7f0000001680)=[{0x0, 0x1, 0xe, 0x9}, {0x4, 0x1, 0xe, 0x7}, {0x5, 0x5, 0xc, 0x1}, {0x4, 0x4, 0x10}, {0x2, 0x3, 0xa, 0xc}, {0x4, 0x5, 0x2, 0x7}], 0x10, 0x400}, 0x94)

1.599860177s ago: executing program 0 (id=1249):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r2, 0x40085112, &(0x7f0000000040)=@l={0x92, 0x0, 0xd0, 0x18, 0x0, 0x0, 0x8000})
utimensat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x1100)
sendmsg$nl_xfrm(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)
r3 = io_uring_setup(0x5284, &(0x7f0000000440)={0x0, 0x85a0, 0x100, 0x2, 0x2d6})
r4 = syz_io_uring_setup(0x61ac, &(0x7f00000003c0)={0x0, 0x0, 0xa0, 0x4, 0xffffffff, 0x0, r3}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000180)=<r6=>0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='qgroup_update_reserve\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
syz_io_uring_submit(r5, r6, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r7, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB="1010"], 0x1010}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(r4, 0x92, 0x2, 0x9, 0x0, 0x0)

1.420062873s ago: executing program 2 (id=1254):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_io_uring_setup(0x38, &(0x7f0000000080)={0x0, 0xadde, 0x10100, 0x0, 0xfffffffd}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0xc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xc0000151, 0x1, {0xfffd}})
io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setrlimit(0x8, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(0xffffffffffffffff, 0x40045402, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000280)={{0x1, 0x1, 0x18, r3, {0x6}}, './file0\x00'})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xec44, '\x00', 0x0, 0xffffffffffffffff, 0x1000, 0x5}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000000)={'team0\x00', <r6=>0x0})
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x0, 0x9, 0x3, 0x200, r5, 0xe, '\x00', r6, r7, 0x4, 0x4, 0x2}, 0x50)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10)
r8 = socket(0x1e, 0x4, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r10, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
close(r8)

1.340613102s ago: executing program 2 (id=1255):
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000140), 0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001c000100000000000000e8ff07000000", @ANYRES32=r3, @ANYBLOB="4000a6000a000200ffffffffffff0000060005"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'nicvf0\x00', <r4=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'vcan0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r8, 0x9801, 0x1303}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast1}, @IFLA_IPTUN_LINK={0x8, 0x1, r8}]}}}]}, 0x44}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'syztnl0\x00', &(0x7f0000000200)={'ip6gre0\x00', <r9=>0x0, 0x4, 0xab, 0x8, 0x8000, 0x24, @private2={0xfc, 0x2, '\x00', 0x1}, @local, 0x7f21, 0x8, 0x6, 0x2}})
r10 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r10, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'gretap0\x00', <r11=>0x0})
sendto$packet(r10, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r11}, 0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'batadv_slave_0\x00', <r12=>0x0})
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000005c0)={&(0x7f0000000300)={0x2c0, r0, 0x2, 0x70bd28, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x1ec, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7e}}, {0x8, 0x6, r4}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xe}}, {0x8, 0x6, r5}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}]}}, {{0x8, 0x1, r11}, {0xb0, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r12}}}]}}]}, 0x2c0}, 0x1, 0x0, 0x0, 0x404c894}, 0x40000)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r13, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002680)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000380001002cbd7000ffdbdf2544385a32870ef64046af37f7b9086594725f17c215b680f1cb540281ec5ce47fcf9c95e14cb26c35e7791cce3c42fc4cd0b34a504a9d6045982e1b6d0c0c81c6f0d6030d0b0688b0eaede5541de5d33bd72ff67e351d8ce25c5f98db941dbad73988d6b2e34886e6f940c4e7695d747adf3637ef8626c1f3a82a0e37e15f10d23a29e940c87e4afe8221a4d732e3b30c859b751badca091799f3ed6e8a074b473921529c947b4131fa7920920534ece89679215f0e363e5f904e408d2a156fa3302f9c5579"], 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0xc804)

1.339047057s ago: executing program 2 (id=1257):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000050000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000005fdb2971dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359ca9daf3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae682acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da30000bce645451b851111dd98ac4d8da9317c2c082020e0b2d6340809000000000000008e053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456521cffdef93e29f10f4a11f0cfbfc0ff976b20fe"], &(0x7f0000000080)='GPL\x00', 0x0, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d)
r2 = getpgrp(0x0)
fcntl$lock(r0, 0x6, &(0x7f0000000240)={0x0, 0x1, 0x0, 0xfffffffffffffff8, r2})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYRES8, @ANYRES32, @ANYRESHEX=r0], 0x48)
r4 = socket(0xa, 0x2, 0x0)
setsockopt$inet_int(r4, 0x0, 0x18, &(0x7f0000000280)=0x1006, 0x4)
sendto$inet(r4, 0x0, 0xffe5, 0x0, &(0x7f0000000000)={0x2, 0x4e20}, 0x10)
recvmsg(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x12160)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/14], 0x22)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r3, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

1.269615104s ago: executing program 2 (id=1258):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000dc0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000fbdbdf25270000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c0053"], 0x50}, 0x1, 0x0, 0x0, 0x24040011}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
utime(&(0x7f0000000000)='./file0\x00', 0x0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, r2, 0x10, 0x70bd27, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc, 0x8f, 0x5}, {0xc, 0x90, 0x3200b8f8}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004010}, 0x40)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000380)={'ip6gre0\x00', &(0x7f00000002c0)=@ethtool_cmd={0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}})
sendmsg$DEVLINK_CMD_RATE_SET(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0x14, 0xa8, @random="857c4886e9d558070bcbc7a4dff76d3d"}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x14}, 0x4)
unlink(&(0x7f0000000240)='./file0/../file0\x00')

1.268987871s ago: executing program 2 (id=1260):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f00000003c0), &(0x7f0000000400)=0x2f)
r1 = fsopen(&(0x7f00000000c0)='hfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
getsockname$packet(r3, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14)
r5 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x4000000, 0x0, 0x41, 0x10d}, &(0x7f00000006c0)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
r8 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r8, 0xc0285700, &(0x7f0000000480)={0x0, "b500e2279c2996817bb959eb2b238deda525e1dbdeffafbf2500"})
r9 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000002c0)={0x0, 0x9, 0x8}, 0xc)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r10, 0x5606, 0x5)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000240)=[{&(0x7f0000000540)=""/224, 0xe0}], 0x1, 0x0, 0x1})
io_uring_enter(r5, 0x47b7, 0x2000, 0x0, 0x0, 0xffffffffffffff0c)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r13, 0xc008ae88, &(0x7f0000000340)=ANY=[@ANYBLOB="05000000400000e682000040"])
shutdown(r4, 0x1)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000004c0)=ANY=[@ANYRES16=r1, @ANYRES16=r10, @ANYRES16=r9], 0x60}, 0x1, 0x0, 0x0, 0x40004}, 0x40040)
r14 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r14, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
pselect6(0x40, &(0x7f0000000080)={0x80000000007, 0x3, 0x1, 0x1, 0x3fc0000000, 0x100000001, 0x8, 0x2}, &(0x7f0000000240)={0x9, 0x5, 0x9, 0x0, 0x299, 0x2, 0xffffffff80000001, 0x2c362cc3}, 0x0, 0x0, 0x0)

990.50595ms ago: executing program 4 (id=1267):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x20001)
ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x80)

989.838557ms ago: executing program 4 (id=1268):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x4, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000500)={'#! ', './file0', [], 0xa, "9af0ceb6b2890a08e650b08abd84c40f303514852d4ee8ead0fd45fb10f3837976cc1c0aa305"}, 0x31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0xf9, 0xfd, 0x0, 0x0, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x10, 0xfffffffc, 0xffffffff}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[], 0x88}, 0x1, 0x0, 0x0, 0x2000820}, 0x24040810)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x2, &(0x7f0000000040)=[{0x6, 0x4, 0x6, 0x100}, {0x4, 0xf, 0x5}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x21)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f000014f000/0x18000)=nil, &(0x7f0000005700)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r8, &(0x7f0000000280), 0x10)

730.167295ms ago: executing program 0 (id=1270):
socket(0x2, 0x80805, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0xaf4, 0x0)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x304}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "0000000400"}, 0x38)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000400), &(0x7f0000000440)=0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
r5 = syz_io_uring_setup(0x770, &(0x7f0000000240)={0x0, 0xbb54, 0xc, 0x0, 0x306}, &(0x7f00000000c0), &(0x7f00000002c0))
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r5, 0x18, &(0x7f0000000300)={0x6, r4, 0x4, {0x3ff, 0x2}, 0xb5}, 0x1)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
io_setup(0x6, &(0x7f0000000680)=<r6=>0x0)
setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, &(0x7f0000000080)='wg0\x00', 0x4)
io_submit(r6, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r4, 0x0}])
shutdown(r0, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x0)
recvmmsg(r8, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000500)=""/223, 0xdf}], 0x1}}], 0x2, 0x60, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r9=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000340)={r9, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, &(0x7f0000000040)=0x84)

729.652313ms ago: executing program 1 (id=1271):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$TIOCEXCL(r0, 0x540c) (async)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x2c00, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) (async)
ioctl$TCSBRKP(r1, 0x5425, 0x3)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000080)={0x4, 0x3, 0x7, 0x8000000, 0xe, "57c8932d689ce9e8f0c71fcc698904be3cb2ab", 0x6, 0x5})
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSRS485(r2, 0x542f, &(0x7f00000000c0)={0xfffffffa, 0x6, 0xb6b4}) (async, rerun: 64)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000100)={0x6e9b, 0x49f, 0x4, 0xd12, 0x2, "c94122dbdca72f58f471ec573b136179331da2", 0x5, 0x3}) (async, rerun: 64)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000140)={0xa, 0x4, 0xe18c, 0x0, 0x8, "4b6036eb933af6c2c4c190657006f9553329a1", 0x1ff})
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x9) (async)
r3 = accept4$phonet_pipe(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x80400)
ioctl$sock_SIOCOUTQNSD(r3, 0x894b, &(0x7f00000001c0))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000200)={0x9, 0x3, 0x7fff, 0x7, 0x9, "91b6569e71bc32dedaad1151089798bb8145ea", 0x7, 0x2})
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x2000, 0x0)
ioctl$VT_RESIZE(r4, 0x5609, &(0x7f0000000280)={0xab, 0x8, 0x6}) (async)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f00000002c0)=0xc) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x1e, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xc}, {}, {}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffff7}}, @map_fd={0x18, 0x1, 0x1, 0x0, 0x1}, @exit, @btf_id={0x18, 0x7, 0x3, 0x0, 0x2}, @map_idx={0x18, 0x3, 0x5, 0x0, 0xb}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000400)='GPL\x00', 0x9ee, 0xef, &(0x7f0000000440)=""/239, 0x41100, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0x4, 0x2, 0x401}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x11, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, [@map_idx={0x18, 0x4, 0x5, 0x0, 0x9}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x9}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @exit, @tail_call, @jmp={0x5, 0x0, 0x1, 0x0, 0x5, 0x20}, @jmp={0x5, 0x1, 0x2, 0x7, 0x4, 0xfffffffffffffffc, 0x1}]}, &(0x7f0000000740)='syzkaller\x00', 0x101, 0x61, &(0x7f0000000780)=""/97, 0x41100, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x1, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff], &(0x7f0000000880)=[{0x0, 0x3, 0x4, 0x8}, {0x5, 0x3, 0x0, 0xc}, {0x4, 0x5, 0x5}, {0x2, 0x1, 0x6, 0xc}], 0x10, 0xfffffd02}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000a80)={@ifindex, 0x1e, 0x0, 0x7, &(0x7f0000000980)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, &(0x7f00000009c0)=[0x0, 0x0, 0x0], &(0x7f0000000a00)=[0x0, 0x0], &(0x7f0000000a40)=[0x0, 0x0, 0x0, 0x0], <r7=>0x0}, 0x40) (async)
r8 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000b00)='syz0\x00', 0x200002, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e80)={0x18, 0x18, &(0x7f0000000b40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@ldst={0x2, 0x2, 0x6, 0x1, 0xb, 0x50, 0x1}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @cb_func={0x18, 0x3, 0x4, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xa}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000c00)='syzkaller\x00', 0x0, 0xc1, &(0x7f0000000c40)=""/193, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000d40)={0x3, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000d80)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000dc0)=[{0x3, 0x1, 0x4, 0x4}, {0x0, 0x1, 0x5, 0x7}, {0x2, 0x1, 0xe, 0x4}, {0x0, 0x5, 0xc, 0xf}, {0x1, 0x3, 0xe, 0x5}, {0x2, 0x5, 0xa, 0xc}, {0x1, 0x5, 0x3}, {0x0, 0x3, 0xb, 0x2}, {0x1, 0x3, 0x6, 0xb}], 0x10, 0x5e}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000ac0)={@cgroup=r8, r5, 0x9, 0x2, r6, @void, @value=r9, @void, @void, r7}, 0x20)
r10 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000f40), 0x89100, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000f80)={0xb, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x88, 0x74a5, 0x9, 0x7, 0x8000, 0x4, "c5e283be5de811bbd4f905f8b782747a7c873f367fea70040e69aab5b2536a9e4c648ce28bd0eebd316bd6eb81c23f48d4da1f736f7d4961fafb42e1263ccbd57f6bda70e7ac9aec2ce2454419174752814b2223375ab06e40c45f820f8a3d61ea47c0255b55e3d2732f03f364c4ddccf08caf9f84ddfae8429df2f8696232c7c157901079f27ead"}}, 0x1a0) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001140), 0x4c000, 0x0) (async)
readv(r10, &(0x7f0000001380)=[{&(0x7f0000001180)=""/78, 0x4e}, {&(0x7f0000001200)=""/219, 0xdb}, {&(0x7f0000001300)=""/7, 0x7}, {&(0x7f0000001340)=""/56, 0x38}], 0x4) (async, rerun: 32)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000013c0)=0x4) (async, rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001400)={@cgroup=r8, r9, 0xf, 0x8, 0x0, @void, @value, @void, @void, r7}, 0x20) (async)
write$FUSE_NOTIFY_INVAL_INODE(0xffffffffffffffff, &(0x7f0000001480)={0x28, 0x2, 0x0, {0x5, 0x9, 0x800}}, 0x28)

727.472628ms ago: executing program 1 (id=1272):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0xffffffff, 0x61, 0x11, 0x98}, [@ldst={0x4, 0x0, 0x4}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

679.401303ms ago: executing program 4 (id=1273):
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa1c0800497a823b7b6b91e922003c2565000040119078ac1e05010a010102070f0a7f00000200000001ac14141b004e224e210018905604cc2e7ae3930000012c7400000000000000"], 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002)

678.799749ms ago: executing program 1 (id=1274):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x2c}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001d00070f000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000052000600050001000000080008"], 0x2c}, 0x1, 0x0, 0x0, 0x448c0}, 0x20008000)
chdir(&(0x7f0000000300)='./file0\x00')
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00')
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000100000000000000000000e80000000000000000ff"])
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008c04"])
bind$alg(r2, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des-generic)\x00'}, 0x58)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="4dc07f947163300c", 0x8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x6000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) (async)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x2c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00'}) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001d00070f000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000052000600050001000000080008"], 0x2c}, 0x1, 0x0, 0x0, 0x448c0}, 0x20008000) (async)
chdir(&(0x7f0000000300)='./file0\x00') (async)
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00') (async)
socket$alg(0x26, 0x5, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000100000000000000000000e80000000000000000ff"]) (async)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008c04"]) (async)
bind$alg(r2, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des-generic)\x00'}, 0x58) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) (async)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="4dc07f947163300c", 0x8) (async)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x6000, 0x1) (async)

610.299195ms ago: executing program 4 (id=1275):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040), 0x0)
add_key(&(0x7f0000000080)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb)
r0 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0xe25, 0x140)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0505510, &(0x7f0000000080))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={0x0, 0xffffffffffffff8a}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r1)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001700)=ANY=[@ANYBLOB="240000000b2ee52245c3b978bbfa642311ebf8318f6f170de30fb78b73b291145420fb40d5a532a12040ee61fbf11ab7a9256fc70a12279c3a1f5509a673359e4a65981829", @ANYRES16=r2, @ANYBLOB="01002bbd7000fddbdf25070000000400018008000400ea00000004000680"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)
r3 = syz_open_dev$video4linux(&(0x7f0000000000), 0xd755, 0x80c00)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x7fff, 0x1, 0x3, 0xd59f80, 0xb488ab32, 0x7, 0x19ef, 0x3, 0x6, 0x8027ff, 0x2800, 0x101, 0xbb6, 0x9, 0x0, {0x8, 0xfffffffb}, 0xd0, 0xc}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056842bb002552d215f6", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e00000018000280140011"], 0x48}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r4, &(0x7f0000000140), 0x4924b68, 0x0)
recvmsg$inet_nvme(r4, &(0x7f0000000180)={&(0x7f00000002c0)=@can, 0x80, &(0x7f0000001580)=[{&(0x7f0000000000)=""/46, 0x2e}, {&(0x7f0000000340)=""/199, 0xc7}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/160, 0xa0}, {&(0x7f0000000080)=""/34, 0x22}, {&(0x7f0000001500)=""/75, 0x4b}], 0x6, &(0x7f0000001600)=""/231, 0xe7}, 0x40)

609.572391ms ago: executing program 4 (id=1276):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x5010c1)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000000)={0x6, 0x2, 0x80000000})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {}, {0x5, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40002) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r5=>0x0}) (rerun: 32)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)={0x1c, r4, 0x1, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000002) (async)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000cc0)={r6, 0xe0, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000013c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

540.706579ms ago: executing program 4 (id=1277):
r0 = syz_usb_connect(0x5, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, &(0x7f0000000080)={0x14, &(0x7f0000000200)={0x0, 0x2, 0xd1, {0xd1, 0xf, "a7efec86cafeeef239badd83ec244cb06eca2fc9fdbc6a1d3e16b667e0ea087507a880f301cb380f5c7b1ba97a8c7c7b4325c17f9ecc4a62c31d18532907baffe66414a05b164890bb40b6bad1440caea989c7c90cdd0cec0ca28db3ec5e8f3eb5b9dc553bda7153dfd9714d73fc8e0d67c5b989647e4c08f0e5b192197506ae2162924daf7c684ed8fe977919935c9e99c90b7d882800ba4251f46ffaee29405406762cc07e16116ca552449014cd020bcfe5c99a7ca28d995a2144789744ad2fc3f19a3d21f78958978ff44bd1ab"}}, &(0x7f0000000100)={0x0, 0x3, 0x74, @string={0x74, 0x3, "5c491e92b7ea8007ceb94ab68cafd1f6699f85abac6b1c8d48ed03f6d953c729f240df4ace0c7cddc53676fa1130803f0d482db6c4cd31cb01a5bf5e13bafecfacb5fe71d29fc3d30673588906dc881d901a942d084d975a39806ad859206eaebfcfde31e184b33eac63bf4cc110f54674ea"}}}, &(0x7f0000000480)={0x34, &(0x7f0000000180)={0x20, 0x0, 0x36, "c9ad2fc7f34ae9a6f13f799a7198dc7ad7d486e2be04bc377f2d8db808957dd85d6559bd7ac6da851794433020d6a60791d9a69eac0d"}, &(0x7f0000000300)={0x0, 0xa, 0x1, 0xf7}, &(0x7f0000000340)={0x0, 0x8, 0x1, 0x40}, &(0x7f0000000380)={0x20, 0x0, 0x5c, {0x5a, "039762060502d07ae56066cf7d58bac914c44646ef19a02a138dba501664c17da359af1c53fde3c932c85dfd70e0525c4d1d89d893c0f397cb2d01a9ed1bf24fa7f174b62ddd050c6a7b6c0ec23b8f48013296be3cc845a2fd3f"}}, &(0x7f0000000400)={0x20, 0x1, 0x1, 0x4}, &(0x7f0000000440)={0x20, 0x0, 0x1, 0x3}})
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000001c0)={0x14, &(0x7f0000000000)=ANY=[], 0x0}, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x5b02, 0x0)
syz_usb_connect(0x5, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) (async)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_usb_control_io$printer(r0, &(0x7f0000000080)={0x14, &(0x7f0000000200)={0x0, 0x2, 0xd1, {0xd1, 0xf, "a7efec86cafeeef239badd83ec244cb06eca2fc9fdbc6a1d3e16b667e0ea087507a880f301cb380f5c7b1ba97a8c7c7b4325c17f9ecc4a62c31d18532907baffe66414a05b164890bb40b6bad1440caea989c7c90cdd0cec0ca28db3ec5e8f3eb5b9dc553bda7153dfd9714d73fc8e0d67c5b989647e4c08f0e5b192197506ae2162924daf7c684ed8fe977919935c9e99c90b7d882800ba4251f46ffaee29405406762cc07e16116ca552449014cd020bcfe5c99a7ca28d995a2144789744ad2fc3f19a3d21f78958978ff44bd1ab"}}, &(0x7f0000000100)={0x0, 0x3, 0x74, @string={0x74, 0x3, "5c491e92b7ea8007ceb94ab68cafd1f6699f85abac6b1c8d48ed03f6d953c729f240df4ace0c7cddc53676fa1130803f0d482db6c4cd31cb01a5bf5e13bafecfacb5fe71d29fc3d30673588906dc881d901a942d084d975a39806ad859206eaebfcfde31e184b33eac63bf4cc110f54674ea"}}}, &(0x7f0000000480)={0x34, &(0x7f0000000180)={0x20, 0x0, 0x36, "c9ad2fc7f34ae9a6f13f799a7198dc7ad7d486e2be04bc377f2d8db808957dd85d6559bd7ac6da851794433020d6a60791d9a69eac0d"}, &(0x7f0000000300)={0x0, 0xa, 0x1, 0xf7}, &(0x7f0000000340)={0x0, 0x8, 0x1, 0x40}, &(0x7f0000000380)={0x20, 0x0, 0x5c, {0x5a, "039762060502d07ae56066cf7d58bac914c44646ef19a02a138dba501664c17da359af1c53fde3c932c85dfd70e0525c4d1d89d893c0f397cb2d01a9ed1bf24fa7f174b62ddd050c6a7b6c0ec23b8f48013296be3cc845a2fd3f"}}, &(0x7f0000000400)={0x20, 0x1, 0x1, 0x4}, &(0x7f0000000440)={0x20, 0x0, 0x1, 0x3}}) (async)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) (async)
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000001c0)={0x14, &(0x7f0000000000)=ANY=[], 0x0}, 0x0) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
ioctl$EVIOCGMASK(r1, 0x5b02, 0x0) (async)

329.772906ms ago: executing program 1 (id=1278):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1020, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) (async)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r0, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0xfdef}, {0x0}], 0x2}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0xfdef}], 0x1}}], 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x2, 0xfffffffe, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x3, 0xffe0}, {0x8, 0x7}, {0x14, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x44}, 0x40004) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket(0x1d, 0x2, 0xff) (async)
close_range(r2, r1, 0x0) (async, rerun: 64)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x4000000) (rerun: 64)

320.319012ms ago: executing program 2 (id=1279):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x90, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
lseek(r0, 0x8, 0x1)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000)
syz_clone3(&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = shmget$private(0x0, 0x11000, 0x0, &(0x7f0000fec000/0x11000)=nil)
mlockall(0x3)
shmat(r1, &(0x7f0000fed000/0x4000)=nil, 0x7000)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00')
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x20080, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
futex(&(0x7f000000cffc)=0x4, 0x1, 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000600)=[@text32={0x20, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="04000000000000009104"])
lseek(r2, 0x289e0cb5, 0x0)

159.873357ms ago: executing program 1 (id=1280):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000000c0)={0x1c, 0x1, 0x0, "6040a7190200002000000000000000ff1057e31e94000000000000000006ff00", 0x42303159})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f000000020027000000000008000a00a8"], 0x6c}}, 0x0)

0s ago: executing program 1 (id=1281):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x99f}, 0x1c)
connect$inet6(r0, &(0x7f0000000340)={0x2, 0x4e21, 0x0, @private2}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f00000003c0)={&(0x7f0000000200), 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x5c, r2, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @local}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004000}, 0x10)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000900)={0x41, 0x84, 0x3}, 0x10)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000003c0)="48884ca234cd083c2a1f5cec81c91b9547c12f4abadf96f767a95b76c144118ac35b7071638f3111825c1d0cd3b04dcdb4a437a9ec099c09c1691fc81300a10699e1a1a400000000000900"/84, 0xf000}, {0x0}], 0x60)
write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socket$kcm(0x29, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000080)={[0x8, 0x9123, 0xe, 0x875, 0x1, 0x1, 0x0, 0x7, 0x9, 0x83, 0x80000000, 0xfffffffffffffd92, 0x3, 0x9, 0xffffffff, 0x1ff], 0xf000})
ioctl$KVM_SET_CPUID2(r8, 0x4048aecb, &(0x7f00000000c0)=ANY=[])
ioctl$KVM_RUN(r8, 0xae80, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="150000001000000008"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7020000000000009100000051000000bf090000000000005509010000000000950000005a789a72bf91000000000000b7020000000000008500000005000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90)
r10 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000140)={{0x3, 0x0, 0x200}})
setsockopt$X25_QBITINCL(r10, 0x106, 0x1, &(0x7f0000000280)=0x1, 0x4)
r11 = socket$netlink(0x10, 0x3, 0x8000000004)
times(0xfffffffffffffffe)
writev(r11, &(0x7f0000000000)=[{&(0x7f0000000080)="580000001500add427323b472545b45602117fffffff81000e224e217f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71006000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

0s ago: executing program 2 (id=1282):
timerfd_create(0x0, 0x0) (async)
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
r1 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000140)={'aio_iiro_16\x00', [0x9e1, 0x40000000, 0xfffffffe, 0x100000, 0x8, 0xffffffff, 0x5, 0x20000010, 0x1002, 0xffffffff, 0x1, 0x5, 0x344, 0x1, 0x7, 0x0, 0x8, 0x3, 0x2, 0xe, 0xfe, 0x1003, 0x7, 0x80000000, 0x5, 0x1, 0xb0c4, 0x7df, 0x808, 0x400007, 0x4]})
read(r0, &(0x7f0000000240)=""/123, 0x7b) (async)
read(r0, &(0x7f0000000240)=""/123, 0x7b)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x8, 0x2, 0x3, 0x0, 0x3})

kernel console output (not intermixed with test programs):

000000000000
[  124.078594][ T8663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.078605][ T8663] R13: 0000000000000000 R14: 00007fc7b9db5fa0 R15: 00007ffea801ed58
[  124.078630][ T8663]  </TASK>
[  124.091290][   T57] usb 7-1: Using ep0 maxpacket: 8
[  124.102169][   T29] usb 6-1: USB disconnect, device number 17
[  124.162990][   T57] usb 7-1: config index 0 descriptor too short (expected 74, got 45)
[  124.163034][   T57] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  124.179849][   T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  124.183622][   T57] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  124.187079][   T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  124.190205][   T57] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  124.194460][   T57] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  124.197140][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.314983][ T8700] FAULT_INJECTION: forcing a failure.
[  124.314983][ T8700] name failslab, interval 1, probability 0, space 0, times 0
[  124.319011][ T8700] CPU: 2 UID: 0 PID: 8700 Comm: syz.1.792 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  124.319026][ T8700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  124.319033][ T8700] Call Trace:
[  124.319037][ T8700]  <TASK>
[  124.319041][ T8700]  dump_stack_lvl+0x16c/0x1f0
[  124.319061][ T8700]  should_fail_ex+0x512/0x640
[  124.319076][ T8700]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  124.319093][ T8700]  should_failslab+0xc2/0x120
[  124.319121][ T8700]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  124.319137][ T8700]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  124.319153][ T8700]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  124.319167][ T8700]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  124.319185][ T8700]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  124.319205][ T8700]  mmu_topup_memory_caches+0x25/0x170
[  124.319221][ T8700]  kvm_mmu_load+0xd9/0x22a0
[  124.319234][ T8700]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  124.319245][ T8700]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  124.319258][ T8700]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  124.319270][ T8700]  ? __pfx_kvm_mmu_load+0x10/0x10
[  124.319283][ T8700]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  124.319299][ T8700]  ? kvm_check_and_inject_events+0x71c/0x1310
[  124.319316][ T8700]  vcpu_run+0x34eb/0x5500
[  124.319328][ T8700]  ? kvm_mmu_post_init_vm+0x269/0x370
[  124.319344][ T8700]  ? __lock_acquire+0xb8a/0x1c90
[  124.319363][ T8700]  ? __pfx_vcpu_run+0x10/0x10
[  124.319378][ T8700]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  124.319392][ T8700]  ? __local_bh_enable_ip+0xa4/0x120
[  124.319408][ T8700]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  124.319422][ T8700]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  124.319439][ T8700]  kvm_vcpu_ioctl+0x5eb/0x1690
[  124.319455][ T8700]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  124.319473][ T8700]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  124.319491][ T8700]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  124.319512][ T8700]  ? hook_file_ioctl_common+0x145/0x410
[  124.319527][ T8700]  ? selinux_file_ioctl+0x180/0x270
[  124.319541][ T8700]  ? selinux_file_ioctl+0xb4/0x270
[  124.319556][ T8700]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  124.319571][ T8700]  __x64_sys_ioctl+0x18e/0x210
[  124.319584][ T8700]  do_syscall_64+0xcd/0x4c0
[  124.319601][ T8700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.319612][ T8700] RIP: 0033:0x7fc7b9b8e929
[  124.319622][ T8700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.319632][ T8700] RSP: 002b:00007fc7baa03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  124.319643][ T8700] RAX: ffffffffffffffda RBX: 00007fc7b9db6080 RCX: 00007fc7b9b8e929
[  124.319650][ T8700] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  124.319656][ T8700] RBP: 00007fc7baa03090 R08: 0000000000000000 R09: 0000000000000000
[  124.319662][ T8700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  124.319668][ T8700] R13: 0000000000000000 R14: 00007fc7b9db6080 R15: 00007ffea801ed58
[  124.319682][ T8700]  </TASK>
[  124.426580][   T57] usb 7-1: GET_CAPABILITIES returned 0
[  124.428326][   T57] usbtmc 7-1:16.0: can't read capabilities
[  124.495897][ T8705] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  124.500071][ T8705] Error validating options; rc = [-22]
[  124.818823][ T8729] netlink: 128 bytes leftover after parsing attributes in process `syz.1.801'.
[  124.853413][ T8731] xt_hashlimit: size too large, truncated to 1048576
[  125.046103][    C1] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  125.049025][    C1] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  125.051827][    C1] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  125.054764][    C1] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  125.057608][    C1] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  125.061313][ T8734] usbtmc 7-1:16.0: Unable to send data, error -71
[  125.067388][ T8734] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  125.085027][ T8734] overlay: Unknown parameter 'fsuuid'
[  125.394987][ T8741] FAULT_INJECTION: forcing a failure.
[  125.394987][ T8741] name failslab, interval 1, probability 0, space 0, times 0
[  125.399029][ T8741] CPU: 3 UID: 0 PID: 8741 Comm: syz.0.804 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  125.399049][ T8741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.399058][ T8741] Call Trace:
[  125.399065][ T8741]  <TASK>
[  125.399071][ T8741]  dump_stack_lvl+0x16c/0x1f0
[  125.399097][ T8741]  should_fail_ex+0x512/0x640
[  125.399112][ T8741]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  125.399129][ T8741]  should_failslab+0xc2/0x120
[  125.399145][ T8741]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  125.399159][ T8741]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  125.399175][ T8741]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  125.399189][ T8741]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  125.399207][ T8741]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  125.399228][ T8741]  mmu_topup_memory_caches+0x25/0x170
[  125.399243][ T8741]  kvm_mmu_load+0xd9/0x22a0
[  125.399257][ T8741]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  125.399269][ T8741]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  125.399281][ T8741]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  125.399293][ T8741]  ? __pfx_kvm_mmu_load+0x10/0x10
[  125.399305][ T8741]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  125.399322][ T8741]  ? kvm_check_and_inject_events+0x71c/0x1310
[  125.399339][ T8741]  vcpu_run+0x34eb/0x5500
[  125.399350][ T8741]  ? kvm_mmu_post_init_vm+0x269/0x370
[  125.399367][ T8741]  ? __lock_acquire+0xb8a/0x1c90
[  125.399381][ T8741]  ? __pfx_vcpu_run+0x10/0x10
[  125.399398][ T8741]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  125.399412][ T8741]  ? __local_bh_enable_ip+0xa4/0x120
[  125.399429][ T8741]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  125.399442][ T8741]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  125.399460][ T8741]  kvm_vcpu_ioctl+0x5eb/0x1690
[  125.399476][ T8741]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  125.399494][ T8741]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  125.399511][ T8741]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  125.399532][ T8741]  ? hook_file_ioctl_common+0x145/0x410
[  125.399547][ T8741]  ? selinux_file_ioctl+0x180/0x270
[  125.399561][ T8741]  ? selinux_file_ioctl+0xb4/0x270
[  125.399577][ T8741]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  125.399592][ T8741]  __x64_sys_ioctl+0x18e/0x210
[  125.399605][ T8741]  do_syscall_64+0xcd/0x4c0
[  125.399622][ T8741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.399634][ T8741] RIP: 0033:0x7f8bd198e929
[  125.399643][ T8741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.399658][ T8741] RSP: 002b:00007f8bd274e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  125.399669][ T8741] RAX: ffffffffffffffda RBX: 00007f8bd1bb5fa0 RCX: 00007f8bd198e929
[  125.399676][ T8741] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  125.399682][ T8741] RBP: 00007f8bd274e090 R08: 0000000000000000 R09: 0000000000000000
[  125.399688][ T8741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  125.399694][ T8741] R13: 0000000000000000 R14: 00007f8bd1bb5fa0 R15: 00007ffc7623e4e8
[  125.399708][ T8741]  </TASK>
[  125.498862][    C3] vkms_vblank_simulate: vblank timer overrun
[  125.795098][ T8759] netlink: 24 bytes leftover after parsing attributes in process `syz.3.810'.
[  125.900072][ T8768] FAULT_INJECTION: forcing a failure.
[  125.900072][ T8768] name failslab, interval 1, probability 0, space 0, times 0
[  125.904618][ T8768] CPU: 2 UID: 0 PID: 8768 Comm: syz.1.813 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  125.904634][ T8768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.904641][ T8768] Call Trace:
[  125.904645][ T8768]  <TASK>
[  125.904650][ T8768]  dump_stack_lvl+0x16c/0x1f0
[  125.904669][ T8768]  should_fail_ex+0x512/0x640
[  125.904685][ T8768]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  125.904701][ T8768]  should_failslab+0xc2/0x120
[  125.904718][ T8768]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  125.904731][ T8768]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  125.904747][ T8768]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  125.904762][ T8768]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  125.904780][ T8768]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  125.904800][ T8768]  mmu_topup_memory_caches+0x25/0x170
[  125.904815][ T8768]  kvm_mmu_load+0xd9/0x22a0
[  125.904828][ T8768]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  125.904840][ T8768]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  125.904852][ T8768]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  125.904864][ T8768]  ? __pfx_kvm_mmu_load+0x10/0x10
[  125.904877][ T8768]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  125.904894][ T8768]  ? kvm_check_and_inject_events+0x71c/0x1310
[  125.904910][ T8768]  vcpu_run+0x34eb/0x5500
[  125.904922][ T8768]  ? kvm_mmu_post_init_vm+0x269/0x370
[  125.904938][ T8768]  ? __lock_acquire+0xb8a/0x1c90
[  125.904953][ T8768]  ? __pfx_vcpu_run+0x10/0x10
[  125.904968][ T8768]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  125.904981][ T8768]  ? __local_bh_enable_ip+0xa4/0x120
[  125.904998][ T8768]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  125.905012][ T8768]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  125.905029][ T8768]  kvm_vcpu_ioctl+0x5eb/0x1690
[  125.905045][ T8768]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  125.905063][ T8768]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  125.905081][ T8768]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  125.905101][ T8768]  ? hook_file_ioctl_common+0x145/0x410
[  125.905116][ T8768]  ? selinux_file_ioctl+0x180/0x270
[  125.905130][ T8768]  ? selinux_file_ioctl+0xb4/0x270
[  125.905146][ T8768]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  125.905160][ T8768]  __x64_sys_ioctl+0x18e/0x210
[  125.905175][ T8768]  do_syscall_64+0xcd/0x4c0
[  125.905205][ T8768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.905216][ T8768] RIP: 0033:0x7fc7b9b8e929
[  125.905225][ T8768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.905236][ T8768] RSP: 002b:00007fc7baa24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  125.905246][ T8768] RAX: ffffffffffffffda RBX: 00007fc7b9db5fa0 RCX: 00007fc7b9b8e929
[  125.905253][ T8768] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  125.905259][ T8768] RBP: 00007fc7baa24090 R08: 0000000000000000 R09: 0000000000000000
[  125.905265][ T8768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  125.905272][ T8768] R13: 0000000000000000 R14: 00007fc7b9db5fa0 R15: 00007ffea801ed58
[  125.905285][ T8768]  </TASK>
[  126.092929][ T8779] QAT: failed to copy from user cfg_data.
[  126.094972][ T8780] QAT: failed to copy from user cfg_data.
[  126.144381][ T8785] netlink: 4 bytes leftover after parsing attributes in process `syz.1.818'.
[  126.156297][ T8785] netlink: 12 bytes leftover after parsing attributes in process `syz.1.818'.
[  126.235161][ T8791] GUP no longer grows the stack in syz.3.820 (8791): 200000004000-20000000a000 (200000002000)
[  126.238648][ T8791] CPU: 3 UID: 0 PID: 8791 Comm: syz.3.820 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  126.238663][ T8791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.238670][ T8791] Call Trace:
[  126.238674][ T8791]  <TASK>
[  126.238678][ T8791]  dump_stack_lvl+0x16c/0x1f0
[  126.238697][ T8791]  gup_vma_lookup+0x1d2/0x220
[  126.238716][ T8791]  __get_user_pages+0x271/0x3b80
[  126.238732][ T8791]  ? __pfx___get_user_pages+0x10/0x10
[  126.238748][ T8791]  get_user_pages_remote+0x258/0xb20
[  126.238760][ T8791]  ? __pfx_mtree_load+0x10/0x10
[  126.238776][ T8791]  ? __pfx_get_user_pages_remote+0x10/0x10
[  126.238792][ T8791]  __access_remote_vm+0x246/0x810
[  126.238810][ T8791]  ? do_raw_spin_lock+0x12c/0x2b0
[  126.238823][ T8791]  ? __pfx___access_remote_vm+0x10/0x10
[  126.238843][ T8791]  proc_pid_cmdline_read+0x4de/0x900
[  126.238859][ T8791]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  126.238874][ T8791]  ? rw_verify_area+0xcf/0x680
[  126.238888][ T8791]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  126.238901][ T8791]  vfs_readv+0x5be/0x8b0
[  126.238917][ T8791]  ? __pfx_vfs_readv+0x10/0x10
[  126.238930][ T8791]  ? kmem_cache_free+0x2d1/0x4d0
[  126.238952][ T8791]  ? __fget_files+0x20e/0x3c0
[  126.238971][ T8791]  ? do_preadv+0x1a6/0x270
[  126.238982][ T8791]  do_preadv+0x1a6/0x270
[  126.238995][ T8791]  ? __pfx_do_preadv+0x10/0x10
[  126.239012][ T8791]  do_syscall_64+0xcd/0x4c0
[  126.239029][ T8791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.239040][ T8791] RIP: 0033:0x7fcb6598e929
[  126.239049][ T8791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.239059][ T8791] RSP: 002b:00007fcb66734038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  126.239070][ T8791] RAX: ffffffffffffffda RBX: 00007fcb65bb5fa0 RCX: 00007fcb6598e929
[  126.239077][ T8791] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000007
[  126.239083][ T8791] RBP: 00007fcb65a10b39 R08: 0000000000000000 R09: 0000000000000000
[  126.239089][ T8791] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  126.239095][ T8791] R13: 0000000000000000 R14: 00007fcb65bb5fa0 R15: 00007ffd78293f68
[  126.239109][ T8791]  </TASK>
[  126.240609][ T8791] dlm: no local IP address has been set
[  126.345196][ T8791] dlm: cannot start dlm midcomms -107
[  126.725000][   T54] usb 7-1: USB disconnect, device number 18
[  126.930869][ T8799] xt_hashlimit: invalid interval
[  127.009545][ T8803] FAULT_INJECTION: forcing a failure.
[  127.009545][ T8803] name failslab, interval 1, probability 0, space 0, times 0
[  127.014884][ T8803] CPU: 1 UID: 0 PID: 8803 Comm: syz.0.824 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  127.014908][ T8803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  127.014919][ T8803] Call Trace:
[  127.014925][ T8803]  <TASK>
[  127.014932][ T8803]  dump_stack_lvl+0x16c/0x1f0
[  127.014962][ T8803]  should_fail_ex+0x512/0x640
[  127.014991][ T8803]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  127.015017][ T8803]  should_failslab+0xc2/0x120
[  127.015042][ T8803]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  127.015064][ T8803]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  127.015090][ T8803]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  127.015112][ T8803]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  127.015140][ T8803]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  127.015171][ T8803]  mmu_topup_memory_caches+0x25/0x170
[  127.015197][ T8803]  kvm_mmu_load+0xd9/0x22a0
[  127.015221][ T8803]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  127.015239][ T8803]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  127.015260][ T8803]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  127.015282][ T8803]  ? __pfx_kvm_mmu_load+0x10/0x10
[  127.015303][ T8803]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  127.015330][ T8803]  ? kvm_check_and_inject_events+0x71c/0x1310
[  127.015355][ T8803]  vcpu_run+0x34eb/0x5500
[  127.015374][ T8803]  ? kvm_mmu_post_init_vm+0x269/0x370
[  127.015400][ T8803]  ? __lock_acquire+0xb8a/0x1c90
[  127.015424][ T8803]  ? __pfx_vcpu_run+0x10/0x10
[  127.015451][ T8803]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  127.015472][ T8803]  ? __local_bh_enable_ip+0xa4/0x120
[  127.015499][ T8803]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  127.015520][ T8803]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  127.015551][ T8803]  kvm_vcpu_ioctl+0x5eb/0x1690
[  127.015577][ T8803]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  127.015612][ T8803]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  127.015641][ T8803]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  127.015675][ T8803]  ? hook_file_ioctl_common+0x145/0x410
[  127.015700][ T8803]  ? selinux_file_ioctl+0x180/0x270
[  127.015722][ T8803]  ? selinux_file_ioctl+0xb4/0x270
[  127.015747][ T8803]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  127.015771][ T8803]  __x64_sys_ioctl+0x18e/0x210
[  127.015794][ T8803]  do_syscall_64+0xcd/0x4c0
[  127.015821][ T8803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.015840][ T8803] RIP: 0033:0x7f8bd198e929
[  127.015855][ T8803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.015872][ T8803] RSP: 002b:00007f8bd274e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  127.015889][ T8803] RAX: ffffffffffffffda RBX: 00007f8bd1bb5fa0 RCX: 00007f8bd198e929
[  127.015900][ T8803] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  127.015911][ T8803] RBP: 00007f8bd274e090 R08: 0000000000000000 R09: 0000000000000000
[  127.015921][ T8803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  127.015931][ T8803] R13: 0000000000000000 R14: 00007f8bd1bb5fa0 R15: 00007ffc7623e4e8
[  127.015956][ T8803]  </TASK>
[  127.180065][ T8811] trusted_key: syz.2.827 sent an empty control message without MSG_MORE.
[  127.186461][ T8811] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (8), value rounded to 0 ms
[  127.308021][ T8823] netlink: 'syz.3.829': attribute type 27 has an invalid length.
[  127.347748][ T8823] bridge0: port 3(team0) entered disabled state
[  127.350036][ T8823] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.352569][ T8823] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.356177][ T8823] bridge0: left promiscuous mode
[  127.404921][ T8823] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  127.413234][ T8823] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  127.451434][ T8823] macsec0: left promiscuous mode
[  127.453146][ T8823] macsec0: left allmulticast mode
[  127.456765][ T8823] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  127.459613][ T8823] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  127.462504][ T8823] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  127.465472][ T8823] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  127.485481][   T34] libceph: connect (1)[c::]:6789 error -101
[  127.488893][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  127.492915][   T34] libceph: connect (1)[c::]:6789 error -101
[  127.495009][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  127.512447][ T8823] gtp0: left promiscuous mode
[  127.516469][ T8823] batman_adv: batadv0: Interface deactivated: macvtap1
[  127.518850][ T8823] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  127.521024][ T8823] macvtap1: left allmulticast mode
[  127.532764][ T8836] ceph: No mds server is up or the cluster is laggy
[  127.545827][ T8834] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.552184][ T8834] bridge0: port 3(team0) entered blocking state
[  127.554195][ T8834] bridge0: port 3(team0) entered forwarding state
[  127.556669][ T8834] 8021q: adding VLAN 0 to HW filter on device team0
[  127.560997][ T8834] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  127.568607][   T46] bridge0: port 3(team0) entered disabled state
[  127.601330][   T57] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  127.761419][   T57] usb 6-1: Using ep0 maxpacket: 8
[  127.771353][   T57] usb 6-1: config index 0 descriptor too short (expected 74, got 45)
[  127.774048][   T57] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  127.777625][   T57] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  127.780911][   T57] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  127.785364][   T57] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  127.788908][   T57] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  127.792983][   T57] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  127.795807][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.831493][ T8857] netlink: 'syz.3.836': attribute type 10 has an invalid length.
[  127.895136][   T40] kauditd_printk_skb: 674 callbacks suppressed
[  127.895151][   T40] audit: type=1400 audit(1752414316.444:4505): avc:  denied  { prog_load } for  pid=8856 comm="syz.3.836" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  127.905379][   T40] audit: type=1400 audit(1752414316.444:4506): avc:  denied  { bpf } for  pid=8856 comm="syz.3.836" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  128.005400][   T40] audit: type=1400 audit(1752414316.554:4507): avc:  denied  { ioctl } for  pid=8831 comm="syz.1.831" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  128.013532][   T57] usb 6-1: GET_CAPABILITIES returned 0
[  128.015370][   T57] usbtmc 6-1:16.0: can't read capabilities
[  128.113580][   T40] audit: type=1400 audit(1752414316.664:4508): avc:  denied  { read write } for  pid=5952 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  128.123576][   T40] audit: type=1400 audit(1752414316.664:4509): avc:  denied  { open } for  pid=5952 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  128.135533][   T40] audit: type=1400 audit(1752414316.664:4510): avc:  denied  { ioctl } for  pid=5952 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  128.147449][   T40] audit: type=1400 audit(1752414316.684:4511): avc:  denied  { read } for  pid=8861 comm="syz.0.837" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  128.156925][   T40] audit: type=1400 audit(1752414316.684:4512): avc:  denied  { open } for  pid=8861 comm="syz.0.837" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  128.204765][   T40] audit: type=1400 audit(1752414316.754:4513): avc:  denied  { ioctl } for  pid=8861 comm="syz.0.837" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  128.214050][   T40] audit: type=1400 audit(1752414316.764:4514): avc:  denied  { read write } for  pid=8831 comm="syz.1.831" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  128.222212][ T8832] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.227112][ T8832] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.228548][   T57] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  128.232937][   T29] usb 6-1: USB disconnect, device number 18
[  128.247160][   T57] hid-generic 0000:0000:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  128.481253][  T836] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  128.647187][  T836] usb 5-1: config 0 interface 0 altsetting 250 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.653226][  T836] usb 5-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  128.658873][  T836] usb 5-1: config 0 interface 0 has no altsetting 0
[  128.662296][  T836] usb 5-1: New USB device found, idVendor=056a, idProduct=00ce, bcdDevice= 0.00
[  128.666070][  T836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.672800][  T836] usb 5-1: config 0 descriptor??
[  128.726515][ T8873] netlink: 'syz.2.840': attribute type 1 has an invalid length.
[  128.765284][ T8875] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  128.767423][ T8875] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  128.770744][ T8875] vhci_hcd vhci_hcd.0: Device attached
[  128.874446][ T8876] vhci_hcd: connection closed
[  128.876422][ T1143] vhci_hcd: stop threads
[  128.879286][ T1143] vhci_hcd: release socket
[  128.880713][ T1143] vhci_hcd: disconnect device
[  129.080209][ T8863] __nla_validate_parse: 1 callbacks suppressed
[  129.080346][ T8863] netlink: 12 bytes leftover after parsing attributes in process `syz.0.837'.
[  129.153068][ T8889] cgroup: fork rejected by pids controller in /syz3
[  129.201163][ T5936] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  129.352777][ T5936] usb 8-1: Using ep0 maxpacket: 16
[  129.358927][ T5936] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.365818][ T5936] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.368726][ T5936] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  129.372617][ T5936] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  129.375230][ T5936] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.380408][ T5936] usb 8-1: config 0 descriptor??
[  129.441167][   T54] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  129.597463][ T5936] shield 0003:0955:7214.0005: unknown main item tag 0x0
[  129.599945][ T5936] shield 0003:0955:7214.0005: unknown main item tag 0x0
[  129.602496][ T5936] shield 0003:0955:7214.0005: unknown main item tag 0x0
[  129.603530][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.604870][ T5936] shield 0003:0955:7214.0005: unknown main item tag 0x0
[  129.608282][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.610771][ T5936] shield 0003:0955:7214.0005: unknown main item tag 0x0
[  129.615603][   T54] usb 6-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00
[  129.617873][ T5936] input: HID 0955:7214 Haptics as /devices/virtual/input/input15
[  129.619089][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.628966][   T54] usb 6-1: config 0 descriptor??
[  129.647702][ T5936] shield 0003:0955:7214.0005: Registered Thunderstrike controller
[  129.650302][ T5936] shield 0003:0955:7214.0005: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  129.712867][ T6030] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  129.716759][ T6030] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  129.725223][ T5936] usb 8-1: USB disconnect, device number 16
[  129.729597][ T6030] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  129.734563][ T6030] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  129.855183][   T54] usbhid 6-1:0.0: can't add hid device: -71
[  129.857138][   T54] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  129.864260][   T54] usb 6-1: USB disconnect, device number 19
[  130.001400][ T9062] binder: 9061:9062 ioctl f503 0 returned -22
[  130.004428][ T9062] batman_adv: batadv0: Removing interface: batadv_slave_0
[  130.007234][ T9062] batman_adv: batadv0: Removing interface: batadv_slave_1
[  130.010771][ T9062] batman_adv: batadv0: Removing interface: macvtap1
[  130.057439][ T9065] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.850'.
[  130.062678][ T9065] netlink: 44 bytes leftover after parsing attributes in process `syz.2.850'.
[  130.147311][ T9066] syz.3.849 (9066): drop_caches: 2
[  130.461221][ T5936] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  130.611241][ T5936] usb 7-1: Using ep0 maxpacket: 8
[  130.614247][ T5936] usb 7-1: config index 0 descriptor too short (expected 74, got 45)
[  130.616749][ T5936] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  130.620443][ T5936] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  130.624410][ T5936] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  130.628420][ T5936] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  130.631848][ T5936] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  130.636002][ T5936] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  130.638838][ T5936] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.002650][ T9083] FAULT_INJECTION: forcing a failure.
[  131.002650][ T9083] name failslab, interval 1, probability 0, space 0, times 0
[  131.006527][ T9083] CPU: 2 UID: 0 PID: 9083 Comm: syz.3.855 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  131.006542][ T9083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.006549][ T9083] Call Trace:
[  131.006553][ T9083]  <TASK>
[  131.006557][ T9083]  dump_stack_lvl+0x16c/0x1f0
[  131.006593][ T9083]  should_fail_ex+0x512/0x640
[  131.006613][ T9083]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  131.006640][ T9083]  should_failslab+0xc2/0x120
[  131.006659][ T9083]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  131.006672][ T9083]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  131.006688][ T9083]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  131.006702][ T9083]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  131.006721][ T9083]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  131.006741][ T9083]  mmu_topup_memory_caches+0x25/0x170
[  131.006757][ T9083]  kvm_mmu_load+0xd9/0x22a0
[  131.006770][ T9083]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  131.006782][ T9083]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  131.006793][ T9083]  ? vmx_flush_tlb_all+0x18c/0x2f0
[  131.006809][ T9083]  ? __pfx_kvm_mmu_load+0x10/0x10
[  131.006821][ T9083]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  131.006838][ T9083]  ? kvm_check_and_inject_events+0x71c/0x1310
[  131.006855][ T9083]  vcpu_run+0x34eb/0x5500
[  131.006867][ T9083]  ? kvm_mmu_post_init_vm+0x269/0x370
[  131.006883][ T9083]  ? __lock_acquire+0xb8a/0x1c90
[  131.006898][ T9083]  ? __pfx_vcpu_run+0x10/0x10
[  131.006913][ T9083]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  131.006927][ T9083]  ? __local_bh_enable_ip+0xa4/0x120
[  131.006944][ T9083]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  131.006958][ T9083]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  131.006976][ T9083]  kvm_vcpu_ioctl+0x5eb/0x1690
[  131.006992][ T9083]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  131.007010][ T9083]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  131.007028][ T9083]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  131.007049][ T9083]  ? hook_file_ioctl_common+0x145/0x410
[  131.007064][ T9083]  ? selinux_file_ioctl+0x180/0x270
[  131.007078][ T9083]  ? selinux_file_ioctl+0xb4/0x270
[  131.007094][ T9083]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  131.007108][ T9083]  __x64_sys_ioctl+0x18e/0x210
[  131.007123][ T9083]  do_syscall_64+0xcd/0x4c0
[  131.007140][ T9083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.007151][ T9083] RIP: 0033:0x7fcb6598e929
[  131.007160][ T9083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.007170][ T9083] RSP: 002b:00007fcb66734038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.007181][ T9083] RAX: ffffffffffffffda RBX: 00007fcb65bb5fa0 RCX: 00007fcb6598e929
[  131.007188][ T9083] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  131.007194][ T9083] RBP: 00007fcb66734090 R08: 0000000000000000 R09: 0000000000000000
[  131.007200][ T9083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  131.007206][ T9083] R13: 0000000000000000 R14: 00007fcb65bb5fa0 R15: 00007ffd78293f68
[  131.007221][ T9083]  </TASK>
[  131.114228][ T5936] usb 7-1: usb_control_msg returned -71
[  131.116047][ T5936] usbtmc 7-1:16.0: can't read capabilities
[  131.122875][ T5936] usb 7-1: USB disconnect, device number 19
[  131.167739][  T836] usbhid 5-1:0.0: can't add hid device: -71
[  131.169621][  T836] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  131.185602][  T836] usb 5-1: USB disconnect, device number 18
[  131.233889][ T9088] input: syz0 as /devices/virtual/input/input16
[  131.323294][ T9093] tmpfs: Unknown parameter 'obj_user'
[  131.368756][ T9096] x_tables: duplicate underflow at hook 1
[  131.596601][ T9106] trusted_key: encrypted_key: insufficient parameters specified
[  131.817741][ T9123] wireguard0: entered promiscuous mode
[  131.819872][ T9123] wireguard0: entered allmulticast mode
[  131.860489][ T9128] FAULT_INJECTION: forcing a failure.
[  131.860489][ T9128] name failslab, interval 1, probability 0, space 0, times 0
[  131.865977][ T9128] CPU: 1 UID: 0 PID: 9128 Comm: syz.2.867 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  131.866001][ T9128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.866008][ T9128] Call Trace:
[  131.866013][ T9128]  <TASK>
[  131.866020][ T9128]  dump_stack_lvl+0x16c/0x1f0
[  131.866070][ T9128]  should_fail_ex+0x512/0x640
[  131.866096][ T9128]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  131.866119][ T9128]  should_failslab+0xc2/0x120
[  131.866140][ T9128]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  131.866159][ T9128]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  131.866181][ T9128]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  131.866202][ T9128]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  131.866227][ T9128]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  131.866254][ T9128]  mmu_topup_memory_caches+0x25/0x170
[  131.866276][ T9128]  kvm_mmu_load+0xd9/0x22a0
[  131.866297][ T9128]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  131.866314][ T9128]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  131.866337][ T9128]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  131.866352][ T9128]  ? __pfx_kvm_mmu_load+0x10/0x10
[  131.866370][ T9128]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  131.866395][ T9128]  ? kvm_check_and_inject_events+0x71c/0x1310
[  131.866420][ T9128]  vcpu_run+0x34eb/0x5500
[  131.866433][ T9128]  ? kvm_mmu_post_init_vm+0x269/0x370
[  131.866450][ T9128]  ? __lock_acquire+0xb8a/0x1c90
[  131.866465][ T9128]  ? __pfx_vcpu_run+0x10/0x10
[  131.866480][ T9128]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  131.866493][ T9128]  ? __local_bh_enable_ip+0xa4/0x120
[  131.866511][ T9128]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  131.866524][ T9128]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  131.866542][ T9128]  kvm_vcpu_ioctl+0x5eb/0x1690
[  131.866558][ T9128]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  131.866576][ T9128]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  131.866596][ T9128]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  131.866616][ T9128]  ? hook_file_ioctl_common+0x145/0x410
[  131.866632][ T9128]  ? selinux_file_ioctl+0x180/0x270
[  131.866646][ T9128]  ? selinux_file_ioctl+0xb4/0x270
[  131.866662][ T9128]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  131.866676][ T9128]  __x64_sys_ioctl+0x18e/0x210
[  131.866690][ T9128]  do_syscall_64+0xcd/0x4c0
[  131.866707][ T9128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.866718][ T9128] RIP: 0033:0x7f66ec38e929
[  131.866727][ T9128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.866738][ T9128] RSP: 002b:00007f66ed23f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.866756][ T9128] RAX: ffffffffffffffda RBX: 00007f66ec5b6080 RCX: 00007f66ec38e929
[  131.866762][ T9128] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  131.866769][ T9128] RBP: 00007f66ed23f090 R08: 0000000000000000 R09: 0000000000000000
[  131.866775][ T9128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  131.866781][ T9128] R13: 0000000000000000 R14: 00007f66ec5b6080 R15: 00007ffc2ecf20f8
[  131.866795][ T9128]  </TASK>
[  132.251179][   T54] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  132.401144][   T54] usb 5-1: Using ep0 maxpacket: 8
[  132.405477][   T54] usb 5-1: config index 0 descriptor too short (expected 74, got 45)
[  132.409632][   T54] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  132.415415][   T54] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  132.418848][   T54] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  132.422523][   T54] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  132.426203][   T54] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  132.430175][   T54] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  132.433277][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.458984][ T9153] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  132.544335][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  132.644463][   T54] usb 5-1: GET_CAPABILITIES returned 0
[  132.646164][   T54] usbtmc 5-1:16.0: can't read capabilities
[  132.849455][    C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  132.853107][    C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  132.855175][ T9169] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  132.856503][    C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  132.860604][ T9169] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  132.864974][ T9141] usbtmc 5-1:16.0: Unable to send data, error -71
[  132.875288][   T54] usb 5-1: USB disconnect, device number 19
[  132.940013][   T40] kauditd_printk_skb: 491 callbacks suppressed
[  132.940024][   T40] audit: type=1400 audit(1752414321.484:5005): avc:  denied  { read write } for  pid=5943 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  132.950856][   T40] audit: type=1400 audit(1752414321.494:5006): avc:  denied  { open } for  pid=5943 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  132.981681][   T40] audit: type=1400 audit(1752414321.494:5007): avc:  denied  { ioctl } for  pid=5943 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  132.996546][   T40] audit: type=1400 audit(1752414321.534:5008): avc:  denied  { read write } for  pid=5944 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  133.010262][   T40] audit: type=1400 audit(1752414321.534:5009): avc:  denied  { read write open } for  pid=5944 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  133.022539][   T40] audit: type=1400 audit(1752414321.534:5010): avc:  denied  { ioctl } for  pid=5944 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  133.032840][   T40] audit: type=1400 audit(1752414321.554:5011): avc:  denied  { read write } for  pid=5943 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  133.043306][   T40] audit: type=1400 audit(1752414321.554:5012): avc:  denied  { open } for  pid=5943 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  133.058487][   T40] audit: type=1400 audit(1752414321.554:5013): avc:  denied  { ioctl } for  pid=5943 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  133.067195][   T40] audit: type=1400 audit(1752414321.584:5014): avc:  denied  { create } for  pid=9175 comm="syz.3.882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  133.113148][ T9183] netlink: 8 bytes leftover after parsing attributes in process `syz.3.884'.
[  133.166912][ T9188] netlink: 92 bytes leftover after parsing attributes in process `syz.3.886'.
[  133.242368][ T9190] netlink: 'syz.3.887': attribute type 3 has an invalid length.
[  133.248132][ T9190] netlink: 'syz.3.887': attribute type 3 has an invalid length.
[  133.350037][ T9203] /dev/sg0: Can't lookup blockdev
[  133.369734][ T9205] netlink: 84 bytes leftover after parsing attributes in process `syz.3.892'.
[  133.411671][ T9211] random: crng reseeded on system resumption
[  133.887491][ T9163] kexec: Could not allocate control_code_buffer
[  133.931336][   T24] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  134.091988][   T24] usb 8-1: Using ep0 maxpacket: 8
[  134.097061][   T24] usb 8-1: config index 0 descriptor too short (expected 74, got 45)
[  134.099590][   T24] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  134.103498][   T24] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  134.106620][   T24] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  134.110020][   T24] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  134.113850][   T24] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.118580][   T24] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  134.122527][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.221260][ T7765] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  134.332687][   T24] usb 8-1: GET_CAPABILITIES returned 0
[  134.334611][   T24] usbtmc 8-1:16.0: can't read capabilities
[  134.374925][ T7765] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.379018][ T7765] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.382740][ T7765] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  134.386906][ T7765] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  134.389871][ T7765] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.395350][ T7765] usb 6-1: config 0 descriptor??
[  134.451190][   T34] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  134.533794][    C3] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  134.536681][    C3] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  134.539647][    C3] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  134.542444][    C3] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  134.545224][    C3] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  134.549759][ T9232] usbtmc 8-1:16.0: Unable to send data, error -71
[  134.554291][   T24] usb 8-1: USB disconnect, device number 17
[  134.601122][   T34] usb 7-1: Using ep0 maxpacket: 8
[  134.604257][   T34] usb 7-1: config index 0 descriptor too short (expected 74, got 45)
[  134.606916][   T34] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  134.611862][   T34] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  134.615185][   T34] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  134.619285][   T34] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  134.622341][   T34] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.626267][   T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  134.629064][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.817097][ T7765] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  134.838701][   T34] usb 7-1: GET_CAPABILITIES returned 0
[  134.840889][   T34] usbtmc 7-1:16.0: can't read capabilities
[  135.004027][ T9240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  135.006723][ T9240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  135.039891][ T5948] Bluetooth: hci1: unexpected event for opcode 0x201c
[  135.087264][    C2] plantronics 0003:047F:FFFF.0006: hid_field_extract() called with n (132) > 32! (syz.2.903)
[  135.129220][ T9258] netlink: 'syz.3.904': attribute type 4 has an invalid length.
[  135.136302][ T9251] kvm: kvm [9250]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x9
[  135.204438][   T24] usb 7-1: USB disconnect, device number 20
[  135.289356][ T7765] usb 6-1: USB disconnect, device number 20
[  135.317221][ T9268] SELinux:  Context system_u:object_r:mail_spool_t:s0 is not valid (left unmapped).
[  135.588544][ T9274] netlink: 'syz.3.908': attribute type 1 has an invalid length.
[  135.602722][ T9274] 8021q: adding VLAN 0 to HW filter on device bond4
[  135.624671][ T9274] veth7: entered promiscuous mode
[  135.628545][ T9274] bond4: (slave veth7): Enslaving as an active interface with a down link
[  135.829204][ T9291] netlink: 24 bytes leftover after parsing attributes in process `syz.1.913'.
[  135.852817][ T9291] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9291 comm=syz.1.913
[  135.909869][ T9295] FAULT_INJECTION: forcing a failure.
[  135.909869][ T9295] name failslab, interval 1, probability 0, space 0, times 0
[  135.913936][ T9295] CPU: 3 UID: 0 PID: 9295 Comm: syz.1.915 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  135.913956][ T9295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.913965][ T9295] Call Trace:
[  135.913970][ T9295]  <TASK>
[  135.913976][ T9295]  dump_stack_lvl+0x16c/0x1f0
[  135.914022][ T9295]  should_fail_ex+0x512/0x640
[  135.914044][ T9295]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  135.914061][ T9295]  should_failslab+0xc2/0x120
[  135.914078][ T9295]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  135.914092][ T9295]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  135.914109][ T9295]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  135.914123][ T9295]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  135.914141][ T9295]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  135.914161][ T9295]  mmu_topup_memory_caches+0x25/0x170
[  135.914177][ T9295]  kvm_mmu_load+0xd9/0x22a0
[  135.914191][ T9295]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  135.914201][ T9295]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  135.914214][ T9295]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  135.914226][ T9295]  ? __pfx_kvm_mmu_load+0x10/0x10
[  135.914239][ T9295]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  135.914256][ T9295]  ? kvm_check_and_inject_events+0x71c/0x1310
[  135.914273][ T9295]  vcpu_run+0x34eb/0x5500
[  135.914284][ T9295]  ? kvm_mmu_post_init_vm+0x269/0x370
[  135.914305][ T9295]  ? __lock_acquire+0xb8a/0x1c90
[  135.914319][ T9295]  ? __pfx_vcpu_run+0x10/0x10
[  135.914334][ T9295]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  135.914348][ T9295]  ? __local_bh_enable_ip+0xa4/0x120
[  135.914365][ T9295]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  135.914378][ T9295]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  135.914396][ T9295]  kvm_vcpu_ioctl+0x5eb/0x1690
[  135.914412][ T9295]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  135.914430][ T9295]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  135.914448][ T9295]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  135.914469][ T9295]  ? hook_file_ioctl_common+0x145/0x410
[  135.914483][ T9295]  ? selinux_file_ioctl+0x180/0x270
[  135.914498][ T9295]  ? selinux_file_ioctl+0xb4/0x270
[  135.914513][ T9295]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  135.914528][ T9295]  __x64_sys_ioctl+0x18e/0x210
[  135.914542][ T9295]  do_syscall_64+0xcd/0x4c0
[  135.914559][ T9295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.914570][ T9295] RIP: 0033:0x7fc7b9b8e929
[  135.914579][ T9295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.914590][ T9295] RSP: 002b:00007fc7baa24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  135.914600][ T9295] RAX: ffffffffffffffda RBX: 00007fc7b9db5fa0 RCX: 00007fc7b9b8e929
[  135.914607][ T9295] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  135.914613][ T9295] RBP: 00007fc7baa24090 R08: 0000000000000000 R09: 0000000000000000
[  135.914619][ T9295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  135.914625][ T9295] R13: 0000000000000000 R14: 00007fc7b9db5fa0 R15: 00007ffea801ed58
[  135.914639][ T9295]  </TASK>
[  136.076799][ T9298] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  136.078870][ T9298] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  136.082485][ T9298] vhci_hcd vhci_hcd.0: Device attached
[  136.085604][ T9298] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5)
[  136.087856][ T9298] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  136.090635][ T9298] vhci_hcd vhci_hcd.0: Device attached
[  136.095592][ T9298] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7)
[  136.097609][ T9298] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  136.099871][ T9298] vhci_hcd vhci_hcd.0: Device attached
[  136.104354][ T9303] vhci_hcd: connection closed
[  136.104398][ T9301] vhci_hcd: connection closed
[  136.105569][   T12] vhci_hcd: stop threads
[  136.109424][   T12] vhci_hcd: release socket
[  136.110927][   T12] vhci_hcd: disconnect device
[  136.111336][ T9299] vhci_hcd: connection closed
[  136.112866][   T12] vhci_hcd: stop threads
[  136.112873][   T12] vhci_hcd: release socket
[  136.112880][   T12] vhci_hcd: disconnect device
[  136.122526][   T12] vhci_hcd: stop threads
[  136.124107][   T12] vhci_hcd: release socket
[  136.125735][   T12] vhci_hcd: disconnect device
[  136.137608][ T9306] netlink: 4 bytes leftover after parsing attributes in process `syz.0.917'.
[  136.369549][ T9315] syz.0.920: attempt to access beyond end of device
[  136.369549][ T9315] sr0: rw=0, sector=64, nr_sectors = 4 limit=0
[  136.423183][ T9315] syz.0.920: attempt to access beyond end of device
[  136.423183][ T9315] sr0: rw=0, sector=1024, nr_sectors = 4 limit=0
[  136.427182][ T9315] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=256, location=256
[  136.430186][ T9315] syz.0.920: attempt to access beyond end of device
[  136.430186][ T9315] sr0: rw=0, sector=2048, nr_sectors = 4 limit=0
[  136.434888][ T9315] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=512, location=512
[  136.437761][ T9315] UDF-fs: warning (device sr0): udf_load_vrs: No anchor found
[  136.440035][ T9315] UDF-fs: Scanning with blocksize 2048 failed
[  136.442802][ T9315] syz.0.920: attempt to access beyond end of device
[  136.442802][ T9315] sr0: rw=0, sector=64, nr_sectors = 8 limit=0
[  136.502513][ T9315] syz.0.920: attempt to access beyond end of device
[  136.502513][ T9315] sr0: rw=0, sector=2048, nr_sectors = 8 limit=0
[  136.508066][ T9315] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=256, location=256
[  136.512455][ T9315] syz.0.920: attempt to access beyond end of device
[  136.512455][ T9315] sr0: rw=0, sector=4096, nr_sectors = 8 limit=0
[  136.516816][ T9315] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=512, location=512
[  136.520655][ T9315] UDF-fs: warning (device sr0): udf_load_vrs: No anchor found
[  136.523868][ T9315] UDF-fs: Scanning with blocksize 4096 failed
[  136.526145][ T9315] UDF-fs: warning (device sr0): udf_fill_super: No partition found (1)
[  136.573389][ T9318] netlink: 57 bytes leftover after parsing attributes in process `syz.0.921'.
[  136.662250][ T9324] netlink: 'syz.0.923': attribute type 1 has an invalid length.
[  136.665416][ T9324] netlink: 17 bytes leftover after parsing attributes in process `syz.0.923'.
[  136.718664][ T9328] FAULT_INJECTION: forcing a failure.
[  136.718664][ T9328] name failslab, interval 1, probability 0, space 0, times 0
[  136.728976][ T9328] CPU: 1 UID: 0 PID: 9328 Comm: syz.1.924 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  136.729003][ T9328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.729015][ T9328] Call Trace:
[  136.729022][ T9328]  <TASK>
[  136.729028][ T9328]  dump_stack_lvl+0x16c/0x1f0
[  136.729057][ T9328]  should_fail_ex+0x512/0x640
[  136.729080][ T9328]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  136.729107][ T9328]  should_failslab+0xc2/0x120
[  136.729133][ T9328]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  136.729154][ T9328]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  136.729179][ T9328]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  136.729201][ T9328]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  136.729230][ T9328]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  136.729262][ T9328]  mmu_topup_memory_caches+0x25/0x170
[  136.729285][ T9328]  kvm_mmu_load+0xd9/0x22a0
[  136.729312][ T9328]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  136.729328][ T9328]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  136.729345][ T9328]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  136.729363][ T9328]  ? __pfx_kvm_mmu_load+0x10/0x10
[  136.729383][ T9328]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  136.729409][ T9328]  ? kvm_check_and_inject_events+0x71c/0x1310
[  136.729436][ T9328]  vcpu_run+0x34eb/0x5500
[  136.729458][ T9328]  ? __lock_acquire+0xb8a/0x1c90
[  136.729483][ T9328]  ? __pfx_vcpu_run+0x10/0x10
[  136.729509][ T9328]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  136.729530][ T9328]  ? __local_bh_enable_ip+0xa4/0x120
[  136.729557][ T9328]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  136.729578][ T9328]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  136.729608][ T9328]  kvm_vcpu_ioctl+0x5eb/0x1690
[  136.729634][ T9328]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  136.729665][ T9328]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  136.729692][ T9328]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  136.729726][ T9328]  ? hook_file_ioctl_common+0x145/0x410
[  136.729751][ T9328]  ? selinux_file_ioctl+0x180/0x270
[  136.729773][ T9328]  ? selinux_file_ioctl+0xb4/0x270
[  136.729798][ T9328]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  136.729821][ T9328]  __x64_sys_ioctl+0x18e/0x210
[  136.729844][ T9328]  do_syscall_64+0xcd/0x4c0
[  136.729871][ T9328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.729889][ T9328] RIP: 0033:0x7fc7b9b8e929
[  136.729904][ T9328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.729921][ T9328] RSP: 002b:00007fc7baa24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  136.729939][ T9328] RAX: ffffffffffffffda RBX: 00007fc7b9db5fa0 RCX: 00007fc7b9b8e929
[  136.729950][ T9328] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  136.729961][ T9328] RBP: 00007fc7baa24090 R08: 0000000000000000 R09: 0000000000000000
[  136.729971][ T9328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  136.729981][ T9328] R13: 0000000000000000 R14: 00007fc7b9db5fa0 R15: 00007ffea801ed58
[  136.730007][ T9328]  </TASK>
[  136.734209][ T9329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.922'.
[  136.759231][ T9338] capability: warning: `syz.0.927' uses 32-bit capabilities (legacy support in use)
[  136.854158][ T9335] cgroup: Unknown subsys name 'smackfsroot'
[  136.909686][ T9347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.928'.
[  136.913299][ T9347] netlink: 24 bytes leftover after parsing attributes in process `syz.0.928'.
[  137.038981][ T9363] netlink: 48 bytes leftover after parsing attributes in process `syz.2.936'.
[  137.109240][ T9371] ufs: You didn't specify the type of your ufs filesystem
[  137.109240][ T9371] 
[  137.109240][ T9371] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  137.109240][ T9371] 
[  137.109240][ T9371] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  137.122990][ T9371] ufs: failed to set blocksize
[  137.132735][ T5955] Bluetooth: hci1: unexpected event for opcode 0x0402
[  137.147328][ T9369] cgroup2: Unknown parameter 'memory_localeven'
[  137.152979][ T5936] IPVS: starting estimator thread 0...
[  137.212739][ T9384] CUSE: unknown device info "ý<±5æç—‘<ZŸj5«�ÿÿ¨ 9ñ$›+‘¤r„0X‰8"
[  137.215280][ T9384] CUSE: unknown device info "eQïŒÌmÅ€%åãöP;T�ý€ÁÎá38RÝ2ß«JgËé¾Æ$‚O‹³"
[  137.215669][ T9382] FAULT_INJECTION: forcing a failure.
[  137.215669][ T9382] name failslab, interval 1, probability 0, space 0, times 0
[  137.217964][ T9384] CUSE: unknown device info ""
[  137.223821][ T9384] CUSE: zero length info key specified
[  137.223834][ T9382] CPU: 1 UID: 0 PID: 9382 Comm: syz.2.941 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  137.223850][ T9382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.223858][ T9382] Call Trace:
[  137.223862][ T9382]  <TASK>
[  137.223866][ T9382]  dump_stack_lvl+0x16c/0x1f0
[  137.223887][ T9382]  should_fail_ex+0x512/0x640
[  137.223903][ T9382]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  137.223921][ T9382]  should_failslab+0xc2/0x120
[  137.223938][ T9382]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  137.223953][ T9382]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  137.223971][ T9382]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  137.223985][ T9382]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  137.224005][ T9382]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  137.224027][ T9382]  mmu_topup_memory_caches+0x25/0x170
[  137.224086][ T9382]  kvm_mmu_load+0xd9/0x22a0
[  137.224101][ T9382]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  137.224131][ T9382]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  137.224144][ T9382]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  137.224157][ T9382]  ? __pfx_kvm_mmu_load+0x10/0x10
[  137.224170][ T9382]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  137.224188][ T9382]  ? kvm_check_and_inject_events+0x71c/0x1310
[  137.224206][ T9382]  vcpu_run+0x34eb/0x5500
[  137.224218][ T9382]  ? kvm_mmu_post_init_vm+0x269/0x370
[  137.224236][ T9382]  ? __lock_acquire+0xb8a/0x1c90
[  137.224255][ T9382]  ? __pfx_vcpu_run+0x10/0x10
[  137.224271][ T9382]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  137.224286][ T9382]  ? __local_bh_enable_ip+0xa4/0x120
[  137.224304][ T9382]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  137.224319][ T9382]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  137.224338][ T9382]  kvm_vcpu_ioctl+0x5eb/0x1690
[  137.224354][ T9382]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  137.224373][ T9382]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  137.224392][ T9382]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  137.224414][ T9382]  ? hook_file_ioctl_common+0x145/0x410
[  137.224429][ T9382]  ? selinux_file_ioctl+0x180/0x270
[  137.224444][ T9382]  ? selinux_file_ioctl+0xb4/0x270
[  137.224466][ T9382]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  137.224488][ T9382]  __x64_sys_ioctl+0x18e/0x210
[  137.224523][ T9382]  do_syscall_64+0xcd/0x4c0
[  137.224550][ T9382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.224563][ T9382] RIP: 0033:0x7f66ec38e929
[  137.224573][ T9382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.224585][ T9382] RSP: 002b:00007f66ed260038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  137.224595][ T9382] RAX: ffffffffffffffda RBX: 00007f66ec5b5fa0 RCX: 00007f66ec38e929
[  137.224602][ T9382] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  137.224609][ T9382] RBP: 00007f66ed260090 R08: 0000000000000000 R09: 0000000000000000
[  137.224615][ T9382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.224621][ T9382] R13: 0000000000000000 R14: 00007f66ec5b5fa0 R15: 00007ffc2ecf20f8
[  137.224643][ T9382]  </TASK>
[  137.268229][ T9388] SELinux: syz.3.943 (9388) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  137.268712][ T9380] IPVS: using max 43 ests per chain, 103200 per kthread
[  137.321593][   T24] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[  137.404691][ T9393] kernel profiling enabled (shift: 63)
[  137.407406][ T9393] profiling shift: 63 too large
[  137.464514][ T9397] netlink: 8 bytes leftover after parsing attributes in process `syz.2.945'.
[  137.494447][   T24] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[  137.498165][   T24] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  137.502423][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[  137.505204][   T24] usb 5-1: config 1 has no interface number 0
[  137.507100][   T24] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  137.511608][   T24] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  137.515372][   T24] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  137.518086][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.527033][   T24] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[  137.683136][ T9410] binder: BINDER_SET_CONTEXT_MGR already set
[  137.685864][ T9410] binder: 9408:9410 ioctl 4018620d 2000000000c0 returned -16
[  137.703067][ T9410] binder: BINDER_SET_CONTEXT_MGR already set
[  137.705759][ T9410] binder: 9408:9410 ioctl 4018620d 200000000040 returned -16
[  137.708205][ T9410] binder: 9408:9410 ioctl c0306201 2000000003c0 returned -14
[  137.814619][ T9418] netlink: 72 bytes leftover after parsing attributes in process `syz.1.954'.
[  137.942932][   T40] kauditd_printk_skb: 762 callbacks suppressed
[  137.942944][   T40] audit: type=1400 audit(1752414326.494:5777): avc:  denied  { read write } for  pid=5945 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  137.953607][   T40] audit: type=1400 audit(1752414326.494:5778): avc:  denied  { open } for  pid=5945 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  137.960865][   T40] audit: type=1400 audit(1752414326.494:5779): avc:  denied  { ioctl } for  pid=5945 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  137.970072][   T40] audit: type=1400 audit(1752414326.504:5780): avc:  denied  { module_request } for  pid=9420 comm="syz.2.956" kmod="net-pf-2-proto-3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  137.979099][   T40] audit: type=1400 audit(1752414326.524:5781): avc:  denied  { create } for  pid=9432 comm="syz.1.958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  137.985950][   T40] audit: type=1400 audit(1752414326.524:5782): avc:  denied  { write } for  pid=9432 comm="syz.1.958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  137.994787][   T40] audit: type=1400 audit(1752414326.524:5783): avc:  denied  { nlmsg_write } for  pid=9432 comm="syz.1.958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  138.001191][   T40] audit: type=1400 audit(1752414326.524:5784): avc:  denied  { create } for  pid=9432 comm="syz.1.958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  138.007412][   T40] audit: type=1400 audit(1752414326.524:5785): avc:  denied  { setopt } for  pid=9432 comm="syz.1.958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  138.013936][   T40] audit: type=1400 audit(1752414326.534:5786): avc:  denied  { read } for  pid=9432 comm="syz.1.958" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  138.081479][ T9436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  138.087977][ T9436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  138.092755][   T24] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached
[  138.147317][ T9438] netlink: 'syz.1.959': attribute type 19 has an invalid length.
[  138.322939][ T5936] usb 5-1: USB disconnect, device number 20
[  138.326290][ T5936] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[  138.391400][ T5955] Bluetooth: hci3: command 0x0c1a tx timeout
[  138.481174][   T24] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  138.646644][   T24] usb 8-1: Using ep0 maxpacket: 16
[  138.652100][   T24] usb 8-1: config 0 has no interfaces?
[  138.654435][   T24] usb 8-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[  138.661269][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.667585][   T24] usb 8-1: config 0 descriptor??
[  138.873268][ T5948] Bluetooth: hci0: unexpected event for opcode 0x2023
[  138.879086][   T24] usb 8-1: USB disconnect, device number 18
[  138.879566][ T9484] netlink: 'syz.0.974': attribute type 12 has an invalid length.
[  139.232771][ T9518] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  139.235431][ T9518] IPv6: NLM_F_CREATE should be set when creating new route
[  139.238157][ T9518] IPv6: NLM_F_CREATE should be set when creating new route
[  139.240835][ T9518] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  139.781344][ T5936] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  139.932663][ T5936] usb 8-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  139.935826][ T5936] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  139.941984][ T5936] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  139.945329][ T5936] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.948390][ T5936] usb 8-1: Product: syz
[  139.950204][ T5936] usb 8-1: Manufacturer: syz
[  139.952358][ T5936] usb 8-1: SerialNumber: syz
[  140.361428][ T5936] hub 8-1:1.0: bad descriptor, ignoring hub
[  140.363355][ T5936] hub 8-1:1.0: probe with driver hub failed with error -5
[  140.391843][ T5936] usb 8-1: USB disconnect, device number 19
[  140.975844][ T5948] Bluetooth: hci1: unexpected event for opcode 0x041b
[  141.132112][ T9592] nbd2: detected capacity change from 0 to 8
[  141.139198][ T9582] block nbd2: shutting down sockets
[  141.142239][    C3] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.145479][    C3] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.148509][ T9592] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.153435][ T9592] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.156079][ T9592] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.160307][ T9592] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.163673][ T9592] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.166548][ T9592] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.169043][ T9592] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.173028][ T9592] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.177002][ T9592] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.179799][ T9592] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.182853][ T9592] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.185706][ T9592] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.188271][ T9592] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.191152][ T9592] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.194534][ T9592] ldm_validate_partition_table(): Disk read failed.
[  141.196862][ T9592] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.199732][ T9592] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.202270][ T9592] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.205180][ T9592] Buffer I/O error on dev nbd2, logical block 0, async page read
[  141.207874][ T9592] Dev nbd2: unable to read RDB block 0
[  141.209760][ T9592]  nbd2: unable to read partition table
[  141.211692][ T9592] nbd2: partition table beyond EOD, truncated
[  141.216687][ T8644] ldm_validate_partition_table(): Disk read failed.
[  141.219961][ T8644] Dev nbd2: unable to read RDB block 0
[  141.224406][ T8644]  nbd2: unable to read partition table
[  141.226287][ T8644] nbd2: partition table beyond EOD, truncated
[  141.232235][ T8644] ldm_validate_partition_table(): Disk read failed.
[  141.235100][ T8644] Dev nbd2: unable to read RDB block 0
[  141.237435][ T8644]  nbd2: unable to read partition table
[  141.239704][ T8644] nbd2: partition table beyond EOD, truncated
[  141.286694][ T9609] __nla_validate_parse: 42 callbacks suppressed
[  141.286704][ T9609] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1013'.
[  141.365447][ T9618] netlink: 'syz.1.1016': attribute type 29 has an invalid length.
[  141.370212][ T9618] netlink: 'syz.1.1016': attribute type 29 has an invalid length.
[  141.546943][ T9634] fuse: Bad value for 'group_id'
[  141.548519][ T9634] fuse: Bad value for 'group_id'
[  141.552653][ T9639] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1022'.
[  141.555481][ T9639] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1022'.
[  141.969239][ T9650] bridge3: entered promiscuous mode
[  141.971460][ T9650] bridge3: entered allmulticast mode
[  142.063553][ T9658] vim2m vim2m.0: vidioc_s_fmt queue busy
[  142.113232][ T9664] delete_channel: no stack
[  142.196288][ T9679] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  142.198756][ T9679] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  142.213100][ T5948] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  142.298623][ T5948] block nbd3: Receive control failed (result -32)
[  142.348447][ T8644] block nbd3: shutting down sockets
[  142.353038][ T9698] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[  142.355109][ T9698] [U] J"—e:ÀÆ"


[  142.388904][ T9698] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.416340][ T9707] xt_CT: You must specify a L4 protocol and not use inversions on it
[  142.419443][ T9705] xt_CT: You must specify a L4 protocol and not use inversions on it
[  142.420683][ T9711] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1045'.
[  142.462528][ T9715] netlink: 'syz.3.1047': attribute type 1 has an invalid length.
[  142.465110][ T9715] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1047'.
[  142.478429][ T9698] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.539157][ T9698] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.621800][ T9698] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.624412][ T9726] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1051'.
[  142.681407][ T9698] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  142.689365][ T9698] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  142.698273][ T9698] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  142.706237][ T9698] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.991258][   T54] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  143.076634][ T9733] netlink: 'syz.2.1054': attribute type 1 has an invalid length.
[  143.095722][   T40] kauditd_printk_skb: 470 callbacks suppressed
[  143.095738][   T40] audit: type=1400 audit(1752414332.640:6257): avc:  denied  { read } for  pid=9735 comm="syz.0.1055" name="2:0:0:0" dev="devtmpfs" ino=728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  143.108620][ T9736] BIDI support in bsg has been removed.
[  143.109105][ T9733] 8021q: adding VLAN 0 to HW filter on device bond2
[  143.110093][   T40] audit: type=1400 audit(1752414332.640:6258): avc:  denied  { open } for  pid=9735 comm="syz.0.1055" path="/dev/bsg/2:0:0:0" dev="devtmpfs" ino=728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  143.110122][   T40] audit: type=1400 audit(1752414332.660:6259): avc:  denied  { ioctl } for  pid=9735 comm="syz.0.1055" path="/dev/bsg/2:0:0:0" dev="devtmpfs" ino=728 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  143.110148][   T40] audit: type=1400 audit(1752414332.660:6260): avc:  denied  { write } for  pid=9735 comm="syz.0.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  143.110170][   T40] audit: type=1400 audit(1752414332.660:6261): avc:  denied  { read } for  pid=9735 comm="syz.0.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  143.162992][ T9740] bond2: (slave gretap1): making interface the new active one
[  143.167695][ T9740] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  143.172133][   T54] usb 6-1: Using ep0 maxpacket: 16
[  143.178598][   T54] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  143.178841][   T40] audit: type=1400 audit(1752414332.720:6262): avc:  denied  { create } for  pid=9741 comm="syz.0.1056" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  143.183021][   T54] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  143.193345][   T54] usb 6-1: Product: syz
[  143.195217][   T54] usb 6-1: Manufacturer: syz
[  143.196830][   T54] usb 6-1: SerialNumber: syz
[  143.201320][   T54] usb 6-1: config 0 descriptor??
[  143.248532][   T40] audit: type=1400 audit(1752414332.790:6263): avc:  denied  { connect } for  pid=9748 comm="syz.2.1059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  143.262188][   T40] audit: type=1400 audit(1752414332.810:6264): avc:  denied  { write } for  pid=9748 comm="syz.2.1059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  143.268754][   T40] audit: type=1400 audit(1752414332.810:6265): avc:  denied  { execute } for  pid=9748 comm="syz.2.1059" path="/257/memory.events" dev="tmpfs" ino=1414 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  143.304078][   T40] audit: type=1400 audit(1752414332.850:6266): avc:  denied  { ioctl } for  pid=9753 comm="syz.2.1060" path="socket:[33985]" dev="sockfs" ino=33985 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  143.316957][ T9755] can0: slcan on ptm0.
[  143.392640][ T9753] can0 (unregistered): slcan off ptm0.
[  143.461178][   T34] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  143.591510][   T34] usb 5-1: device descriptor read/64, error -71
[  143.716104][ T9785] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1066'.
[  143.841251][   T34] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  143.936857][   T54] usb 6-1: USB disconnect, device number 21
[  143.967048][ T9796] netlink: 'syz.1.1069': attribute type 1 has an invalid length.
[  143.981846][   T34] usb 5-1: device descriptor read/64, error -71
[  143.996108][ T9796] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  144.091371][   T34] usb usb5-port1: attempt power cycle
[  144.157324][ T9802] xt_l2tp: unknown flags: f1
[  144.196417][ T9803] xt_l2tp: unknown flags: f1
[  144.239673][ T9807] netlink: 'syz.1.1072': attribute type 4 has an invalid length.
[  144.244143][ T9807] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1072'.
[  144.441175][   T34] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  144.472992][   T34] usb 5-1: device descriptor read/8, error -71
[  144.511898][ T9809] overlay: filesystem on ./bus is read-only
[  144.724543][ T9813] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1075'.
[  144.741159][   T34] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  144.761732][   T34] usb 5-1: device descriptor read/8, error -71
[  144.880303][   T34] usb usb5-port1: unable to enumerate USB device
[  144.951768][ T9819] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1077'.
[  144.971427][   T24] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  145.103699][ T9829] netlink: 'syz.3.1079': attribute type 13 has an invalid length.
[  145.112749][ T9829] gretap0: refused to change device tx_queue_len
[  145.115314][ T9829] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  145.131821][   T24] usb 7-1: no configurations
[  145.133702][   T24] usb 7-1: can't read configurations, error -22
[  145.282087][   T24] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  145.441968][   T24] usb 7-1: no configurations
[  145.443434][   T24] usb 7-1: can't read configurations, error -22
[  145.445503][   T24] usb usb7-port1: attempt power cycle
[  145.806637][   T24] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  145.832687][   T24] usb 7-1: no configurations
[  145.834723][   T24] usb 7-1: can't read configurations, error -22
[  145.971375][   T24] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  145.995175][   T24] usb 7-1: no configurations
[  145.997133][   T24] usb 7-1: can't read configurations, error -22
[  146.000252][   T24] usb usb7-port1: unable to enumerate USB device
[  146.021748][ T9832] netlink: 'syz.3.1080': attribute type 9 has an invalid length.
[  146.341167][   T34] usb 8-1: new full-speed USB device number 20 using dummy_hcd
[  146.415360][ T9853] __nla_validate_parse: 1 callbacks suppressed
[  146.415371][ T9853] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1087'.
[  146.497171][   T34] usb 8-1: config 0 has an invalid descriptor of length 33, skipping remainder of the config
[  146.500236][   T34] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  146.504966][   T34] usb 8-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  146.507736][   T34] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.510324][   T34] usb 8-1: Product: syz
[  146.511752][   T34] usb 8-1: Manufacturer: syz
[  146.513275][   T34] usb 8-1: SerialNumber: syz
[  146.516327][   T34] usb 8-1: config 0 descriptor??
[  146.631732][ T9858] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  146.633856][ T9858] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  146.669418][ T9864] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  146.671690][ T9864] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  146.674847][ T9864] vhci_hcd vhci_hcd.0: Device attached
[  146.685882][ T9866] vhci_hcd: connection closed
[  146.686837][ T1145] vhci_hcd: stop threads
[  146.689794][ T1145] vhci_hcd: release socket
[  146.697837][ T1145] vhci_hcd: disconnect device
[  146.718084][ T9872] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  146.729670][   T34] usb 8-1: USB disconnect, device number 20
[  146.742940][ T9870] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1091'.
[  147.011458][ T9887] netlink: 'syz.1.1098': attribute type 10 has an invalid length.
[  147.019731][ T9887] netlink: 'syz.1.1098': attribute type 10 has an invalid length.
[  147.022688][ T9887] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1098'.
[  147.025665][ T9887] team0: entered promiscuous mode
[  147.027400][ T9887] gtp0: entered promiscuous mode
[  147.030131][ T9887] 8021q: adding VLAN 0 to HW filter on device team0
[  147.281771][   T54] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  147.397620][ T9895] netlink: 14212 bytes leftover after parsing attributes in process `syz.3.1101'.
[  147.431203][   T54] usb 6-1: Using ep0 maxpacket: 8
[  147.441729][   T54] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[  147.451187][   T54] usb 6-1: config 179 has no interface number 0
[  147.453867][   T54] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  147.458838][   T54] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  147.463677][   T54] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  147.468022][   T54] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  147.475334][   T54] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  147.479647][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.489173][ T9887] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  147.516920][ T9897] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1103'.
[  147.524126][ T9897] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1103'.
[  147.527330][ T9897] netlink: 'syz.3.1103': attribute type 7 has an invalid length.
[  147.530254][ T9897] netlink: 'syz.3.1103': attribute type 8 has an invalid length.
[  147.533748][ T9897] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1103'.
[  147.756355][ T9899] netlink: 112 bytes leftover after parsing attributes in process `syz.0.1102'.
[  147.766812][ T9899] ufs: You didn't specify the type of your ufs filesystem
[  147.766812][ T9899] 
[  147.766812][ T9899] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  147.766812][ T9899] 
[  147.766812][ T9899] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  147.779674][ T9899] ufs: failed to set blocksize
[  147.830096][ T9901] netlink: 'syz.2.1106': attribute type 7 has an invalid length.
[  147.833345][ T9901] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1106'.
[  147.838500][ T9901] netlink: 'syz.2.1106': attribute type 7 has an invalid length.
[  147.911611][    C1] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  147.911615][ T5986] usb 6-1: USB disconnect, device number 22
[  147.916249][    C1] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  147.979501][ T5948] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  147.979628][ T9914] xt_l2tp: v2 tid > 0xffff: 150994944
[  148.014018][ T5955] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  148.017908][ T5955] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  148.021322][ T5955] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  148.035070][ T5955] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  148.038385][ T5955] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  148.141785][  T836] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  148.172727][ T9915] chnl_net:caif_netlink_parms(): no params data found
[  148.226487][   T40] kauditd_printk_skb: 245 callbacks suppressed
[  148.226504][   T40] audit: type=1400 audit(1752414337.770:6512): avc:  denied  { read } for  pid=5661 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  148.283069][ T9915] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.285627][ T9915] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.288075][ T9915] bridge_slave_0: entered allmulticast mode
[  148.290645][ T9915] bridge_slave_0: entered promiscuous mode
[  148.291631][  T836] usb 5-1: Using ep0 maxpacket: 16
[  148.294344][ T1145] team0: left allmulticast mode
[  148.295352][  T836] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.296228][ T1145] team_slave_0: left allmulticast mode
[  148.299297][  T836] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.299312][  T836] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  148.299336][  T836] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  148.299348][  T836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.301890][  T836] usb 5-1: config 0 descriptor??
[  148.304694][ T1145] team_slave_1: left allmulticast mode
[  148.317713][ T1145] team0: left promiscuous mode
[  148.319244][ T1145] team_slave_0: left promiscuous mode
[  148.321385][ T1145] team_slave_1: left promiscuous mode
[  148.324223][ T1145] bridge0: port 3(team0) entered disabled state
[  148.328142][ T1145] bridge_slave_1: left allmulticast mode
[  148.330030][ T1145] bridge_slave_1: left promiscuous mode
[  148.332328][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.335864][ T1145] bridge_slave_0: left allmulticast mode
[  148.337671][ T1145] bridge_slave_0: left promiscuous mode
[  148.339505][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.386091][   T40] audit: type=1400 audit(1752414337.930:6513): avc:  denied  { create } for  pid=9926 comm="syz.2.1113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  148.513223][   T40] audit: type=1400 audit(1752414338.060:6514): avc:  denied  { ioctl } for  pid=9904 comm="syz.0.1108" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  148.521209][   T40] audit: type=1400 audit(1752414338.060:6515): avc:  denied  { mounton } for  pid=9936 comm="syz.1.1115" path="/312/file0" dev="tmpfs" ino=1711 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  148.528172][   T40] audit: type=1400 audit(1752414338.060:6516): avc:  denied  { mount } for  pid=9936 comm="syz.1.1115" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  148.621370][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  148.627681][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  148.629013][   T40] audit: type=1400 audit(1752414338.170:6517): avc:  denied  { create } for  pid=9936 comm="syz.1.1115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  148.637669][   T40] audit: type=1400 audit(1752414338.180:6518): avc:  denied  { write } for  pid=9936 comm="syz.1.1115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  148.641755][ T1145] bond0 (unregistering): Released all slaves
[  148.645148][   T40] audit: type=1400 audit(1752414338.180:6519): avc:  denied  { ioctl } for  pid=9936 comm="syz.1.1115" path="socket:[35021]" dev="sockfs" ino=35021 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  148.654081][ T1145] bond1 (unregistering): Released all slaves
[  148.664531][ T1145] bond2 (unregistering): Released all slaves
[  148.673588][ T1145] bond3 (unregistering): Released all slaves
[  148.701377][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[  148.701441][ T5957] Bluetooth: hci1: command 0x0c1a tx timeout
[  148.724329][  T836] HID 045e:07da: Invalid code 65791 type 1
[  148.742001][  T836] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:045E:07DA.0007/input/input17
[  148.753225][   T40] audit: type=1400 audit(1752414338.300:6520): avc:  denied  { read } for  pid=5344 comm="acpid" name="event4" dev="devtmpfs" ino=3167 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  148.754990][  T836] microsoft 0003:045E:07DA.0007: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  148.762771][   T40] audit: type=1400 audit(1752414338.300:6521): avc:  denied  { open } for  pid=5344 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3167 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  148.808109][ T1145] bond4 (unregistering): (slave veth7): Releasing active interface
[  148.814100][ T1145] bond4 (unregistering): Released all slaves
[  148.834893][ T9915] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.837931][ T9915] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.841031][ T9915] bridge_slave_1: entered allmulticast mode
[  148.845215][ T9915] bridge_slave_1: entered promiscuous mode
[  148.913564][ T9915] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  148.920086][ T9915] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  149.014286][ T9915] team0: Port device team_slave_0 added
[  149.024399][ T9915] team0: Port device team_slave_1 added
[  149.063531][ T9915] batman_adv: batadv0: Adding interface: batadv_slave_0
[  149.066531][ T9915] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.078661][ T9915] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  149.092621][ T9915] batman_adv: batadv0: Adding interface: batadv_slave_1
[  149.097852][ T9915] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.111245][ T9915] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  149.199680][ T9915] hsr_slave_0: entered promiscuous mode
[  149.202093][ T9915] hsr_slave_1: entered promiscuous mode
[  149.204286][ T9915] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  149.207130][ T9915] Cannot create hsr debugfs directory
[  149.355439][ T1145] hsr_slave_0: left promiscuous mode
[  149.357818][ T1145] hsr_slave_1: left promiscuous mode
[  149.524928][ T9963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1120'.
[  149.533992][  T836] usb 5-1: USB disconnect, device number 25
[  150.064729][ T5957] Bluetooth: hci0: command tx timeout
[  150.121042][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  150.193943][ T1145] team0 (unregistering): Port device team_slave_0 removed
[  150.701168][ T5955] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  150.701234][ T5957] Bluetooth: hci4: command 0x1003 tx timeout
[  150.821529][ T5955] Bluetooth: hci3: unexpected event for opcode 0x0c22
[  150.906107][ T9915] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  150.918677][ T9915] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  150.929595][ T9915] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  150.944088][ T9915] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  151.004289][ T9915] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.017751][ T9915] 8021q: adding VLAN 0 to HW filter on device team0
[  151.027588][   T87] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.031958][   T87] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.046298][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.048587][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.090944][T10006] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  151.133365][T10006] syzkaller0: entered promiscuous mode
[  151.135702][T10006] syzkaller0: entered allmulticast mode
[  151.138741][T10006] tipc: Resetting bearer <eth:syzkaller0>
[  151.146243][T10005] tipc: Resetting bearer <eth:syzkaller0>
[  151.242941][   T29] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  151.337406][T10008] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10008 comm=syz.2.1131
[  151.394614][   T29] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  151.398457][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.401989][   T29] usb 6-1: Product: syz
[  151.403727][   T29] usb 6-1: Manufacturer: syz
[  151.405775][   T29] usb 6-1: SerialNumber: syz
[  151.411360][   T29] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  151.427539][   T54] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  151.632353][T10020] fuse: Bad value for 'fd'
[  152.151206][ T5955] Bluetooth: hci0: command tx timeout
[  152.176074][T10005] tipc: Disabling bearer <eth:syzkaller0>
[  152.342498][ T9915] 8021q: adding VLAN 0 to HW filter on device batadv0
[  152.462440][   T54] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  152.465017][   T54] ath9k_htc: Failed to initialize the device
[  152.503798][   T54] usb 6-1: ath9k_htc: USB layer deinitialized
[  152.524224][ T9915] veth0_vlan: entered promiscuous mode
[  152.529446][ T9915] veth1_vlan: entered promiscuous mode
[  152.562623][ T9915] veth0_macvtap: entered promiscuous mode
[  152.570665][ T9915] veth1_macvtap: entered promiscuous mode
[  152.590824][ T9915] batman_adv: batadv0: Interface activated: batadv_slave_0
[  152.598336][ T9915] batman_adv: batadv0: Interface activated: batadv_slave_1
[  152.604170][ T9915] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.606954][ T9915] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.609771][ T9915] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.613542][ T9915] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  152.673765][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.678222][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.694622][   T87] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.697735][   T87] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.770412][T10068] __nla_validate_parse: 1 callbacks suppressed
[  152.770428][T10068] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1107'.
[  152.776019][T10068] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  152.782106][T10068] overlayfs: failed to get inode (-116)
[  152.782332][T10071] xt_hashlimit: size too large, truncated to 1048576
[  152.784619][T10068] overlayfs: failed to get inode (-116)
[  152.833554][T10076] x_tables: duplicate underflow at hook 1
[  152.835520][T10077] x_tables: duplicate underflow at hook 1
[  152.837700][T10076] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1140'.
[  152.875956][T10081] netlink: 'syz.4.1141': attribute type 1 has an invalid length.
[  152.878538][T10081] netlink: 'syz.4.1141': attribute type 2 has an invalid length.
[  152.884692][T10081] trusted_key: encrypted_key: insufficient parameters specified
[  153.281246][   T40] kauditd_printk_skb: 316 callbacks suppressed
[  153.281260][   T40] audit: type=1400 audit(1752414342.820:6838): avc:  denied  { create } for  pid=10112 comm="syz.4.1148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  153.290839][   T40] audit: type=1400 audit(1752414342.830:6839): avc:  denied  { create } for  pid=10112 comm="syz.4.1148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  153.297610][   T40] audit: type=1400 audit(1752414342.830:6840): avc:  denied  { ioctl } for  pid=10112 comm="syz.4.1148" path="socket:[34674]" dev="sockfs" ino=34674 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  153.305382][   T40] audit: type=1400 audit(1752414342.830:6841): avc:  denied  { setopt } for  pid=10112 comm="syz.4.1148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  153.313722][   T40] audit: type=1400 audit(1752414342.840:6842): avc:  denied  { egress } for  pid=1142 comm="kworker/u32:5" saddr=fe80::1c daddr=ff02::16 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  153.321949][   T40] audit: type=1400 audit(1752414342.840:6843): avc:  denied  { sendto } for  pid=1142 comm="kworker/u32:5" saddr=fe80::1c daddr=ff02::16 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  153.331144][   T40] audit: type=1400 audit(1752414342.860:6844): avc:  denied  { bind } for  pid=10112 comm="syz.4.1148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  153.391540][   T40] audit: type=1400 audit(1752414342.940:6845): avc:  denied  { search } for  pid=10117 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  153.399440][   T40] audit: type=1400 audit(1752414342.940:6846): avc:  denied  { search } for  pid=10117 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=1905 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  153.411376][   T40] audit: type=1400 audit(1752414342.940:6847): avc:  denied  { search } for  pid=10117 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1909 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  153.458923][T10124] bridge0: entered promiscuous mode
[  153.490872][T10126] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  153.493001][T10126] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  153.506146][T10126] vhci_hcd vhci_hcd.0: Device attached
[  153.616845][T10137] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1152'.
[  153.657944][T10140] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10140 comm=syz.0.1153
[  153.663239][T10140] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1153'.
[  153.666184][T10140] 0·: renamed from hsr0 (while UP)
[  153.677746][T10140] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  153.695024][ T1023] vhci_hcd: vhci_device speed not set
[  153.751388][ T1023] usb 41-1: new high-speed USB device number 2 using vhci_hcd
[  153.766432][ T1145] IPVS: stop unused estimator thread 0...
[  153.842146][T10160] block nbd4: NBD_DISCONNECT
[  153.848312][T10160] block nbd4: Send disconnect failed -22
[  154.023562][ T5936] usb 6-1: USB disconnect, device number 23
[  154.221209][ T5955] Bluetooth: hci0: command tx timeout
[  154.258083][T10127] vhci_hcd: connection reset by peer
[  154.260654][   T61] vhci_hcd: stop threads
[  154.262573][   T61] vhci_hcd: release socket
[  154.266297][   T61] vhci_hcd: disconnect device
[  154.580950][T10154] block nbd4: Disconnected due to user request.
[  154.583651][T10154] block nbd4: shutting down sockets
[  154.673632][T10176] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  154.732918][T10172] ceph: No mds server is up or the cluster is laggy
[  154.737089][T10181] ceph: No mds server is up or the cluster is laggy
[  154.813638][T10187] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1161'.
[  154.814626][T10189] tipc: Trying to set illegal importance in message
[  154.818088][T10187] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10187 comm=syz.2.1161
[  154.877332][T10195] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  155.066054][T10214] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1170'.
[  155.151285][   T54] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  155.285280][T10235] comedi: valid board names for 8255 driver are:
[  155.287420][T10235]  8255
[  155.288482][T10235] comedi: valid board names for vmk80xx driver are:
[  155.291808][T10235]  vmk80xx
[  155.293098][T10235] comedi: valid board names for usbduxsigma driver are:
[  155.295903][T10235]  usbduxsigma
[  155.297014][T10235] comedi: valid board names for usbduxfast driver are:
[  155.299253][T10235]  usbduxfast
[  155.300345][T10235] comedi: valid board names for usbdux driver are:
[  155.303965][T10235]  usbdux
[  155.305321][T10235] comedi: valid board names for ni6501 driver are:
[  155.308045][T10235]  ni6501
[  155.309356][T10235] comedi: valid board names for dt9812 driver are:
[  155.313118][T10235]  dt9812
[  155.314443][T10235] comedi: valid board names for ni_labpc_cs driver are:
[  155.317346][T10235]  ni_labpc_cs
[  155.318812][T10235] comedi: valid board names for ni_daq_700 driver are:
[  155.322631][T10235]  ni_daq_700
[  155.324090][T10235] comedi: valid board names for labpc_pci driver are:
[  155.327429][T10235]  labpc_pci
[  155.332420][   T54] usb 9-1: Using ep0 maxpacket: 16
[  155.335449][T10235] comedi: valid board names for adl_pci9118 driver are:
[  155.337634][T10235]  pci9118dg
[  155.338718][T10235]  pci9118hg
[  155.339776][T10235]  pci9118hr
[  155.340869][T10235] comedi: valid board names for 8255_pci driver are:
[  155.348777][   T54] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  155.353624][   T54] usb 9-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  155.356497][   T54] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.359343][T10235]  8255_pci
[  155.360415][T10235] comedi: valid board names for s526 driver are:
[  155.367723][   T54] usb 9-1: config 0 descriptor??
[  155.372048][T10235]  s526
[  155.372964][T10235] comedi: valid board names for multiq3 driver are:
[  155.375469][T10235]  multiq3
[  155.376462][T10235] comedi: valid board names for pcmuio driver are:
[  155.378754][T10235]  pcmuio48
[  155.380007][T10235]  pcmuio96
[  155.380453][   T54] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input18
[  155.381998][T10235] comedi: valid board names for pcmmio driver are:
[  155.386108][T10235]  pcmmio
[  155.387048][T10235] comedi: valid board names for pcmda12 driver are:
[  155.390029][T10235]  pcmda12
[  155.392917][T10235] comedi: valid board names for pcmad driver are:
[  155.393676][T10237] ceph: No mds server is up or the cluster is laggy
[  155.395960][T10235]  pcmad12
[  155.399620][T10235]  pcmad16
[  155.400955][T10235] comedi: valid board names for ni_labpc driver are:
[  155.403923][T10235]  lab-pc-1200
[  155.405368][T10235]  lab-pc-1200ai
[  155.406778][T10235]  lab-pc+
[  155.408478][T10235] comedi: valid board names for atmio16 driver are:
[  155.411356][T10235]  atmio16
[  155.412485][T10235]  atmio16d
[  155.414743][T10235] comedi: valid board names for ni_at_ao driver are:
[  155.416927][T10235]  at-ao-6
[  155.418112][T10235]  at-ao-10
[  155.419460][T10235] comedi: valid board names for ni_at_a2150 driver are:
[  155.431797][T10235]  ni_at_a2150
[  155.433318][T10235] comedi: valid board names for adq12b driver are:
[  155.436022][T10235]  adq12b
[  155.437278][T10235] comedi: valid board names for mpc624 driver are:
[  155.444359][T10235]  mpc624
[  155.445700][T10235] comedi: valid board names for c6xdigio driver are:
[  155.448523][T10235]  c6xdigio
[  155.449853][T10235] comedi: valid board names for aio_iiro_16 driver are:
[  155.453285][T10235]  aio_iiro_16
[  155.455164][T10235] comedi: valid board names for aio_aio12_8 driver are:
[  155.458030][T10235]  aio_aio12_8
[  155.459489][T10235]  aio_ai12_8
[  155.460894][T10235]  aio_ao12_4
[  155.462362][T10235] comedi: valid board names for fl512 driver are:
[  155.464353][T10235]  fl512
[  155.465346][T10235] comedi: valid board names for dmm32at driver are:
[  155.467520][T10235]  dmm32at
[  155.468893][T10235] comedi: valid board names for dt282x driver are:
[  155.475251][T10235]  dt2821
[  155.476924][T10235]  dt2821-f
[  155.478285][T10235]  dt2821-g
[  155.479671][T10235]  dt2823
[  155.480969][T10235]  dt2824-pgh
[  155.482488][T10235]  dt2824-pgl
[  155.483945][T10235]  dt2825
[  155.485203][T10235]  dt2827
[  155.486437][T10235]  dt2828
[  155.487760][T10235]  dt2829
[  155.489036][T10235]  dt21-ez
[  155.490355][T10235]  dt23-ez
[  155.492563][T10235]  dt24-ez
[  155.493651][T10235]  dt24-ez-pgl
[  155.494743][T10235] comedi: valid board names for dt2817 driver are:
[  155.496775][T10235]  dt2817
[  155.497967][T10235] comedi: valid board names for dt2815 driver are:
[  155.500424][T10235]  dt2815
[  155.502108][T10235] comedi: valid board names for dt2814 driver are:
[  155.504225][T10235]  dt2814
[  155.505195][T10235] comedi: valid board names for dt2811 driver are:
[  155.507231][T10235]  dt2811-pgh
[  155.508415][T10235]  dt2811-pgl
[  155.509483][T10235] comedi: valid board names for dt2801 driver are:
[  155.512320][T10235]  dt2801
[  155.513557][T10235] comedi: valid board names for das6402 driver are:
[  155.515591][T10235]  das6402-12
[  155.520604][T10235]  das6402-16
[  155.522817][T10235] comedi: valid board names for das1800 driver are:
[  155.526030][T10235]  das-1701st
[  155.527207][T10235]  das-1701st-da
[  155.528449][T10235]  das-1702st
[  155.529577][T10235]  das-1702st-da
[  155.530774][T10235]  das-1702hr
[  155.540008][T10235]  das-1702hr-da
[  155.541535][T10235]  das-1701ao
[  155.542676][T10235]  das-1702ao
[  155.543805][T10235]  das-1801st
[  155.544948][T10235]  das-1801st-da
[  155.546351][T10235]  das-1802st
[  155.547487][T10235]  das-1802st-da
[  155.548686][T10235]  das-1802hr
[  155.550753][T10235]  das-1802hr-da
[  155.552127][T10235]  das-1801hc
[  155.553250][T10235]  das-1802hc
[  155.554505][T10235]  das-1801ao
[  155.555643][T10235]  das-1802ao
[  155.556737][T10235] comedi: valid board names for das800 driver are:
[  155.558720][T10235]  das-800
[  155.559685][T10235]  cio-das800
[  155.560765][T10235]  das-801
[  155.567759][T10235]  cio-das801
[  155.568917][T10235]  das-802
[  155.569937][T10235]  cio-das802
[  155.571001][T10235]  cio-das802/16
[  155.590439][T10246] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1178'.
[  155.591025][T10235] comedi: valid board names for isa-das08 driver are:
[  155.599566][T10235]  isa-das08
[  155.600422][ T5344] bcm5974 9-1:0.0: could not read from device
[  155.600641][T10235]  das08-pgm
[  155.600647][T10235]  das08-pgh
[  155.600652][T10235]  das08-pgl
[  155.600655][T10235]  das08-aoh
[  155.600659][T10235]  das08-aol
[  155.600663][T10235]  das08-aom
[  155.604259][T10235]  das08/jr-ao
[  155.610325][T10235]  das08jr-16-ao
[  155.611587][T10235]  pc104-das08
[  155.612704][T10235]  das08jr/16
[  155.613770][T10235] comedi: valid board names for das16m1 driver are:
[  155.613897][   T54] bcm5974 9-1:0.0: could not read from device
[  155.615820][T10235]  das16m1
[  155.615827][T10235] comedi: valid board names for dac02 driver are:
[  155.615832][T10235]  dac02
[  155.615836][T10235] comedi: valid board names for rti802 driver are:
[  155.615840][T10235]  rti802
[  155.615844][T10235] comedi: valid board names for rti800 driver are:
[  155.615849][T10235]  rti800
[  155.615853][T10235]  rti815
[  155.615856][T10235] comedi: valid board names for pcm3724 driver are:
[  155.618910][T10235]  pcm3724
[  155.618916][T10235] comedi: valid board names for pcl818 driver are:
[  155.618921][T10235]  pcl818l
[  155.618925][T10235]  pcl818h
[  155.618928][T10235]  pcl818hd
[  155.639178][T10235]  pcl818hg
[  155.640638][T10235]  pcl818
[  155.641670][T10235]  pcl718
[  155.642577][ T5344] bcm5974 9-1:0.0: could not read from device
[  155.642635][T10235]  pcm3718
[  155.642641][T10235] comedi: valid board names for pcl816 driver are:
[  155.645611][T10235]  pcl816
[  155.648923][T10260] netlink: 161716 bytes leftover after parsing attributes in process `syz.2.1182'.
[  155.648941][T10235]  pcl814b
[  155.654137][T10260] netlink: zone id is out of range
[  155.655824][T10260] netlink: zone id is out of range
[  155.655895][   T54] input: failed to attach handler mousedev to device input18, error: -5
[  155.657393][T10260] netlink: zone id is out of range
[  155.657400][T10260] netlink: zone id is out of range
[  155.657404][T10260] netlink: zone id is out of range
[  155.657408][T10260] netlink: zone id is out of range
[  155.657412][T10260] netlink: zone id is out of range
[  155.657416][T10260] netlink: zone id is out of range
[  155.658738][T10235] comedi: valid board names for pcl812 driver are:
[  155.663239][ T5344] bcm5974 9-1:0.0: could not read from device
[  155.666624][T10235]  pcl812
[  155.669337][   T54] usb 9-1: USB disconnect, device number 2
[  155.670499][T10235]  pcl812pg
[  155.678514][T10235]  acl8112pg
[  155.678692][ T5344] bcm5974 9-1:0.0: could not read from device
[  155.679557][T10235]  acl8112dg
[  155.679563][T10235]  acl8112hg
[  155.682731][T10235]  a821pgl
[  155.684726][T10235]  a821pglnda
[  155.685791][T10235]  a821pgh
[  155.686015][T10266] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1183'.
[  155.686749][T10235]  a822pgl
[  155.686755][T10235]  a822pgh
[  155.686759][T10235]  a823pgl
[  155.686763][T10235]  a823pgh
[  155.686766][T10235]  pcl813
[  155.686770][T10235]  pcl813b
[  155.686774][T10235]  acl8113
[  155.686777][T10235]  iso813
[  155.686781][T10235]  acl8216
[  155.698645][T10235]  a826pg
[  155.699605][T10235] comedi: valid board names for pcl730 driver are:
[  155.701920][T10235]  pcl730
[  155.702881][T10235]  iso730
[  155.703834][T10235]  acl7130
[  155.704934][T10235]  pcm3730
[  155.706021][T10235]  pcl725
[  155.706948][T10235]  p8r8dio
[  155.708194][T10235]  acl7225b
[  155.709325][T10235]  p16r16dio
[  155.710428][T10235]  pcl733
[  155.712837][T10235]  pcl734
[  155.726556][T10235]  opmm-1616-xt
[  155.727702][T10235]  pearl-mm-p
[  155.728780][T10235]  ir104-pbf
[  155.729816][T10235] comedi: valid board names for pcl726 driver are:
[  155.731899][T10235]  pcl726
[  155.732849][T10235]  pcl727
[  155.733770][T10235]  pcl728
[  155.734683][T10235]  acl6126
[  155.735668][T10235]  acl6128
[  155.736768][T10235] comedi: valid board names for pcl724 driver are:
[  155.738941][T10235]  pcl724
[  155.739907][T10235]  pcl722
[  155.740857][T10235]  pcl731
[  155.741985][T10235]  acl7122
[  155.743058][T10235]  acl7124
[  155.744096][T10235]  pet48dio
[  155.745374][T10235]  pcmio48
[  155.746378][T10235]  onyx-mm-dio
[  155.747712][T10235] comedi: valid board names for pcl711 driver are:
[  155.756192][T10235]  pcl711
[  155.757249][T10235]  pcl711b
[  155.758610][T10235]  acl8112hg
[  155.759664][T10235]  acl8112dg
[  155.760720][T10235] comedi: valid board names for amplc_pc263 driver are:
[  155.763447][T10235]  pc263
[  155.764358][T10235] comedi: valid board names for amplc_pc236 driver are:
[  155.766490][T10235]  pc36at
[  155.767433][T10235] comedi: valid board names for amplc_dio200 driver are:
[  155.769694][T10235]  pc212e
[  155.770647][T10235]  pc214e
[  155.772698][T10235]  pc215e
[  155.773651][T10235]  pc218e
[  155.774556][T10235]  pc272e
[  155.775470][T10235] comedi: valid board names for comedi_parport driver are:
[  155.777723][T10235]  comedi_parport
[  155.778888][T10235] comedi: valid board names for comedi_test driver are:
[  155.781141][T10235]  comedi_test
[  155.782241][T10235] comedi: valid board names for comedi_bond driver are:
[  155.786620][T10235]  comedi_bond
[  155.840701][T10287] sp0: Synchronizing with TNC
[  155.943946][T10296] xt_hashlimit: size too large, truncated to 1048576
[  156.072428][   T29] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  156.097988][T10315] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  156.211595][T10321] netlink: 'syz.2.1198': attribute type 21 has an invalid length.
[  156.222610][   T29] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  156.226558][   T29] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  156.230634][   T29] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  156.235593][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.240818][   T29] usb 6-1: config 0 descriptor??
[  156.301294][ T5955] Bluetooth: hci0: command tx timeout
[  156.496655][T10344] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1207'.
[  156.548601][ T6030] IPVS: starting estimator thread 0...
[  156.631216][T10347] IPVS: using max 42 ests per chain, 100800 per kthread
[  156.646881][   T29] usb 6-1: string descriptor 0 read error: -71
[  156.654858][   T29] usb 6-1: USB disconnect, device number 24
[  156.681339][  T836] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  156.839316][T10341] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  156.842616][T10341] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  156.849671][  T836] usb 7-1: unable to get BOS descriptor or descriptor too short
[  156.853442][  T836] usb 7-1: unable to read config index 0 descriptor/start: -71
[  156.855970][  T836] usb 7-1: can't read configurations, error -71
[  157.276824][T10357] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  157.631434][T10385] /dev/nullb0: Can't lookup blockdev
[  157.670454][T10387] netlink: 'syz.1.1222': attribute type 28 has an invalid length.
[  157.673135][T10387] netlink: 'syz.1.1222': attribute type 3 has an invalid length.
[  157.721619][ T6030] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  157.871005][T10394] __nla_validate_parse: 1 callbacks suppressed
[  157.871020][T10394] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1224'.
[  157.902006][ T6030] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  157.906311][ T6030] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  157.910071][ T6030] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  157.914493][ T6030] usb 9-1: config 0 interface 0 has no altsetting 0
[  157.918566][ T6030] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  157.922438][ T6030] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  157.926961][ T6030] usb 9-1: config 0 interface 0 has no altsetting 0
[  157.931268][ T6030] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  157.934887][ T6030] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  157.939151][ T6030] usb 9-1: config 0 interface 0 has no altsetting 0
[  157.942543][ T6030] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  157.945753][ T6030] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  157.949122][ T6030] usb 9-1: config 0 interface 0 has no altsetting 0
[  157.952338][ T6030] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  157.955651][ T6030] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  157.959124][ T6030] usb 9-1: config 0 interface 0 has no altsetting 0
[  157.962234][ T6030] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  157.965026][ T6030] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  157.968385][ T6030] usb 9-1: config 0 interface 0 has no altsetting 0
[  157.971373][ T6030] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  157.974176][ T6030] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  157.977576][ T6030] usb 9-1: config 0 interface 0 has no altsetting 0
[  157.980446][ T6030] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  157.983913][ T6030] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  157.987411][ T6030] usb 9-1: config 0 interface 0 has no altsetting 0
[  157.991473][ T6030] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  157.994458][ T6030] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  157.997078][ T6030] usb 9-1: Product: syz
[  157.998399][ T6030] usb 9-1: Manufacturer: syz
[  157.999863][ T6030] usb 9-1: SerialNumber: syz
[  158.005045][ T6030] usb 9-1: config 0 descriptor??
[  158.014918][ T6030] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  158.278925][T10416] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1230'.
[  158.282579][T10416] 8021q: VLANs not supported on ip6_vti0
[  158.302747][   T40] kauditd_printk_skb: 391 callbacks suppressed
[  158.302757][   T40] audit: type=1400 audit(1752414347.850:7239): avc:  denied  { sendto } for  pid=6030 comm="kworker/0:5" saddr=fe80::1c daddr=ff02::16 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  158.332175][   T40] audit: type=1400 audit(1752414347.870:7240): avc:  denied  { create } for  pid=10418 comm="syz.1.1231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  158.338397][   T40] audit: type=1400 audit(1752414347.870:7241): avc:  denied  { write } for  pid=10418 comm="syz.1.1231" path="socket:[37279]" dev="sockfs" ino=37279 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  158.439799][   T40] audit: type=1400 audit(1752414347.980:7242): avc:  denied  { create } for  pid=10420 comm="syz.1.1232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  158.449018][   T40] audit: type=1400 audit(1752414347.980:7243): avc:  denied  { ioctl } for  pid=10420 comm="syz.1.1232" path="/dev/vmci" dev="devtmpfs" ino=708 ioctlcmd=0x7a7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  158.454483][T10423] ip6t_srh: unknown srh match flags  4000
[  158.457426][   T40] audit: type=1400 audit(1752414347.990:7244): avc:  denied  { setopt } for  pid=10420 comm="syz.1.1232" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  158.501152][   T40] audit: type=1400 audit(1752414348.040:7245): avc:  denied  { read } for  pid=10425 comm="syz.1.1234" name="usbmon7" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  158.508895][   T40] audit: type=1400 audit(1752414348.040:7246): avc:  denied  { open } for  pid=10425 comm="syz.1.1234" path="/dev/usbmon7" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  158.519527][   T40] audit: type=1400 audit(1752414348.050:7247): avc:  denied  { ioctl } for  pid=10425 comm="syz.1.1234" path="/dev/usbmon7" dev="devtmpfs" ino=759 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  158.547579][   T40] audit: type=1400 audit(1752414348.090:7248): avc:  denied  { create } for  pid=10431 comm="syz.2.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  158.555399][T10432] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1236'.
[  158.614750][T10436] netlink: 'syz.2.1238': attribute type 21 has an invalid length.
[  158.615458][   T54] usb 9-1: USB disconnect, device number 3
[  158.617295][T10436] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1238'.
[  158.627609][   T54] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  158.648213][T10436] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1238'.
[  158.807513][T10450] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1241'.
[  158.875497][ T1023] vhci_hcd: vhci_device speed not set
[  159.246937][T10480] netlink: 'syz.2.1248': attribute type 1 has an invalid length.
[  159.259056][T10480] 8021q: adding VLAN 0 to HW filter on device bond4
[  159.263257][T10484] netlink: 596 bytes leftover after parsing attributes in process `syz.0.1249'.
[  159.383490][T10495] overlayfs: failed to resolve 'fscontext=root': -2
[  159.428452][T10498] tipc: Cannot configure node identity twice
[  159.452295][T10493] Falling back ldisc for ttyS3.
[  159.510664][T10503] 9pnet_fd: Insufficient options for proto=fd
[  159.529860][T10507] netlink: 'syz.2.1258': attribute type 83 has an invalid length.
[  159.595330][T10515] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1261'.
[  159.635175][T10517] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  159.638416][T10517] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  159.700112][T10522] netlink: 'syz.4.1264': attribute type 2 has an invalid length.
[  159.704016][T10522] net_ratelimit: 47 callbacks suppressed
[  159.704028][T10522] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  159.718316][T10522] netlink: 3696 bytes leftover after parsing attributes in process `syz.4.1264'.
[  159.721603][T10522] netlink: 3696 bytes leftover after parsing attributes in process `syz.4.1264'.
[  160.147779][T10550] IPv6: Can't replace route, no match found
[  160.228379][T10559] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  160.503096][   T29] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  160.545653][T10571] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  160.548209][T10571] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  160.554638][T10571] openvswitch: netlink: IPv6 tunnel dst address is zero
[  160.560205][T10571] openvswitch: netlink: IPv6 tunnel dst address is zero
[  160.562712][T10571] openvswitch: netlink: IPv6 tunnel dst address is zero
[  160.565678][T10571] openvswitch: netlink: IPv6 tunnel dst address is zero
[  160.568223][T10571] openvswitch: netlink: IPv6 tunnel dst address is zero
[  160.570435][T10571] openvswitch: netlink: IPv6 tunnel dst address is zero
[  160.573931][T10571] openvswitch: netlink: IPv6 tunnel dst address is zero
[  160.576260][T10571] openvswitch: netlink: IPv6 tunnel dst address is zero
[  160.651171][   T29] usb 9-1: Using ep0 maxpacket: 8
[  160.655497][   T29] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  160.659709][   T29] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  160.664882][   T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  160.668030][   T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  160.674646][   T29] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  160.679900][   T29] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  160.683779][   T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.890093][   T29] usb 9-1: usb_control_msg returned -32
[  160.892939][   T29] usbtmc 9-1:16.0: can't read capabilities
[  160.937361][T10582] ------------[ cut here ]------------
[  160.939679][T10582] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/aio_iiro_16.c:180:9
SYZFAIL: failed to recv rpc
[  160.942563][T10582] shift exponent 1073741824 is too large for 32-bit type 'int'
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  160.946218][T10582] CPU: 3 UID: 0 PID: 10582 Comm: syz.2.1282 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  160.946233][T10582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  160.946240][T10582] Call Trace:
[  160.946244][T10582]  <TASK>
[  160.946248][T10582]  dump_stack_lvl+0x16c/0x1f0
[  160.946284][T10582]  __ubsan_handle_shift_out_of_bounds+0x27f/0x420
[  160.946314][T10582]  aio_iiro_16_attach.cold+0x19/0x1e
[  160.946330][T10582]  comedi_device_attach+0x3b3/0x900
[  160.946350][T10582]  do_devconfig_ioctl+0x1a7/0x580
[  160.946367][T10582]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  160.946394][T10582]  ? find_held_lock+0x2b/0x80
[  160.946411][T10582]  comedi_unlocked_ioctl+0x15bb/0x2e90
[  160.946427][T10582]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  160.946441][T10582]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  160.946452][T10582]  ? do_vfs_ioctl+0x523/0x1a60
[  160.946465][T10582]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  160.946481][T10582]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  160.946498][T10582]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  160.946515][T10582]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  160.946536][T10582]  ? hook_file_ioctl_common+0x145/0x410
[  160.946551][T10582]  ? selinux_file_ioctl+0x180/0x270
[  160.946565][T10582]  ? selinux_file_ioctl+0xb4/0x270
[  160.946581][T10582]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  160.946594][T10582]  __x64_sys_ioctl+0x18e/0x210
[  160.946608][T10582]  do_syscall_64+0xcd/0x4c0
[  160.946625][T10582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.946636][T10582] RIP: 0033:0x7f66ec38e929
[  160.946645][T10582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.946656][T10582] RSP: 002b:00007f66ed260038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.946667][T10582] RAX: ffffffffffffffda RBX: 00007f66ec5b5fa0 RCX: 00007f66ec38e929
[  160.946673][T10582] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 0000000000000005
[  160.946680][T10582] RBP: 00007f66ec410b39 R08: 0000000000000000 R09: 0000000000000000
[  160.946686][T10582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  160.946692][T10582] R13: 0000000000000000 R14: 00007f66ec5b5fa0 R15: 00007ffc2ecf20f8
[  160.946707][T10582]  </TASK>
[  160.946710][T10582] ---[ end trace ]---
[  161.019682][T10582] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  161.021966][T10582] CPU: 3 UID: 0 PID: 10582 Comm: syz.2.1282 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  161.025656][T10582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.028939][T10582] Call Trace:
[  161.029999][T10582]  <TASK>
[  161.030952][T10582]  dump_stack_lvl+0x3d/0x1f0
[  161.032465][T10582]  panic+0x71c/0x800
[  161.033723][T10582]  ? __pfx_panic+0x10/0x10
[  161.035140][T10582]  ? __pfx__printk+0x10/0x10
[  161.036608][T10582]  ? check_panic_on_warn+0x1f/0xb0
[  161.038210][T10582]  check_panic_on_warn+0xab/0xb0
[  161.039759][T10582]  __ubsan_handle_shift_out_of_bounds+0x2a6/0x420
[  161.041777][T10582]  aio_iiro_16_attach.cold+0x19/0x1e
[  161.043423][T10582]  comedi_device_attach+0x3b3/0x900
[  161.045092][T10582]  do_devconfig_ioctl+0x1a7/0x580
[  161.046687][T10582]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  161.048429][T10582]  ? find_held_lock+0x2b/0x80
[  161.049927][T10582]  comedi_unlocked_ioctl+0x15bb/0x2e90
[  161.051633][T10582]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  161.053477][T10582]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  161.055296][T10582]  ? do_vfs_ioctl+0x523/0x1a60
[  161.056800][T10582]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  161.058374][T10582]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  161.060395][T10582]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  161.062414][T10582]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  161.064562][T10582]  ? hook_file_ioctl_common+0x145/0x410
[  161.066329][T10582]  ? selinux_file_ioctl+0x180/0x270
[  161.067950][T10582]  ? selinux_file_ioctl+0xb4/0x270
[  161.069552][T10582]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  161.071372][T10582]  __x64_sys_ioctl+0x18e/0x210
[  161.072878][T10582]  do_syscall_64+0xcd/0x4c0
[  161.074308][T10582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.076271][T10582] RIP: 0033:0x7f66ec38e929
[  161.077673][T10582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.083596][T10582] RSP: 002b:00007f66ed260038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.086181][T10582] RAX: ffffffffffffffda RBX: 00007f66ec5b5fa0 RCX: 00007f66ec38e929
[  161.088620][T10582] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 0000000000000005
[  161.091073][T10582] RBP: 00007f66ec410b39 R08: 0000000000000000 R09: 0000000000000000
[  161.093515][T10582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  161.095983][T10582] R13: 0000000000000000 R14: 00007f66ec5b5fa0 R15: 00007ffc2ecf20f8
[  161.098388][T10582]  </TASK>
[  161.099912][T10582] Kernel Offset: disabled
[  161.101294][T10582] Rebooting in 86400 seconds..

VM DIAGNOSIS:
13:45:49  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=00007fce64d85620 RCX=0000000000000000 RDX=00007ffc21c29068
RSI=00007fce64c2cd57 RDI=00007ffc21c26f20 RBP=00007fce64c2cd75 RSP=00007ffc21c26f00
R8 =0000000000000000 R9 =0000000000000000 R10=00000000ffffffff R11=0000000000000202
R12=00007ffc21c26f00 R13=0000000000000004 R14=00007ffc21c2915c R15=00007ffc21c291f0
RIP=00007fce64b3bf5b RFL=00010246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000555585e6a500 ffffffff 00c00000
GS =0000 0000000000000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffc21c27000 CR3=000000002a726000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000044402 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc21c27020 00007ffc21c27020
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc21c29060 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555585e91dab 0000555585e90c30
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555585e8df31 0000555585e8dcd0
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 616e676973206e77 6f6e6b6e75000a29 7325203a6425206f 6e7272652820000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 444b424c56054b52 4a4b4e4b50000a0c 5600051f4100054a 4b5757400d05000a
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0010000280030510 0001f00300100001 e00300100001d003 12100001c0030010
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100040010000401 03d0001000039003 0010000380030610 0002f00300100002
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e00306100002d003 04100002c0031010 0002b00340801000 02a0030010000290
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300100002800305 100001f003001000 01e00300100001d0 0312100001c00300
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 100001b003001000 01a0030480100001 9003001000018003 0010007003001000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffc90006ae0000 RBX=0000000000000000 RCX=ffff8881064c9070 RDX=000000000000009d
RSI=ffffffff86a8db58 RDI=ffff8881064c92d0 RBP=0000000000000001 RSP=ffffc900006a0b78
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=0000000000000001 R13=0000000000004e20 R14=ffff8881064c9070 R15=0000000000000001
RIP=ffffffff86a8db95 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007fb2e5178300 ffffffff 00c00000
GS =0000 ffff8880d6813000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffc21c26e60 CR3=0000000029264000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=27b36c9aeb75d20d 76dcbf56a09b2994 27b36c9aeb75d20d 76dcbf56a09b2994 27b36c9aeb75d20d 76dcbf56a09b2994 27b36c9aeb75d20d 76dcbf56a09b2994
ZMM18=eead7cd75d2e65b9 c5427b047b4919f3 eead7cd75d2e65b9 c5427b047b4919f3 eead7cd75d2e65b9 c5427b047b4919f3 eead7cd75d2e65b9 c5427b047b4919f3
ZMM19=7709000000000000 0000000000000004 7709000000000000 0000000000000003 7709000000000000 0000000000000002 7709000000000000 0000000000000001
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000380803e8
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0301080003e00300 080003d803000000 0000000000000000 0c00000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00280803b0030108 0003a80300000000 0000800000000000 000000000000001b
ZMM24=7b4919f37b4919f3 7b4919f37b4919f3 7b4919f37b4919f3 7b4919f37b4919f3 7b4919f37b4919f3 7b4919f37b4919f3 7b4919f37b4919f3 7b4919f37b4919f3
ZMM25=c5427b04c5427b04 c5427b04c5427b04 c5427b04c5427b04 c5427b04c5427b04 c5427b04c5427b04 c5427b04c5427b04 c5427b04c5427b04 c5427b04c5427b04
ZMM26=5d2e65b95d2e65b9 5d2e65b95d2e65b9 5d2e65b95d2e65b9 5d2e65b95d2e65b9 5d2e65b95d2e65b9 5d2e65b95d2e65b9 5d2e65b95d2e65b9 5d2e65b95d2e65b9
ZMM27=eead7cd7eead7cd7 eead7cd7eead7cd7 eead7cd7eead7cd7 eead7cd7eead7cd7 eead7cd7eead7cd7 eead7cd7eead7cd7 eead7cd7eead7cd7 eead7cd7eead7cd7
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=7509000075090000 7509000075090000 7509000075090000 7509000075090000 7509000075090000 7509000075090000 7509000075090000 7509000075090000
info registers vcpu 2

CPU#2
RAX=ffffffff8cf081c0 RBX=0000000000000000 RCX=1ffffffff19e1040 RDX=dffffc0000000000
RSI=ffffffff89f4d6b4 RDI=ffffffff8cf08200 RBP=ffffc900039a7d80 RSP=ffffc900039a7d48
R8 =0000000000000005 R9 =0000000000000006 R10=0000000000000000 R11=0000000000000001
R12=ffff8880574372c0 R13=0000000000000080 R14=00007ffea801ea20 R15=00007ffea801ea1c
RIP=ffffffff89f4d6f8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000555579d9b500 ffffffff 00c00000
GS =0000 ffff8880d6913000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000555579db65c8 CR3=000000005123d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000040000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea801f0e0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7b9c11b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7b9c11b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7b9c11b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7b9c11b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7b9c11bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc7b9c11c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000078
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000005d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855bced5 RDI=ffffffff9b0c72a0 RBP=ffffffff9b0c7260 RSP=ffffc900040574e0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=000000000000005d R14=ffffffff9b0c7260 R15=ffffffff855bce70
RIP=ffffffff855bceff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f66ed2606c0 ffffffff 00c00000
GS =0000 ffff8880d6a13000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000000440 CR3=00000000539ff000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f66ec411b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f66ec411b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f66ec411b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f66ec411b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f66ec411bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f66ec411c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f66ec585488 00007f66ec585480 00007f66ec585478 00007f66ec585450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f66ed0ed100 00007f66ec585440 00007f66ec585458 00007f66ec5854a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f66ec585498 00007f66ec585490 00007f66ec585488 00007f66ec585480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000