last executing test programs:

6.279216067s ago: executing program 2 (id=382):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800018, 0x19) (async)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, "449bab59"}, @main=@item_4={0x3, 0x0, 0x0, "0d34b68a"}, @local=@item_4={0x3, 0x2, 0x0, "0f4b99cb"}]}}, 0x0}, 0x0) (async, rerun: 64)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) (rerun: 64)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/26, 0x1a}], 0x1, 0x2, 0x0) (async)
close_range(r2, 0xffffffffffffffff, 0x0)

4.149869365s ago: executing program 2 (id=394):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000800)={'xfrm0\x00', <r1=>0x0}) (async)
r2 = socket(0x11, 0x3, 0x0) (async)
r3 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="600000000206050000000000000000000000000014"], 0x60}}, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x8400, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000300)=ANY=[@ANYBLOB='6'], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) (async)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000000)={0xc}) (async)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000500010007"], 0x1c}}, 0x0) (async)
sendmsg$NFNL_MSG_CTHELPER_NEW(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x20, 0x0, 0x9, 0x101, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFCTH_TUPLE={0xc, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040042}, 0x10)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @empty}, 0x1c) (async)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="0003"], 0x20) (async)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, 0x0, 0x0) (async)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x34, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {{}, {}, {0x18, 0x17, {0x2, 0x9, @l2={'ib', 0x3a, 'geneve0\x00'}}}}}, 0x34}}, 0x24008080) (async)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}}, 0x1c) (async)
r8 = socket$key(0xf, 0x3, 0x2)
ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000040)={'veth1\x00', 0x800}) (async)
connect$bt_sco(r2, &(0x7f0000000000), 0x8)
sendto$packet(r2, &(0x7f0000000380)="6fa4bf90aa8a2fa38a8f6c8fa168f069adfc79fefab38d472b35afef1abf5976aa851156780bb0fe", 0x28, 0x0, &(0x7f00000000c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @random="0786dbd848f5"}, 0x14)

4.149550137s ago: executing program 1 (id=395):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x3e, 0x0)
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000240)='.\x00', &(0x7f00000003c0), 0x200000, 0x0)
r2 = syz_usb_connect$cdc_ecm(0x0, 0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="12011001020000402505a1a440000102030d0902"], 0x0)
syz_usb_disconnect(r2)
syz_usb_disconnect(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
mount$nfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fsc'])
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff})
syz_usb_control_io$cdc_ncm(r2, &(0x7f00000002c0)={0x14, &(0x7f0000000780)={0x20, 0xa, 0x102, {0x102, 0x3, "0c3a60203ad53f563299046f1bb63a9ab0eca8bd62f16fd9a6a63fa7edf32c3d7252f4f46877538c81b3b4e989dbc2d83660ffe3847cd807a6361b73f2474a3b0e2365922a8d9784e070c71b946483afd267845b3aa126714ab829760540a0e4b041ec9f620dd6c68fce83c26c1d1fd8f1c6b6905fca46128d3ac3af77345c20ec1303bdc5165954a6a5f6c200bbc0fb4557c20b3587e2d07fba96b741d86892da6a9d3bb600ec7c6ebef6e71dc49af75208248281a4065dffd00296487c7668107c5f1422e4fb405962260c82b81efa75dd20441692c7466875db1e646c9e6511ec2feb07e5b8fa11fd640cac6f7cf78fa758f9fefe5fb3756f0bc97fba4ff4"}}, &(0x7f0000000280)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000580)={0x44, &(0x7f0000000600)=ANY=[@ANYBLOB="2017970000005a880c512d6529dd3bdc4a96a7c0691798b01d9c3675a37e271f41e0aaea5da8ee536c804c25d2172fb8894140d6879d45a02212bcd90781f7e12788a6827cdf0f77d48b73846139a297ad7c14a7297d16f705ca42db2f4ffe5efe3a249b5fb1f99bae29933b6a92216664b218af2e5ca0d2feac39c76beab9ba91077cc2e920f09d9402b0ea8aadacb360ac0583822d44a681da277feab394bdc7ce6cb92917eb90632b3c2208d6376ed28f94ac5496eb7679e6c57959ae4d5ad16b75651c0dd6e74d945098ae0cbc6b41b363dd3731db09980dc8546d79b575be4b4c5ab7fe9f986ce210d1c85458df56228050943b7600c5481f9ea2446dc954f94a20d42110dab890c0c91fa5a7694fb27e60d98d5871ab5f5a9c0703eb6291dbfc7b7a58a3ceb3721136b031c4894e3d31b820ecde386bd998ac4139f3eda36cfd17e5e848325b919386ee161e02facf94736da699"], &(0x7f00000003c0)={0x0, 0xa, 0x1, 0x6}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000440)={0x20, 0x80, 0x1c, {0xa498, 0x8, 0x488700, 0x4, 0xa, 0x3, 0x0, 0xfffffe00, 0x100, 0x3ff, 0x2, 0x7}}, &(0x7f0000000480)={0x20, 0x85, 0x4, 0x10001}, &(0x7f00000004c0)={0x20, 0x83, 0x2}, &(0x7f0000000500)={0x20, 0x87, 0x2, 0x6}, &(0x7f0000000540)={0x20, 0x89, 0x2}})
getsockopt$inet_sctp_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
r4 = memfd_create(&(0x7f00000025c0)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x84\xcdN\xf7\xbd\x89\x8b\xf6\xa8\x03\xc1\x16\xd1\xaf\xf6\b~\xed_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xadaC\xa6\xf9\xa7>c\x84\xd8\xfa\xf1\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xa0k\x9e\xe3\x0f/\xb8g8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\xea\x82\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\x0f\x8eS\xaeX\x93\x7f\xd3\xb9a\xe4\xe0\xbd\xd9\xf5\xe4e\xf9\xcam\x1bQ6\xe8\xf90J\x81\xc4\xb9R\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x84\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x05\x16\xb9\xe9\xdc~\xd3\xa7\x1b\x9ffq\xd6\xef\xfe\x11\x7f-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj/\x03\x00\x00\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfep\xf3\x93\x9d\x7f@9\xc0\xd2\xf1#\xe7N\x89\xf8\xe8+\xa1\x82\x13\xb2\xa9\xef\xa5\xf8\x8b \x00\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)2\xe2\xd6\x81\x00b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|&k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1\x89\x02r>*\xce\x99\x04\xb9\x90\xbc\xc9#\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc2Ru2Ht\re\xa1\xf6\xbd\xaa\xb0\x83}i\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccAV\xac\x11\xa4\xdd\xb7\xe7\x1a\xa4O\xb4\xed\xc8\xccH\xd1=\x81\x00\x00\x00\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xd6\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\x86C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17U\xf0\x16K\xf9&@\xb1[\xe2j$F1n@\xde\n%t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5#\x7f\xa8\x1f\x14\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebk\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x850\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96\x87\xc0e\xab\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbb\x06\x00\x00\x00\x00\x00\x00\x00U \x98\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\"k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#Z\x85\xf9V\xe6\xffA\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xec\x01\'\t\x89(\xf9\x98B\xaf\xde*\x91\xd5k\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\xf1`\x90D\xd1|%(\xd8\t\xea\xdfC\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xc9\xcfw\xf3\x02\x1b\xde\xc3\x86\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x13\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcdQ\xdf\x83\xbdjp,\xe8\xbb\xe6\xc6Db\xb8\xd6\xcd\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdc\x8a\xa1\xfaR\xbc\xd4k7L\x8a\xa3Z\xf9%{\xfax\x9a\x04\'/\x90\xe6\xe2\xe9\xf1@o\x0ez\xb8\xce\xbeF\x0fkE\xf4ry\x92n\xff\xcb\xf8e\xf3j\xc5[wK\x91\xdb\xf7-r\xd3\x1bx\x9b$\x91\x03q\x9e@\xd8R\x11\x05|\x8f\xb4\xc9\x16\x87C\xab\x96\xc4\xef\xea\xb9\r\xf5\xf3\xbe\x8a\t\xc7\x88\xc0sL;.\xcf\x1d\xc4^\xb0l\xbb\x97\xc5\xf6n\xca\x18M\xb8\x81\xff\xa9~\xf7\xa3\xa6\xd3\x15I\xecXG\x89\xa8\b\x8b\xcc\xe8\x88\xa07Z\x03\xa8.\x7f\x16qlk\xf1\xf1y\x8c\xd5\xd6|\xa1(\xf4\x12O\xca3\xf8%1\x8d\xd7\a\xfeJ\xe6\x8bc\xb3\x1bKC.\xafB\x8d\xdd\xf9\x1e\x9d\xa7\x13\x00\x14\xc7\xa1\xf3\x1e\xcb\x19\x13z`\xac\xf3\xd1x\x1b#}\xfaYR\xc5#Zoag@\x18\xfa*\xb4\xc4\x04\x03V\x87\xc5\xe7\xb5\x9bJ\x85-\x7f\xfe\xc0\xb7g\xe8\'`\x96q\x88[\xf8\xe8L\x12\x85\xf5t\x99\x0e}\xd3H\xed\xda\xf3>\xd8\x12\x8cXc5%\x03\x8d`\xdayC\x9b\x9a\xd9c\xe9\xb4\v\x99\x87\xe4\x00\x8a\x8eS\x8e\f\x05ZH\xa2\x0e\xbc\x9c\x95\b2Cf\x86\xbe\xd0\xda\x91\xc1sl\x11P\x93\xa5\x93\xc8\xf1w\x7fp6z\xbf\xe8[\'u\xb8\xd2$K\x12\rt\x87\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfa$9N\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\xe2`\xdf\xd2\xb3\xaf\xe9\xc4!Z\xb4&\xa2\x12\xe2i\x91kC$A\xafR\xb3\xff\x1d=\xec\x10\xb4+\x13\'\x92>\x14\x00\a\xb6R\x8b\xdcz\xc3\xd1Y\xd6\xd9;s \xb0\x938\xb7D9\xdcX\xbd\xdbn\xe35\xa7\x02\x9c\xc1\xd9\x13?\xc9\xd7\xab\x9c\xf3\x82\xd1\xee^kk\xce\xdbn\x02\x1f\x80\t\xdbr\xa5\x13*\xec\x8c\xd4\xef\xad\x02W/p\x97\xb0\xbd\x8f\xdb|n2a\xee\x95u\x83\xca\x8a>}\xd3\xd0\xff6.pa\x17\xe3e\xd2\x7f\xf6\xbc\x9d\x112\x1b\x14<B\x91\xc0{{\x9d@\xb3a\xad\x14\xe9\xcc|\xd7\xa1\xc6\xb9F\x04\xce]\xb9YXZ\r\xb4\x05u\xda\x14R\xbd\xbd\f\xa4F;q\xec\x83\x9bM\x93\xa4\x9c\xdd\x93\xa0\x82E\x02d\xd4RAI\xd9O\x17\xa6P#\xa35\a\xf6\xbb\t>p\xa1\xd6u\xefn\xb4\xa3\x05D\x8c\xc5l\xcc\b\xeb\xf42\xe9\xf15\xf3\xf2\xee\xd6\xed\t\xb3\xf7\x1a\x7f\xe6\xb4z\x19\xe1\xb4w\xf7\xa6\xd7\\\xfa\x96\xe2\xf9\xb1\x81\xba\xdfg\xadI\x1c\xde*_\xd5\xdf\xeeA\xcd \x91\xc9\xd4\xd1\xcd*.t\x80]\x00\x00\x00\x00\x05ne-V\x11\x13\xbb\xd7\x1dV\x93\x15\xa1\x9a\xa9\xab_H\x00\x00\x00\x00\x00\x00\x00\x00\x00\x99\xf8\x89\xf3J@\x17\xe8\xa0\x1e\x9d\"\xa0s\xf1XNfC\xc2\xec\x00\x9da\xec\x1c-JcF\x81i\xe5\x12\xcc\xba\xea*\x80\xa5\x13\x0e\x91]\xae\x0e\x13\xcej-6\x11\x01\x93\xda\x0e\v\xa0\xc8\xd2NP\xf6\xdfM\xc1\x8b\xf0\xed @ \x18\xb6\x12\xefu\xf3\xc52\x89\xe2\x11\xce\xa2\xc0\x9b&\xf1~8\xd3\x87t#D\xa6\xe0S\xa9Av\t\xc9B\xf6\xfa\xff\x11\x10]\x88\x86\xfc\x88R[\b\az\xce\x8a\xaa\x96\x14v\x93\x02C\x00\xc9\xa3b\x8d\x9c\xbal\xee\xd8w\xaeDt\xe8\x04\xe7\xb0\x99\xa3\xef#\x85Q!V\xe9\xc0i\xf4\xa6\xb2[\xd4J\x81&\x1b\x85\x04\xc0\xed\n\xffx\x0e\xa8\xb1\x962\xf8\xf0\x87\xaf\x18\x19\x84', 0x3)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10812, r4, 0x0)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000132000/0x1000)=nil)
brk(0x20001000)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r2)

4.049961193s ago: executing program 2 (id=396):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000203"], 0x30}}, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0xc0105500, &(0x7f0000000000)=ANY=[@ANYBLOB="a1"])
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040f63defa3d04"], 0x7)
openat$kvm(0xffffffffffffff9c, 0x0, 0x34100, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x2, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_conn_param_update_rsp={{0x13, 0x5, 0x2}, {0xfffd}}}}, 0xf)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x0, 0xc9}}}, 0x8)

4.049773442s ago: executing program 2 (id=397):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.690342489s ago: executing program 0 (id=402):
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000140)={0x10})
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f00000000c0)='./file1\x00', 0x200, 0x101)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x22301, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000080)=0x100)
write$binfmt_script(r1, &(0x7f00000005c0)={'#! ', './file0'}, 0xb)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r4=>0x0})
sendto$packet(r2, &(0x7f0000000180)="10810000001500000000", 0x4c, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountstats\x00')
preadv(r5, &(0x7f0000000000)=[{&(0x7f0000002380)=""/165, 0xa5}], 0x1, 0x3, 0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r0, 0x0, 0x25, 0x18, @void}, 0x10)
chdir(&(0x7f0000000140)='./bus\x00')
r6 = open(&(0x7f00000002c0)='./file1\x00', 0x4000, 0x172)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x18, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xffffffff, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f00000001c0)=0x20000008)

1.540110457s ago: executing program 2 (id=403):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
sendto$inet(r1, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @local, @remote, @link_local, @remote}}}}, 0x0)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040), 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x24, 0x14, 0x603, 0x0, 0x0, {0x11}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "bc0a5a8f395123f324"}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='bond_slave_1\x00', 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x38, 0x18, 0x1, 0x70bd27, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}]}, 0x38}}, 0x0)

1.13970886s ago: executing program 0 (id=404):
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x11, @rand_addr, 0x0, 0x0, 'none\x00', 0x0, 0xfffffffc}, 0x2c)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c92012000e00050015050a00"], 0x17)

1.139360874s ago: executing program 0 (id=405):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300006773da2085000000040000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_split\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0x43400) (fail_nth: 16)

1.068939668s ago: executing program 0 (id=406):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58)
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240))
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_loaded', 0x0, 0x0)
ioctl$VHOST_VDPA_SET_VRING_ENABLE(0xffffffffffffffff, 0x4008af75, 0x0)
syz_emit_vhci(&(0x7f0000002300)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_ext_features={{0x23, 0xd}, {0x0, 0xc8, 0x5, 0x5c, "fb97644d35da697e"}}}, 0x10)
read$FUSE(r3, &(0x7f00000002c0)={0x2020}, 0x2020)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r4, 0xc2604111, &(0x7f0000000540)={0x4, [[0x1, 0x1, 0x6eda, 0x9, 0x3ecb, 0x353, 0x101, 0x2], [0x5, 0x7, 0x2, 0xffff, 0xea, 0xe8, 0xfffffff9], [0x1, 0x9, 0x401, 0x8185, 0x6, 0x7, 0x540532ce, 0x3]], '\x00', [{0x13c, 0x10001, 0x1, 0x0, 0x1, 0x1}, {0x4, 0x1, 0x0, 0x1, 0x1}, {0x7fff}, {0x4, 0x6, 0x0, 0x1, 0x0, 0x1}, {0x8, 0x1}, {0x60d, 0x9, 0x1, 0x1, 0x1, 0x1}, {0x4, 0x2, 0x1, 0x1}, {0x4e, 0x80000000, 0x1, 0x0, 0x1, 0x1}, {0x8, 0x5, 0x1}, {0x3, 0x2, 0x0, 0x0, 0x1}, {0x7}, {0x101, 0x7fc0, 0x1}], '\x00', 0x5c19})
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x5453c2, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x141c95, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, <r6=>0xffffffffffffffff}, './file0\x00'})
r7 = socket$inet6(0xa, 0x3, 0x4)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x43, &(0x7f0000000340)={{{@in=@broadcast, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x0, 0x1000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0x2, 0x1}, {{@in6=@mcast1}, 0xa, @in6=@private1={0xfc, 0x1, '\x00', 0x3}}}, 0xe4)
openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x206600, 0x0)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000002480)="d52c7729279b9aaccd6699640c10f1a5162126d0c852db8082cd59a6777ef3151978f0598a5e5950a98aff8f4b5a137100718895d4b881a72a5e56c27fb7e15ea7d22e1cf8c9f62f5b182d5a01c5dad92b6ed8ea6599f613e316f937cf12f4e31fe9dcd701f1805623d51b34037905c44fce770dbb53cd564b08db1765f0299c9858de43737fdbeb299bd5da3c992145d735052bb174bc2105ac1198497c6532b99f8aa14e2a448c4e498e045679da9240670472fd2bce7c8fe4217d849f50bd6cabaf73710cfcb49b6cd1fcb673", 0xce)
syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r4)
close(0x3)
syz_emit_ethernet(0x2a, &(0x7f0000002340)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd00010997731974397618c9ea43c204596300080006040001aaaaaaaaaaaaac1414bb0180c2000000ffffffffaeb862bc05000000250ed4e06e23a087b1dc5f31353d8538371ee750514731c03f411d973f93fce4966cf90c026daad2c0d1e1c29f5ea1f11dfd105972dcabeb77672e3e1b45db033abd7f8346d67939c9efd2d90d2c866a76f342d4948217d853c103d5ba540380e214d170069c1b221a01e4fea333d07e96246b50655198f5a397df60c8f35a5cd04e0d26b7102429091371383f6220fd5a94dd0406a128b363adf2ccd1a12442ae7978c83a9bb5cbb0e46a4210a89e555bf92fb46803e655496ddb5d8de4841a23bbffe77f6eb132ed7226736a02789ad0ff022e98139aba6f1429caa4247b73f7e3d5"], 0x0)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
mmap$xdp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000009, 0x8013, r8, 0x100000000)
dup3(r5, r0, 0x80000)

1.068715711s ago: executing program 1 (id=407):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0xffb, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000040)={0x13, 0x1, 0x3, "d287202724ca4a4809867c003323de4e0b33e71c059706050000ae035b0e363f", 0x33363248})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r4=>0x0})
r5 = socket(0x28, 0x5, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r5, 0x28, 0x2, &(0x7f0000000000)=0x1, 0x8)
sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)={0x58, r1, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x30, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}, @NL80211_KEY_MODE={0x5, 0x9, 0x1}]}]}, 0x58}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="50001c84", @ANYRES16=r0, @ANYBLOB="01000000000000000000010000003c000180060001000a0000000c00070000000000000000000800090064000000090006006e6f6e650000000008000800000000000800050001000000"], 0x50}}, 0x0)

1.068631838s ago: executing program 1 (id=408):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MSR_PLATFORM_INFO(r1, 0x4068aea3, &(0x7f0000000380)={0xc0, 0x0, 0x1})

879.685461ms ago: executing program 3 (id=409):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendto$unix(r1, &(0x7f0000000180)="10251076e2333a38ddbbfaf67dec35184eac49ed30d21adbb2739b5415f34afd4bdeeee4c447ac8ac9349980b0fc80af", 0x30, 0x0, &(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000100)=@req3={0x3, 0x15bc, 0x1, 0x548e, 0x7, 0x2, 0x3}, 0x1c)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, 0x0, 0x0, 0x11203}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x884}, 0x0)
r3 = socket(0x1e, 0x1, 0x0)
getsockopt$inet_tcp_buf(r3, 0x6, 0xb, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000040)='fusectl\x00', 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=@newsa={0x148, 0x1a, 0x713, 0x0, 0x0, {{@in6=@loopback, @in=@multicast2}, {@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x32}, @in=@multicast2, {0x0, 0xfffffffffffffffc}, {}, {}, 0x0, 0x4, 0xa, 0x1}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @XFRMA_SET_MARK={0x8}, @XFRMA_SET_MARK_MASK={0x8}]}, 0x148}}, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r6 = signalfd(r0, &(0x7f00000000c0)={[0x8]}, 0x8)
ioctl$LOOP_CHANGE_FD(r6, 0x4c06, r4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lsetxattr$trusted_overlay_origin(&(0x7f0000000180)='./file1\x00', &(0x7f0000000280), &(0x7f0000000440), 0x2, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000800)={'geneve0\x00', <r8=>0x0})
r9 = socket(0x11, 0x3, 0x0)
sendto$packet(r9, &(0x7f0000000000)="1412e0c84935a9738e0ff2f788a8", 0x12, 0x0, &(0x7f00000007c0)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @broadcast}, 0x14)

790.314918ms ago: executing program 3 (id=410):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000008c0), r0)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000900)={0x3c, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8041}, 0x4008000)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@bridge_setlink={0x28, 0x13, 0x200, 0x70bd2c, 0x25dfdbfc, {0x7, 0x0, 0x0, 0x0, 0x401, 0x4}, [@IFLA_TXQLEN={0x8, 0xd, 0x7}]}, 0x28}, 0x1, 0x0, 0x0, 0x40810}, 0x4081)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

790.122733ms ago: executing program 3 (id=411):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

690.233751ms ago: executing program 2 (id=412):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x4, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x8940)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e00000000000000040000000300000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000002000000000000bd0000908f0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
socket$key(0xf, 0x3, 0x2)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000100)="5fc908", 0x3}], 0x1)

196.36764ms ago: executing program 0 (id=413):
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x11, @rand_addr, 0x0, 0x0, 'none\x00', 0x0, 0xfffffffc}, 0x2c)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c92012000e00050015050a00"], 0x17)

196.142993ms ago: executing program 0 (id=414):
syz_open_dev$vim2m(&(0x7f0000000a40), 0x9, 0x2)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = fsopen(&(0x7f0000000000)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, 0xffffffffffffffff, 0x0, 0x0)
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x48e01)
r4 = syz_io_uring_setup(0x27b0, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0x100000, 0x179}, &(0x7f0000000100)=<r5=>0x0, &(0x7f00000007c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000340)=[{0x0}], 0x1})
sendmsg$NFC_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYRESDEC=r6], 0x2c}, 0x1, 0x0, 0x0, 0x850}, 0x24004091)
io_uring_enter(r4, 0x4d10, 0x2, 0x2, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x1fd, 0x3, 0x0, 0x2000, &(0x7f000000e000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
setsockopt$TIPC_IMPORTANCE(0xffffffffffffffff, 0x10f, 0x7f, &(0x7f0000000000)=0x5, 0x4)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0a00100000004000000060ec97000fc82b00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

128.863023ms ago: executing program 1 (id=415):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300006773da2085000000040000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_split\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200)=0x8008, 0x43400)

128.43712ms ago: executing program 3 (id=416):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000007600110d0000000000000000030000000000000008000500c355d6ba"], 0x20}, 0x1, 0x0, 0x0, 0x4000080}, 0x20048840)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
open(&(0x7f00000002c0)='./bus\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100736974000c00028008000100567fecfb0d0bac9e8b7634b20b1a0c4490c8d1147625464da12dc024dee295ddaeedb2c41a0346", @ANYRES32=r3, @ANYBLOB="08000300", @ANYRES32=r3, @ANYBLOB], 0x40}}, 0x0)

45.690014ms ago: executing program 1 (id=417):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r0, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f00000001c0)='./file1/../file0\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)

45.551283ms ago: executing program 3 (id=418):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'macvlan0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

45.316195ms ago: executing program 1 (id=419):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x1e, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc001}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x1}, @IFLA_BOND_PRIMARY={0x8}]}}}]}, 0x44}, 0x1, 0x2000000000000000}, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$unix(0x1, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, 0x0, 0x24044884)
r6 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r6)
socket$inet_sctp(0x2, 0x1, 0x84)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
fstat(r8, &(0x7f0000000380))
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

0s ago: executing program 3 (id=420):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f000001fb00)={0x48, r1, 0x1, 0x1f00, 0x0, {{}, {@val={0x8, 0x1, 0x49}, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}]}]]}, 0x48}}, 0x0)

0s ago: executing program 1 (id=421):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x63c, 0x1, 0x2, 0xd59f83, 0x19f2, 0x3f, 0x19ef, 0x3, 0x4, 0x2800, 0x2800, 0x2800, 0xba2, 0x0, 0x38, {0x8, 0xffffffff}, 0xd1, 0x9}})

kernel console output (not intermixed with test programs):

[   31.627503][   T39] audit: type=1400 audit(1732090628.768:82): avc:  denied  { siginh } for  pid=5861 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   31.960097][   T39] audit: type=1400 audit(1732090629.118:83): avc:  denied  { read } for  pid=5343 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   31.966013][   T39] audit: type=1400 audit(1732090629.118:84): avc:  denied  { append } for  pid=5343 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   31.972475][   T39] audit: type=1400 audit(1732090629.118:85): avc:  denied  { open } for  pid=5343 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   31.978345][   T39] audit: type=1400 audit(1732090629.118:86): avc:  denied  { getattr } for  pid=5343 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
Warning: Permanently added '[localhost]:39696' (ED25519) to the list of known hosts.
[   33.352686][   T39] audit: type=1400 audit(1732090630.508:87): avc:  denied  { name_bind } for  pid=5871 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   35.224101][ T5873] cgroup: Unknown subsys name 'net'
[   35.389776][ T5873] cgroup: Unknown subsys name 'cpuset'
[   35.392706][ T5873] cgroup: Unknown subsys name 'rlimit'
[   35.566985][ T5940] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   36.193265][ T5873] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   38.503946][   T39] kauditd_printk_skb: 17 callbacks suppressed
[   38.503957][   T39] audit: type=1400 audit(1732090635.658:105): avc:  denied  { execmem } for  pid=5945 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   38.684374][   T39] audit: type=1400 audit(1732090635.838:106): avc:  denied  { create } for  pid=5949 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   38.696577][   T39] audit: type=1400 audit(1732090635.838:107): avc:  denied  { read write } for  pid=5949 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   38.702503][   T39] audit: type=1400 audit(1732090635.838:108): avc:  denied  { open } for  pid=5949 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   38.708300][   T39] audit: type=1400 audit(1732090635.848:109): avc:  denied  { ioctl } for  pid=5949 comm="syz-executor" path="socket:[7454]" dev="sockfs" ino=7454 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   38.739657][ T5963] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   38.739695][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   38.742239][ T5963] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   38.744488][ T5955] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   38.746063][ T5963] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   38.747136][ T5955] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   38.749135][ T5963] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   38.751181][ T5955] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   38.752511][ T5963] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   38.754130][ T5955] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   38.755604][ T5963] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   38.756448][ T5964] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   38.757474][ T5955] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   38.757904][ T5964] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   38.758276][ T5964] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   38.759082][ T5964] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   38.759159][ T5963] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   38.760640][ T5955] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   38.763906][ T5964] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   38.764069][ T5964] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   38.766576][ T5966] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   38.767326][   T39] audit: type=1400 audit(1732090635.918:110): avc:  denied  { read } for  pid=5960 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   38.767347][   T39] audit: type=1400 audit(1732090635.918:111): avc:  denied  { open } for  pid=5960 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   38.767363][   T39] audit: type=1400 audit(1732090635.918:112): avc:  denied  { mounton } for  pid=5960 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   38.802389][ T5966] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   38.804830][ T5966] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   38.806874][ T5966] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   38.895434][   T39] audit: type=1400 audit(1732090636.048:113): avc:  denied  { module_request } for  pid=5960 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   38.923223][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   38.934529][ T5960] chnl_net:caif_netlink_parms(): no params data found
[   39.051917][ T5956] chnl_net:caif_netlink_parms(): no params data found
[   39.089601][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.092054][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.094049][ T5950] bridge_slave_0: entered allmulticast mode
[   39.096056][ T5950] bridge_slave_0: entered promiscuous mode
[   39.100978][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.102865][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.104803][ T5950] bridge_slave_1: entered allmulticast mode
[   39.106809][ T5950] bridge_slave_1: entered promiscuous mode
[   39.152809][ T5960] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.154737][ T5960] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.156563][ T5960] bridge_slave_0: entered allmulticast mode
[   39.158893][ T5960] bridge_slave_0: entered promiscuous mode
[   39.161266][ T5960] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.163106][ T5960] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.164933][ T5960] bridge_slave_1: entered allmulticast mode
[   39.166907][ T5960] bridge_slave_1: entered promiscuous mode
[   39.194930][ T5949] chnl_net:caif_netlink_parms(): no params data found
[   39.203324][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.242116][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.244175][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.246170][ T5956] bridge_slave_0: entered allmulticast mode
[   39.249133][ T5956] bridge_slave_0: entered promiscuous mode
[   39.253295][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.255192][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.257044][ T5956] bridge_slave_1: entered allmulticast mode
[   39.259055][ T5956] bridge_slave_1: entered promiscuous mode
[   39.263189][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.268638][ T5960] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.277765][ T5960] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.343128][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.347365][ T5950] team0: Port device team_slave_0 added
[   39.354541][ T5960] team0: Port device team_slave_0 added
[   39.357468][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.361383][ T5950] team0: Port device team_slave_1 added
[   39.380800][ T5960] team0: Port device team_slave_1 added
[   39.418367][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.420351][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.422236][ T5949] bridge_slave_0: entered allmulticast mode
[   39.424283][ T5949] bridge_slave_0: entered promiscuous mode
[   39.426699][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.429302][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.431972][ T5949] bridge_slave_1: entered allmulticast mode
[   39.435108][ T5949] bridge_slave_1: entered promiscuous mode
[   39.449601][ T5956] team0: Port device team_slave_0 added
[   39.452581][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.454957][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.461602][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.465798][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.468326][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.475171][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.506125][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.508037][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.514571][ T5960] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.518698][ T5956] team0: Port device team_slave_1 added
[   39.524452][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.528264][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.530747][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.540077][ T5960] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.552605][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.590504][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.592337][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.599091][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.602961][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.604934][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.612800][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.625060][ T5949] team0: Port device team_slave_0 added
[   39.638469][ T5950] hsr_slave_0: entered promiscuous mode
[   39.640525][ T5950] hsr_slave_1: entered promiscuous mode
[   39.646421][ T5949] team0: Port device team_slave_1 added
[   39.684210][ T5960] hsr_slave_0: entered promiscuous mode
[   39.686165][ T5960] hsr_slave_1: entered promiscuous mode
[   39.688104][ T5960] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   39.690238][ T5960] Cannot create hsr debugfs directory
[   39.720500][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.722406][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.729451][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.737591][ T5956] hsr_slave_0: entered promiscuous mode
[   39.739454][ T5956] hsr_slave_1: entered promiscuous mode
[   39.741234][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   39.743208][ T5956] Cannot create hsr debugfs directory
[   39.765939][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.767934][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.774535][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.828970][ T5949] hsr_slave_0: entered promiscuous mode
[   39.830910][ T5949] hsr_slave_1: entered promiscuous mode
[   39.832769][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   39.834738][ T5949] Cannot create hsr debugfs directory
[   39.991013][ T5950] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   39.995460][ T5950] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   39.999337][ T5950] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   40.002483][ T5950] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   40.019624][ T5960] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   40.023170][ T5960] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   40.026226][ T5960] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   40.030864][ T5960] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   40.059209][ T5956] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   40.064110][ T5956] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   40.073613][ T5956] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   40.076641][ T5956] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   40.102028][ T5949] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   40.105321][ T5949] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   40.110030][ T5949] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   40.114083][ T5949] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   40.140005][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.154293][ T5960] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.172166][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   40.176842][ T5960] 8021q: adding VLAN 0 to HW filter on device team0
[   40.188283][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.190302][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.193813][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.195689][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.202888][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.207063][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.209021][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.212086][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.213942][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.253828][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.256350][ T5956] 8021q: adding VLAN 0 to HW filter on device team0
[   40.266249][   T84] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.268205][   T84] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.275123][ T5950] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   40.282460][   T84] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.284232][   T84] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.286233][   T39] audit: type=1400 audit(1732090637.438:114): avc:  denied  { sys_module } for  pid=5960 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   40.291714][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   40.305247][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.307666][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.311719][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.314239][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.351609][ T5960] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.371179][ T5960] veth0_vlan: entered promiscuous mode
[   40.377002][ T5960] veth1_vlan: entered promiscuous mode
[   40.383478][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.409014][ T5960] veth0_macvtap: entered promiscuous mode
[   40.412119][ T5950] veth0_vlan: entered promiscuous mode
[   40.415346][ T5960] veth1_macvtap: entered promiscuous mode
[   40.419377][ T5950] veth1_vlan: entered promiscuous mode
[   40.431942][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.435341][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.441183][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.448857][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.453188][ T5960] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.456154][ T5960] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.459303][ T5960] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.461601][ T5960] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.469559][ T5950] veth0_macvtap: entered promiscuous mode
[   40.473377][ T5950] veth1_macvtap: entered promiscuous mode
[   40.494042][ T5949] veth0_vlan: entered promiscuous mode
[   40.497773][ T5949] veth1_vlan: entered promiscuous mode
[   40.503720][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.507880][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.511046][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.519614][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.522641][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.525886][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.535376][ T5950] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.539739][ T5950] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.542625][ T5950] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.545746][ T5950] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.556695][ T5956] veth0_vlan: entered promiscuous mode
[   40.565530][ T1224] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.568213][ T1224] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.574673][ T5956] veth1_vlan: entered promiscuous mode
[   40.591752][ T5949] veth0_macvtap: entered promiscuous mode
[   40.596577][ T5949] veth1_macvtap: entered promiscuous mode
[   40.604893][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.608439][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.610947][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.613606][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.616704][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.620098][  T214] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.622139][  T214] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.624126][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.626810][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.629552][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.632229][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.635512][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.646746][ T5956] veth0_macvtap: entered promiscuous mode
[   40.652410][ T5949] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.653485][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.655691][ T5949] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.658622][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.660834][ T5949] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.660853][ T5949] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.663079][ T5956] veth1_macvtap: entered promiscuous mode
[   40.680517][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.683179][ T5960] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   40.683325][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.696886][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.700017][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.703117][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.706354][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.711136][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.714622][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.720221][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.732125][ T6015] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2'.
[   40.736370][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.739896][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.742491][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.745866][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.749357][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.752720][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.757941][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.765995][ T5956] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.768799][ T5956] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.771691][ T5956] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.774300][ T5956] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.789541][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.791651][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.798630][   T67] Bluetooth: hci3: command tx timeout
[   40.799254][ T5966] Bluetooth: hci2: command tx timeout
[   40.800260][ T5964] Bluetooth: hci1: command tx timeout
[   40.841069][ T6019] kvm: emulating exchange as write
[   40.868004][   T67] Bluetooth: hci0: command tx timeout
[   40.894758][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.896827][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.915879][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.918751][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.970584][ T6032] Can't find a SQUASHFS superblock on nullb0
[   41.010127][ T6031] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   41.014108][ T6031] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   41.017511][ T6031] bond0 (unregistering): Released all slaves
[   41.202381][   T64] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   41.348159][   T64] usb 7-1: Using ep0 maxpacket: 32
[   41.352554][   T64] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[   41.355248][   T64] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   41.358254][   T64] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[   41.361353][   T64] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   41.364485][   T64] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   41.367852][   T64] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   41.372264][   T64] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   41.374929][   T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   41.379459][   T64] usb 7-1: config 0 descriptor??
[   41.589954][   T64] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   41.595362][   T64] usb 7-1: USB disconnect, device number 2
[   41.599769][   T64] usblp0: removed
[   41.646347][ T1224] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.649026][ T1224] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.808976][ T6040] xt_ecn: cannot match TCP bits for non-tcp packets
[   41.954567][ T6043] mkiss: ax0: crc mode is auto.
[   41.967426][ T6043] Zero length message leads to an empty skb
[   42.091758][ T6050] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12'.
[   42.092308][ T6045] cgroup: fork rejected by pids controller in /syz3
[   42.106122][ T6045] syz.3.10 uses obsolete (PF_INET,SOCK_PACKET)
[   42.175086][ T6063] pim6reg: entered allmulticast mode
[   42.215694][ T6070] FAULT_INJECTION: forcing a failure.
[   42.215694][ T6070] name failslab, interval 1, probability 0, space 0, times 1
[   42.219653][ T6070] CPU: 0 UID: 0 PID: 6070 Comm: syz.1.17 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0
[   42.223275][ T6070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   42.226313][ T6070] Call Trace:
[   42.227201][ T6070]  <TASK>
[   42.227985][ T6070]  dump_stack_lvl+0x16c/0x1f0
[   42.229233][ T6070]  should_fail_ex+0x497/0x5b0
[   42.230475][ T6070]  ? fs_reclaim_acquire+0xae/0x150
[   42.232207][ T6070]  should_failslab+0xc2/0x120
[   42.233880][ T6070]  __kmalloc_node_noprof+0xd1/0x430
[   42.235681][ T6070]  ? alloc_slab_obj_exts+0x41/0xa0
[   42.237494][ T6070]  alloc_slab_obj_exts+0x41/0xa0
[   42.239275][ T6070]  __memcg_slab_post_alloc_hook+0x2a7/0x9b0
[   42.241319][ T6070]  ? nft_expr_init+0x218/0x3b0
[   42.242969][ T6070]  __kmalloc_noprof+0x38c/0x400
[   42.244266][ T6070]  nft_expr_init+0x218/0x3b0
[   42.245448][ T6070]  ? __pfx_nft_expr_init+0x10/0x10
[   42.246754][ T6070]  ? queue_delayed_work_on+0xcd/0x150
[   42.248094][ T6070]  ? lockdep_hardirqs_on+0x7c/0x110
[   42.249393][ T6070]  ? queue_delayed_work_on+0xa2/0x150
[   42.250741][ T6070]  nft_set_elem_expr_alloc+0x27/0x270
[   42.252211][ T6070]  nft_set_expr_alloc+0x2ab/0x5f0
[   42.253545][ T6070]  nf_tables_newset+0x30d1/0x41a0
[   42.254793][ T6070]  ? __pfx_nf_tables_newset+0x10/0x10
[   42.256582][ T6070]  ? __pfx___lock_acquire+0x10/0x10
[   42.258664][ T6070]  ? __nla_validate_parse+0x601/0x2880
[   42.260606][ T6070]  ? net_generic+0xea/0x2a0
[   42.262470][ T6070]  ? __pfx_lock_release+0x10/0x10
[   42.264352][ T6070]  ? trace_lock_acquire+0x14a/0x1d0
[   42.266249][ T6070]  ? __nla_parse+0x40/0x60
[   42.267690][ T6070]  nfnetlink_rcv_batch+0x1a28/0x24e0
[   42.269680][ T6070]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[   42.271369][ T6070]  ? avc_has_perm_noaudit+0x119/0x3a0
[   42.273298][ T6070]  ? avc_has_perm_noaudit+0x143/0x3a0
[   42.275102][ T6070]  ? __nla_parse+0x40/0x60
[   42.276662][ T6070]  nfnetlink_rcv+0x3c3/0x430
[   42.278085][ T6070]  ? __pfx_nfnetlink_rcv+0x10/0x10
[   42.279382][ T6070]  netlink_unicast+0x53c/0x7f0
[   42.280996][ T6070]  ? __pfx_netlink_unicast+0x10/0x10
[   42.282486][ T6070]  netlink_sendmsg+0x8b8/0xd70
[   42.283797][ T6070]  ? __pfx_netlink_sendmsg+0x10/0x10
[   42.285047][ T6070]  ____sys_sendmsg+0xaaf/0xc90
[   42.286411][ T6070]  ? copy_msghdr_from_user+0x10b/0x160
[   42.287880][ T6070]  ? __pfx_____sys_sendmsg+0x10/0x10
[   42.289278][ T6070]  ___sys_sendmsg+0x135/0x1e0
[   42.290552][ T6070]  ? __pfx____sys_sendmsg+0x10/0x10
[   42.291946][ T6070]  ? __pfx_lock_release+0x10/0x10
[   42.293277][ T6070]  ? trace_lock_acquire+0x14a/0x1d0
[   42.294665][ T6070]  ? __fget_files+0x206/0x3a0
[   42.295922][ T6070]  __sys_sendmsg+0x16e/0x220
[   42.297149][ T6070]  ? __pfx___sys_sendmsg+0x10/0x10
[   42.298509][ T6070]  do_syscall_64+0xcd/0x250
[   42.299738][ T6070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.301290][ T6070] RIP: 0033:0x7f9dd477e759
[   42.302495][ T6070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.307259][ T6070] RSP: 002b:00007f9dd55cb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   42.309341][ T6070] RAX: ffffffffffffffda RBX: 00007f9dd4935f80 RCX: 00007f9dd477e759
[   42.311322][ T6070] RDX: 0000000020050800 RSI: 00000000200000c0 RDI: 0000000000000003
[   42.313326][ T6070] RBP: 00007f9dd55cb090 R08: 0000000000000000 R09: 0000000000000000
[   42.315283][ T6070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   42.317342][ T6070] R13: 0000000000000000 R14: 00007f9dd4935f80 R15: 00007ffd1cdc6b38
[   42.319339][ T6070]  </TASK>
[   42.579447][ T6093] netlink: 188 bytes leftover after parsing attributes in process `syz.2.25'.
[   42.581731][ T6093] netlink: 'syz.2.25': attribute type 1 has an invalid length.
[   42.867570][   T67] Bluetooth: hci2: command tx timeout
[   42.878687][ T5964] Bluetooth: hci1: command tx timeout
[   42.880041][   T67] Bluetooth: hci3: command tx timeout
[   42.925400][ T6112] binder: 6111:6112 ioctl c0306201 20000580 returned -22
[   42.929004][ T6112] team_slave_1: vlans aren't supported yet for dev_uc|mc_add()
[   42.947740][   T67] Bluetooth: hci0: command tx timeout
[   43.338750][ T6129] x_tables: ip_tables: icmp.0 match: invalid size 8 (kernel) != (user) 56
[   43.381722][ T6133] binder: Binderfs stats mode cannot be changed during a remount
[   43.388258][ T6133] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   43.654294][   T39] kauditd_printk_skb: 104 callbacks suppressed
[   43.654303][   T39] audit: type=1400 audit(1732090640.808:219): avc:  denied  { create } for  pid=6137 comm="syz.2.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   43.663196][   T39] audit: type=1400 audit(1732090640.818:220): avc:  denied  { write } for  pid=6137 comm="syz.2.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   43.669103][   T39] audit: type=1400 audit(1732090640.818:221): avc:  denied  { nlmsg_write } for  pid=6137 comm="syz.2.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   43.756832][   T39] audit: type=1400 audit(1732090640.908:222): avc:  denied  { mount } for  pid=6140 comm="syz.2.40" name="/" dev="pipefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   43.812218][   T39] audit: type=1400 audit(1732090640.968:223): avc:  denied  { write } for  pid=6142 comm="syz.2.41" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   43.814859][ T6143] binder: 6142:6143 ioctl c0306201 200001c0 returned -22
[   43.827920][   T39] audit: type=1400 audit(1732090640.988:224): avc:  denied  { create } for  pid=6144 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   43.830454][   T39] audit: type=1400 audit(1732090640.988:225): avc:  denied  { ioctl } for  pid=6144 comm="syz.1.42" path="socket:[10325]" dev="sockfs" ino=10325 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   43.875145][   T39] audit: type=1400 audit(1732090641.028:226): avc:  denied  { write } for  pid=6146 comm="syz.1.43" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   43.878859][ T6150] netlink: 4272 bytes leftover after parsing attributes in process `syz.2.44'.
[   43.880163][   T39] audit: type=1400 audit(1732090641.028:227): avc:  denied  { read write } for  pid=6149 comm="syz.2.44" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   43.883669][ T6150] netlink: 'syz.2.44': attribute type 1 has an invalid length.
[   43.888717][   T39] audit: type=1400 audit(1732090641.028:228): avc:  denied  { open } for  pid=6149 comm="syz.2.44" path="/dev/uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   43.892027][ T6150] tipc: Started in network mode
[   43.898245][ T6150] tipc: Node identity ac1414aa, cluster identity 4711
[   43.900681][ T6150] tipc: Enabled bearer <udp:s>, priority 10
[   43.923069][ T6152] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   43.955996][ T6154] netlink: 24 bytes leftover after parsing attributes in process `syz.2.46'.
[   43.986390][ T6158] mmap: syz.1.48 (6158) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   44.135655][ T1482] IPVS: starting estimator thread 0...
[   44.136375][ T6166] tipc: Started in network mode
[   44.139052][ T6166] tipc: Node identity ac1414aa, cluster identity 4711
[   44.141910][ T6166] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   44.143814][ T6166] tipc: Enabled bearer <udp:s>, priority 10
[   44.237834][ T6167] IPVS: using max 41 ests per chain, 98400 per kthread
[   44.287433][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   44.374146][ T6177] netlink: 20 bytes leftover after parsing attributes in process `syz.0.54'.
[   44.381948][ T6177] virtio-fs: tag <(null)> not found
[   44.428056][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   44.457457][    T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   44.577416][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   44.617454][    T9] usb 6-1: Using ep0 maxpacket: 8
[   44.620550][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   44.623395][    T9] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   44.625741][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   44.629751][    T9] usb 6-1: config 0 descriptor??
[   44.727438][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   44.835365][    T9] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   44.867430][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   44.947653][   T67] Bluetooth: hci1: command tx timeout
[   44.957977][   T67] Bluetooth: hci3: command tx timeout
[   45.001177][ T5964] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   45.004175][ T5964] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   45.006652][ T5964] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   45.008549][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   45.016097][ T5964] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   45.018280][   T58] tipc: Node number set to 2886997162
[   45.020716][ T5964] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   45.022822][ T5964] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   45.028086][   T67] Bluetooth: hci0: command tx timeout
[   45.044720][ T6211] process 'syz.0.66' launched './file0' with NULL argv: empty string added
[   45.099344][ T6207] chnl_net:caif_netlink_parms(): no params data found
[   45.160962][ T6026] tipc: Node number set to 2886997162
[   45.164563][   T84] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.167765][ T6011] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   45.175889][ T6207] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.178719][ T6207] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.181279][ T6207] bridge_slave_0: entered allmulticast mode
[   45.183301][ T6207] bridge_slave_0: entered promiscuous mode
[   45.186327][ T6207] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.191223][ T6207] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.194038][ T6207] bridge_slave_1: entered allmulticast mode
[   45.196717][ T6207] bridge_slave_1: entered promiscuous mode
[   45.216511][ T6207] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.220884][ T6207] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.246856][   T84] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.271810][ T6207] team0: Port device team_slave_0 added
[   45.275509][ T6207] team0: Port device team_slave_1 added
[   45.285822][ T6222] @: renamed from vlan0 (while UP)
[   45.297427][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   45.297857][ T6011] usb 7-1: device descriptor read/64, error -71
[   45.304946][ T6207] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.307390][ T6207] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.316053][ T6207] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.321250][ T6207] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.323015][ T6207] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.332276][ T6207] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.346956][   T84] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.374714][ T6207] hsr_slave_0: entered promiscuous mode
[   45.376807][ T6207] hsr_slave_1: entered promiscuous mode
[   45.379375][ T6207] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.381364][ T6207] Cannot create hsr debugfs directory
[   45.400698][   T84] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.500359][ T6230] FAULT_INJECTION: forcing a failure.
[   45.500359][ T6230] name failslab, interval 1, probability 0, space 0, times 0
[   45.504373][ T6230] CPU: 2 UID: 0 PID: 6230 Comm: syz.0.71 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0
[   45.506983][ T6230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   45.509885][ T6230] Call Trace:
[   45.510768][ T6230]  <TASK>
[   45.511532][ T6230]  dump_stack_lvl+0x16c/0x1f0
[   45.512746][ T6230]  should_fail_ex+0x497/0x5b0
[   45.513987][ T6230]  ? fs_reclaim_acquire+0xae/0x150
[   45.515329][ T6230]  should_failslab+0xc2/0x120
[   45.516531][ T6230]  __kmalloc_node_noprof+0xd1/0x430
[   45.517882][ T6230]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   45.519277][ T6230]  ? lockdep_init_map_type+0x16d/0x7d0
[   45.520644][ T6230]  __kvmalloc_node_noprof+0xad/0x1a0
[   45.522011][ T6230]  bucket_table_alloc.isra.0+0x86/0x460
[   45.523411][ T6230]  rhashtable_init_noprof+0x41a/0x7e0
[   45.524769][ T6230]  br_vlan_init+0xa2/0x210
[   45.525902][ T6230]  br_dev_init+0x7f/0x400
[   45.526999][ T6230]  ? kasan_save_track+0x14/0x30
[   45.528249][ T6230]  ? __pfx_br_dev_init+0x10/0x10
[   45.529531][ T6230]  register_netdevice+0x672/0x1e90
[   45.530811][ T6230]  ? __pfx_register_netdevice+0x10/0x10
[   45.532227][ T6230]  ? validate_linkmsg+0x6d2/0x9a0
[   45.533538][ T6230]  br_dev_newlink+0x27/0x110
[   45.534742][ T6230]  ? __pfx_br_dev_newlink+0x10/0x10
[   45.536100][ T6230]  __rtnl_newlink+0x1197/0x1920
[   45.537402][ T6230]  ? __pfx___rtnl_newlink+0x10/0x10
[   45.537417][ T6011] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   45.538767][ T6230]  rtnl_newlink+0x67/0xa0
[   45.541857][ T6230]  ? __pfx_rtnl_newlink+0x10/0x10
[   45.543158][ T6230]  rtnetlink_rcv_msg+0x3c7/0xea0
[   45.544447][ T6230]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   45.545856][ T6230]  netlink_rcv_skb+0x16b/0x440
[   45.547108][ T6230]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   45.548517][ T6230]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   45.549894][ T6230]  ? netlink_deliver_tap+0x1ae/0xd90
[   45.551267][ T6230]  netlink_unicast+0x53c/0x7f0
[   45.552514][ T6230]  ? __pfx_netlink_unicast+0x10/0x10
[   45.553885][ T6230]  netlink_sendmsg+0x8b8/0xd70
[   45.555144][ T6230]  ? __pfx_netlink_sendmsg+0x10/0x10
[   45.556517][ T6230]  ____sys_sendmsg+0xaaf/0xc90
[   45.557754][ T6230]  ? copy_msghdr_from_user+0x10b/0x160
[   45.559167][ T6230]  ? __pfx_____sys_sendmsg+0x10/0x10
[   45.560515][ T6230]  ___sys_sendmsg+0x135/0x1e0
[   45.561725][ T6230]  ? __pfx____sys_sendmsg+0x10/0x10
[   45.563076][ T6230]  ? __pfx_lock_release+0x10/0x10
[   45.564376][ T6230]  ? trace_lock_acquire+0x14a/0x1d0
[   45.565729][ T6230]  ? __fget_files+0x206/0x3a0
[   45.566959][ T6230]  __sys_sendmsg+0x16e/0x220
[   45.567407][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   45.568170][ T6230]  ? __pfx___sys_sendmsg+0x10/0x10
[   45.571322][ T6230]  do_syscall_64+0xcd/0x250
[   45.572512][ T6230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.574054][ T6230] RIP: 0033:0x7f50d477e759
[   45.575226][ T6230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.580337][ T6230] RSP: 002b:00007f50d5562038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   45.582510][ T6230] RAX: ffffffffffffffda RBX: 00007f50d4935f80 RCX: 00007f50d477e759
[   45.584554][ T6230] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   45.586603][ T6230] RBP: 00007f50d5562090 R08: 0000000000000000 R09: 0000000000000000
[   45.588627][ T6230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   45.590546][ T6230] R13: 0000000000000000 R14: 00007f50d4935f80 R15: 00007fffe10efec8
[   45.592516][ T6230]  </TASK>
[   45.599614][ T6230] bridge1: entered promiscuous mode
[   45.600973][ T6230] bridge1: entered allmulticast mode
[   45.603090][   T84] bridge_slave_1: left allmulticast mode
[   45.604750][   T84] bridge_slave_1: left promiscuous mode
[   45.607190][   T84] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.613727][   T84] bridge_slave_0: left allmulticast mode
[   45.615260][   T84] bridge_slave_0: left promiscuous mode
[   45.616837][   T84] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.667741][ T6011] usb 7-1: device descriptor read/64, error -71
[   45.777633][ T6011] usb usb7-port1: attempt power cycle
[   45.848369][   T84] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   45.853007][   T84] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   45.856464][   T84] bond0 (unregistering): Released all slaves
[   46.097456][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   46.127455][ T6011] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   46.149395][ T6011] usb 7-1: device descriptor read/8, error -71
[   46.211373][   T84] hsr_slave_0: left promiscuous mode
[   46.213561][   T84] hsr_slave_1: left promiscuous mode
[   46.216319][   T84] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.218764][   T84] batman_adv: batadv0: Removing interface: batadv_slave_0
[   46.221409][   T84] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.223381][   T84] batman_adv: batadv0: Removing interface: batadv_slave_1
[   46.241763][   T84] veth1_macvtap: left promiscuous mode
[   46.243453][   T84] veth0_macvtap: left promiscuous mode
[   46.244848][   T84] veth1_vlan: left promiscuous mode
[   46.246201][   T84] veth0_vlan: left promiscuous mode
[   46.408347][ T6011] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   46.450542][ T6011] usb 7-1: device descriptor read/8, error -71
[   46.557563][ T6011] usb usb7-port1: unable to enumerate USB device
[   46.732029][   T84] team0 (unregistering): Port device team_slave_1 removed
[   46.782356][   T84] team0 (unregistering): Port device team_slave_0 removed
[   46.974837][ T6279] FAULT_INJECTION: forcing a failure.
[   46.974837][ T6279] name failslab, interval 1, probability 0, space 0, times 0
[   46.978623][ T6279] CPU: 2 UID: 0 PID: 6279 Comm: syz.0.80 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0
[   46.981284][ T6279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   46.984099][ T6279] Call Trace:
[   46.984994][ T6279]  <TASK>
[   46.985786][ T6279]  dump_stack_lvl+0x16c/0x1f0
[   46.987059][ T6279]  should_fail_ex+0x497/0x5b0
[   46.988347][ T6279]  ? fs_reclaim_acquire+0xae/0x150
[   46.989693][ T6279]  should_failslab+0xc2/0x120
[   46.990946][ T6279]  kmem_cache_alloc_node_noprof+0x71/0x310
[   46.992552][ T6279]  ? __alloc_skb+0x2b1/0x380
[   46.993765][ T6279]  __alloc_skb+0x2b1/0x380
[   46.994980][ T6279]  ? __pfx___alloc_skb+0x10/0x10
[   46.996285][ T6279]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   46.997850][ T6279]  netlink_alloc_large_skb+0x69/0x130
[   46.999255][ T6279]  netlink_sendmsg+0x689/0xd70
[   47.000526][ T6279]  ? __pfx_netlink_sendmsg+0x10/0x10
[   47.001921][ T6279]  ____sys_sendmsg+0xaaf/0xc90
[   47.003184][ T6279]  ? copy_msghdr_from_user+0x10b/0x160
[   47.004606][ T6279]  ? __pfx_____sys_sendmsg+0x10/0x10
[   47.005990][ T6279]  ___sys_sendmsg+0x135/0x1e0
[   47.007240][ T6279]  ? __pfx____sys_sendmsg+0x10/0x10
[   47.008610][ T6279]  ? __pfx_lock_release+0x10/0x10
[   47.009932][ T6279]  ? trace_lock_acquire+0x14a/0x1d0
[   47.011306][ T6279]  ? __fget_files+0x206/0x3a0
[   47.012550][ T6279]  __sys_sendmsg+0x16e/0x220
[   47.013769][ T6279]  ? __pfx___sys_sendmsg+0x10/0x10
[   47.015150][ T6279]  do_syscall_64+0xcd/0x250
[   47.016347][ T6279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.017914][ T6279] RIP: 0033:0x7f50d477e759
[   47.019095][ T6279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.024089][ T6279] RSP: 002b:00007f50d5562038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   47.026248][ T6279] RAX: ffffffffffffffda RBX: 00007f50d4935f80 RCX: 00007f50d477e759
[   47.028357][ T6279] RDX: 0000000004000080 RSI: 0000000020001200 RDI: 0000000000000003
[   47.030429][ T6279] RBP: 00007f50d5562090 R08: 0000000000000000 R09: 0000000000000000
[   47.032497][ T6279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.034545][ T6279] R13: 0000000000000000 R14: 00007f50d4935f80 R15: 00007fffe10efec8
[   47.036623][ T6279]  </TASK>
[   47.037485][   T67] Bluetooth: hci2: command tx timeout
[   47.037708][ T5964] Bluetooth: hci3: command tx timeout
[   47.037730][ T5966] Bluetooth: hci1: command tx timeout
[   47.107525][ T5964] Bluetooth: hci0: command tx timeout
[   47.182664][ T6026] usb 6-1: USB disconnect, device number 2
[   47.203651][ T6026] iowarrior 6-1:0.0: I/O-Warror #0 now disconnected
[   47.290990][ T6290] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   47.331926][ T6207] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   47.335738][ T6207] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   47.341029][ T6207] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   47.346180][ T6207] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   47.388397][ T6303] =======================================================
[   47.388397][ T6303] WARNING: The mand mount option has been deprecated and
[   47.388397][ T6303]          and is ignored by this kernel. Remove the mand
[   47.388397][ T6303]          option from the mount to silence this warning.
[   47.388397][ T6303] =======================================================
[   47.394275][ T6207] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.397509][ T6303] hugetlbfs: Unknown parameter 'huge'
[   47.412204][ T6303] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[   47.417151][ T6302] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   47.422094][ T6207] 8021q: adding VLAN 0 to HW filter on device team0
[   47.426232][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.428192][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.440905][  T214] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.442832][  T214] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.528683][ T6207] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.551045][ T6207] veth0_vlan: entered promiscuous mode
[   47.555476][ T6207] veth1_vlan: entered promiscuous mode
[   47.571121][ T6207] veth0_macvtap: entered promiscuous mode
[   47.574019][ T6207] veth1_macvtap: entered promiscuous mode
[   47.580059][ T6207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.582723][ T6207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.585189][ T6207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.588653][ T6207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.591157][ T6207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.593789][ T6207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.596998][ T6207] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.602336][ T6207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.605031][ T6207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.607890][ T6207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.610542][ T6207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.613042][ T6207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.615716][ T6207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.618963][ T6207] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.622376][ T6207] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.624888][ T6207] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.627163][ T6207] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.629635][ T6207] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.656772][ T1133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.659242][ T1133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.671203][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.673314][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.723744][ T6310] ata3.00: invalid multi_count 1 ignored
[   48.001009][ T6328] 9pnet_fd: Insufficient options for proto=fd
[   48.062125][ T6341] overlayfs: failed to resolve './file1': -2
[   48.089497][ T6345] bridge1: entered promiscuous mode
[   48.091102][ T6345] bridge1: entered allmulticast mode
[   48.116241][ T6351] netlink: 'syz.1.106': attribute type 3 has an invalid length.
[   48.120359][ T6351] netlink: 'syz.1.106': attribute type 3 has an invalid length.
[   48.124591][ T5964] Bluetooth: hci0: ACL packet for unknown connection handle 457
[   48.146760][ T6354] FAULT_INJECTION: forcing a failure.
[   48.146760][ T6354] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   48.151285][ T6354] CPU: 3 UID: 0 PID: 6354 Comm: syz.2.108 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0
[   48.154137][ T6354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   48.157053][ T6354] Call Trace:
[   48.157937][ T6354]  <TASK>
[   48.158722][ T6354]  dump_stack_lvl+0x16c/0x1f0
[   48.159963][ T6354]  should_fail_ex+0x497/0x5b0
[   48.161191][ T6354]  _copy_from_user+0x2e/0xd0
[   48.162383][ T6354]  copy_msghdr_from_user+0x99/0x160
[   48.163747][ T6354]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   48.165260][ T6354]  ___sys_sendmsg+0xff/0x1e0
[   48.166467][ T6354]  ? __pfx____sys_sendmsg+0x10/0x10
[   48.168593][ T6354]  ? __pfx_lock_release+0x10/0x10
[   48.168609][ T6354]  ? trace_lock_acquire+0x14a/0x1d0
[   48.168626][ T6354]  ? __fget_files+0x206/0x3a0
[   48.168641][ T6354]  __sys_sendmsg+0x16e/0x220
[   48.168654][ T6354]  ? __pfx___sys_sendmsg+0x10/0x10
[   48.168671][ T6354]  do_syscall_64+0xcd/0x250
[   48.168683][ T6354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.168698][ T6354] RIP: 0033:0x7f426a37e759
[   48.168707][ T6354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.168717][ T6354] RSP: 002b:00007f426b231038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.168728][ T6354] RAX: ffffffffffffffda RBX: 00007f426a535f80 RCX: 00007f426a37e759
[   48.168735][ T6354] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[   48.168741][ T6354] RBP: 00007f426b231090 R08: 0000000000000000 R09: 0000000000000000
[   48.168747][ T6354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.168753][ T6354] R13: 0000000000000000 R14: 00007f426a535f80 R15: 00007fff031c55d8
[   48.168765][ T6354]  </TASK>
[   48.218208][ T6362] netlink: 16 bytes leftover after parsing attributes in process `syz.2.111'.
[   48.222820][ T6363] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg0, syncid = 4, id = 0
[   48.267393][ T6308] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   48.280209][ T6374] Option 'n4:v��m������R�f���R�Oq�r�sJ)��rq' to dns_resolver key: bad/missing value
[   48.289806][ T6374] input: syz0 as /devices/virtual/input/input5
[   48.427762][ T6308] usb 5-1: Using ep0 maxpacket: 8
[   48.431242][ T6308] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[   48.433772][ T6308] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   48.437591][ T6308] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[   48.444809][ T6308] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   48.449804][ T6308] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[   48.452271][ T6308] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   48.455995][ T6308] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[   48.460361][ T6308] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   48.464144][ T6308] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[   48.466099][ T6308] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   48.469800][ T6308] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[   48.473673][ T6308] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   48.482281][ T6308] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   48.484668][ T6308] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   48.486725][ T6308] usb 5-1: Product: syz
[   48.488173][ T6308] usb 5-1: Manufacturer: Щ
[   48.489523][ T6308] usb 5-1: SerialNumber: syz
[   48.614439][ T6398] overlayfs: failed to resolve './file0': -2
[   48.701341][ T6334] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   48.703756][ T6334] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   48.710823][ T6308] adutux 5-1:168.0: interrupt endpoints not found
[   48.714211][ T6308] usb 5-1: USB disconnect, device number 2
[   48.858902][ T6412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.130'.
[   48.860971][ T6412] bridge_slave_1: left allmulticast mode
[   48.862303][ T6412] bridge_slave_1: left promiscuous mode
[   48.864801][ T6412] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.868566][ T6412] bridge_slave_0: left allmulticast mode
[   48.870521][ T6412] bridge_slave_0: left promiscuous mode
[   48.872634][ T6412] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.917530][ T6011] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   48.967370][ T6012] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   49.057348][ T6011] usb 7-1: device descriptor read/64, error -71
[   49.107429][ T5964] Bluetooth: hci2: command tx timeout
[   49.127393][ T6012] usb 8-1: Using ep0 maxpacket: 32
[   49.131024][ T6012] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[   49.133982][ T6012] usb 8-1: config 0 has no interface number 0
[   49.138416][ T6012] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[   49.141716][ T6012] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   49.144624][ T6012] usb 8-1: Product: syz
[   49.146148][ T6012] usb 8-1: Manufacturer: syz
[   49.148036][ T6012] usb 8-1: SerialNumber: syz
[   49.152156][ T6012] usb 8-1: config 0 descriptor??
[   49.156239][ T6012] smsc95xx v2.0.0
[   49.157738][ T6012] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[   49.161757][ T6012] smsc95xx 8-1:0.67: probe with driver smsc95xx failed with error -22
[   49.187450][    C3] net_ratelimit: 3 callbacks suppressed
[   49.187463][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   49.238308][   T39] kauditd_printk_skb: 119 callbacks suppressed
[   49.238317][   T39] audit: type=1400 audit(1732090646.398:348): avc:  denied  { write } for  pid=6414 comm="syz.0.131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   49.290879][   T39] audit: type=1400 audit(1732090646.448:349): avc:  denied  { write } for  pid=6417 comm="syz.0.132" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   49.299223][   T39] audit: type=1400 audit(1732090646.448:350): avc:  denied  { write } for  pid=6417 comm="syz.0.132" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   49.299313][ T6011] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   49.437528][ T6011] usb 7-1: device descriptor read/64, error -71
[   49.483907][ T6430] overlayfs: conflicting options: userxattr,metacopy=on
[   49.550522][ T6011] usb usb7-port1: attempt power cycle
[   49.581076][   T39] audit: type=1400 audit(1732090646.738:351): avc:  denied  { write } for  pid=6433 comm="syz.0.139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   49.581203][ T6434] netlink: 16 bytes leftover after parsing attributes in process `syz.0.139'.
[   49.617218][ T6436] netlink: 12 bytes leftover after parsing attributes in process `syz.0.140'.
[   49.621470][ T6436] netlink: 40 bytes leftover after parsing attributes in process `syz.0.140'.
[   49.652920][   T39] audit: type=1400 audit(1732090646.808:352): avc:  denied  { create } for  pid=6437 comm="syz.0.141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   49.658773][   T39] audit: type=1400 audit(1732090646.818:353): avc:  denied  { ioctl } for  pid=6437 comm="syz.0.141" path="socket:[12558]" dev="sockfs" ino=12558 ioctlcmd=0x89f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   49.666507][ T6441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.142'.
[   49.669848][ T6441] netlink: 4 bytes leftover after parsing attributes in process `syz.1.142'.
[   49.673209][ T6441] netlink: 'syz.1.142': attribute type 11 has an invalid length.
[   49.677870][ T6441] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   49.755678][   T39] audit: type=1326 audit(1732090646.908:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6450 comm="syz.1.145" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd477e759 code=0x50000
[   49.762746][   T39] audit: type=1326 audit(1732090646.908:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6450 comm="syz.1.145" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd477e759 code=0x50000
[   49.770581][   T39] audit: type=1326 audit(1732090646.908:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6450 comm="syz.1.145" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd477e759 code=0x50000
[   49.778528][   T39] audit: type=1326 audit(1732090646.908:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6450 comm="syz.1.145" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd477e759 code=0x50000
[   49.898015][ T6011] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[   49.917807][ T6011] usb 7-1: device descriptor read/8, error -71
[   50.157496][ T6011] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[   50.177815][ T6011] usb 7-1: device descriptor read/8, error -71
[   50.227429][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   50.288278][ T6011] usb usb7-port1: unable to enumerate USB device
[   50.919383][ T1133] tipc: Subscription rejected, illegal request
[   51.014278][ T6467] netlink: 'syz.0.149': attribute type 4 has an invalid length.
[   51.022883][ T6468] netlink: 'syz.0.149': attribute type 4 has an invalid length.
[   51.026348][ T6467] netlink: 'syz.0.149': attribute type 4 has an invalid length.
[   51.030456][ T6467] syz.0.149 (6467) used greatest stack depth: 21296 bytes left
[   51.188329][   T67] Bluetooth: hci2: command tx timeout
[   51.267384][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   51.417725][ T6471] kAFS: unable to lookup cell 'sy�1'
[   51.713406][ T6308] usb 8-1: USB disconnect, device number 2
[   51.770302][ T6484] Can't find a SQUASHFS superblock on nullb0
[   51.777956][  T828] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   51.871607][   T56] IPVS: starting estimator thread 0...
[   51.927360][  T828] usb 5-1: Using ep0 maxpacket: 32
[   51.935020][  T828] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[   51.937243][  T828] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   51.946406][  T828] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   51.952628][  T828] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   51.955913][  T828] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   51.958889][  T828] usb 5-1: Product: syz
[   51.960284][  T828] usb 5-1: Manufacturer: syz
[   51.961925][  T828] usb 5-1: SerialNumber: syz
[   51.967431][ T6495] IPVS: using max 41 ests per chain, 98400 per kthread
[   51.971344][  T828] usb 5-1: config 0 descriptor??
[   52.034280][ T6501] syz_tun: entered promiscuous mode
[   52.035926][ T6501] vlan2: entered promiscuous mode
[   52.037419][ T6501] vlan2: entered allmulticast mode
[   52.038739][ T6501] syz_tun: entered allmulticast mode
[   52.042668][ T6501] warning: `syz.2.161' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   52.178631][ T6476] netlink: 'syz.0.152': attribute type 1 has an invalid length.
[   52.180771][ T6476] netlink: 100 bytes leftover after parsing attributes in process `syz.0.152'.
[   52.184032][ T6026] usb 5-1: USB disconnect, device number 3
[   52.317377][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   52.317791][   T67] Bluetooth: hci1: command 0x0406 tx timeout
[   52.334974][   T58] IPVS: starting estimator thread 0...
[   52.336910][ T6522] netlink: 12 bytes leftover after parsing attributes in process `syz.2.169'.
[   52.427403][ T6523] IPVS: using max 41 ests per chain, 98400 per kthread
[   52.607704][   T58] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   52.667493][ T6012] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[   52.714474][ T6531] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[   52.716224][ T6531] PKCS7: Only support pkcs7_signedData type
[   52.757360][   T58] usb 8-1: Using ep0 maxpacket: 8
[   52.760278][   T58] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[   52.762890][   T58] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   52.766001][   T58] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   52.769741][   T58] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 109, changing to 10
[   52.772628][   T58] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   52.776235][   T58] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[   52.778628][   T58] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   52.782373][   T58] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   52.785649][   T58] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 109, changing to 10
[   52.789021][   T58] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   52.792630][   T58] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[   52.794590][   T58] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   52.797610][   T58] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   52.800693][   T58] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 109, changing to 10
[   52.803651][   T58] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   52.810108][   T58] usb 8-1: string descriptor 0 read error: -22
[   52.812091][   T58] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   52.814439][   T58] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   52.821680][   T58] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[   52.827395][ T6012] usb 7-1: Using ep0 maxpacket: 32
[   52.829897][ T6012] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[   52.832030][ T6012] usb 7-1: config 0 has no interface number 0
[   52.835666][ T6012] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[   52.838211][ T6012] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   52.840184][ T6012] usb 7-1: Product: syz
[   52.841223][ T6012] usb 7-1: Manufacturer: syz
[   52.842407][ T6012] usb 7-1: SerialNumber: syz
[   52.845185][ T6012] usb 7-1: config 0 descriptor??
[   52.847623][ T6012] smsc95xx v2.0.0
[   52.848562][ T6012] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[   52.851275][ T6012] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -22
[   52.971435][ T6553] Bluetooth: MGMT ver 1.23
[   53.024203][   T58] usb 8-1: USB disconnect, device number 3
[   53.223860][ T6525] kernel read not supported for file /eth0 (pid: 6525 comm: syz.3.170)
[   53.267538][ T5964] Bluetooth: hci2: command tx timeout
[   53.357460][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   53.415797][ T6570] pim6reg1: entered promiscuous mode
[   53.417194][ T6570] pim6reg1: entered allmulticast mode
[   53.457452][    T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   53.619613][    T9] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   53.621979][    T9] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   53.624214][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   53.631700][ T6558] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   53.638457][    T9] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[   53.753545][ T6581] overlayfs: failed to resolve './file1': -2
[   54.026783][  T828] usb 6-1: USB disconnect, device number 3
[   54.216804][ T6602] RGB/YUV Input: =================  START STATUS  =================
[   54.219458][ T6602] RGB/YUV Input: Test Pattern: 75% Colorbar
[   54.221653][ T6602] RGB/YUV Input: Show Information: All
[   54.223163][ T6602] RGB/YUV Input: Vertical Flip: false
[   54.224616][ T6602] RGB/YUV Input: Horizontal Flip: false
[   54.226049][ T6602] RGB/YUV Input: Brightness: 128
[   54.227451][ T6602] RGB/YUV Input: Contrast: 128
[   54.228677][ T6602] RGB/YUV Input: Hue: 0
[   54.229694][ T6602] RGB/YUV Input: Saturation: 128
[   54.230960][ T6602] RGB/YUV Input: ==================  END STATUS  ==================
[   54.388338][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   54.441117][   T39] kauditd_printk_skb: 85185 callbacks suppressed
[   54.441127][   T39] audit: type=1400 audit(1732090651.598:85543): avc:  denied  { setopt } for  pid=6605 comm="syz.3.197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   54.494023][ T6610] netlink: 'syz.0.199': attribute type 64 has an invalid length.
[   54.504398][   T39] audit: type=1400 audit(1732090651.658:85544): avc:  denied  { read write } for  pid=6609 comm="syz.0.199" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.517140][   T39] audit: type=1400 audit(1732090651.658:85545): avc:  denied  { open } for  pid=6609 comm="syz.0.199" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.726577][ T6615] binder: 6614:6615 ioctl c018620c 20000000 returned -1
[   54.738038][  T828] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   54.887330][  T828] usb 5-1: Using ep0 maxpacket: 32
[   54.890536][  T828] usb 5-1: config 1 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   54.894002][  T828] usb 5-1: config 1 interface 0 has no altsetting 0
[   54.901263][  T828] usb 5-1: New USB device found, idVendor=05ac, idProduct=027e, bcdDevice= 0.40
[   54.903568][  T828] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   54.905572][  T828] usb 5-1: Product: 憅塹鬋闆﷒梾ﮰ쳇瑌㒿憟ە௤ꉊ껐핾ꌊ㇮偍倘꫍ᡝ㩌㥐出⇦蔙Ⲡ啡㥎꣇ᱷ퇧飅羇╭鐭㓺눼뭦礥䁁뢮맴뛳踜彟캦핥럣㇇ꔆ籧爫뢸컶䧭ⷽ맋翁铏榕炸ୈ⏇䖋
[   54.911381][  T828] usb 5-1: SerialNumber: ࠔ
[   55.167385][ T6618] netlink: 36 bytes leftover after parsing attributes in process `syz.1.202'.
[   55.175921][ T6618] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   55.177702][ T6618] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   55.180546][ T6618] vhci_hcd vhci_hcd.0: Device attached
[   55.327887][  T828] usbhid 5-1:1.0: can't add hid device: -71
[   55.329657][  T828] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[   55.332717][  T828] usb 5-1: USB disconnect, device number 4
[   55.359055][ T6308] vhci_hcd: vhci_device speed not set
[   55.409205][ T6011] usb 7-1: USB disconnect, device number 11
[   55.417363][ T6308] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[   55.420328][    T9] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[   55.429479][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   55.569574][    T9] usb 6-1: config 0 has no interfaces?
[   55.571067][    T9] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   55.574484][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   55.579151][    T9] usb 6-1: config 0 descriptor??
[   55.644795][ T6628] IPv6: sit1: Disabled Multicast RS
[   55.685092][   T39] audit: type=1400 audit(1732090652.838:85546): avc:  denied  { watch watch_reads } for  pid=6631 comm="syz.3.208" path="/29" dev="tmpfs" ino=176 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   55.747415][ T6011] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[   55.784608][    T9] usb 6-1: USB disconnect, device number 4
[   55.787145][ T6619] usb 39-1: recv xbuf, -104
[   55.791365][   T65] vhci_hcd: stop threads
[   55.792747][   T65] vhci_hcd: release socket
[   55.794539][   T65] vhci_hcd: disconnect device
[   55.857368][ T6308] vhci_hcd: vhci_device speed not set
[   55.897591][ T6011] usb 7-1: Using ep0 maxpacket: 32
[   55.901989][ T6011] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[   55.904956][ T6011] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   55.909602][ T5964] Bluetooth: hci2: command tx timeout
[   55.910345][ T6011] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   55.914998][ T6011] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   55.920227][ T6011] usb 7-1: config 0 interface 0 has no altsetting 0
[   55.923639][ T6011] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   55.926049][ T6011] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   55.928545][ T6011] usb 7-1: Product: syz
[   55.929672][ T6011] usb 7-1: Manufacturer: syz
[   55.930851][ T6011] usb 7-1: SerialNumber: syz
[   55.933157][ T6011] usb 7-1: config 0 descriptor??
[   55.936552][ T6011] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   55.941968][ T6011] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   56.469015][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   56.500592][ T6646] ldusb 7-1:0.0: Write buffer overflow, 1 bytes dropped
[   56.550823][   T39] audit: type=1400 audit(1732090653.708:85547): avc:  denied  { mounton } for  pid=6647 comm="syz.3.212" path="/proc/72/task" dev="proc" ino=14399 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   56.569059][ T6011] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   56.640374][ T6650] bpf: Bad value for 'uid'
[   56.692146][   T39] audit: type=1400 audit(1732090653.848:85548): avc:  denied  { ioctl } for  pid=6654 comm="syz.3.215" path="socket:[12072]" dev="sockfs" ino=12072 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   56.699152][   T39] audit: type=1400 audit(1732090653.858:85549): avc:  denied  { read } for  pid=6654 comm="syz.3.215" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   56.709650][   T56] usb 7-1: USB disconnect, device number 12
[   56.711955][   T39] audit: type=1400 audit(1732090653.858:85550): avc:  denied  { open } for  pid=6654 comm="syz.3.215" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   56.716134][   T56] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[   56.718783][   T39] audit: type=1400 audit(1732090653.858:85551): avc:  denied  { ioctl } for  pid=6654 comm="syz.3.215" path="/dev/fb0" dev="devtmpfs" ino=637 ioctlcmd=0x4606 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   56.727413][ T6011] usb 6-1: Using ep0 maxpacket: 16
[   56.731263][ T6011] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   56.733711][ T6011] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   56.735905][ T6011] usb 6-1: Product: syz
[   56.737360][ T6011] usb 6-1: Manufacturer: syz
[   56.738705][ T6011] usb 6-1: SerialNumber: syz
[   56.739024][   T39] audit: type=1400 audit(1732090653.898:85552): avc:  denied  { setattr } for  pid=6656 comm="syz.0.216" path="/73/file0" dev="9p" ino=37617742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   56.740713][ T6011] usb 6-1: config 0 descriptor??
[   56.794537][ T6660] Cannot find del_set index 2 as target
[   56.957857][ T6012] usb 6-1: USB disconnect, device number 5
[   57.128582][   T56] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[   57.278584][   T56] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   57.281280][   T56] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[   57.283606][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   57.286416][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.289954][   T56] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   57.292367][   T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.296357][   T56] hub 5-1:1.0: bad descriptor, ignoring hub
[   57.301102][   T56] hub 5-1:1.0: probe with driver hub failed with error -5
[   57.303993][   T56] cdc_wdm 5-1:1.0: skipping garbage
[   57.305603][   T56] cdc_wdm 5-1:1.0: skipping garbage
[   57.308779][   T56] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   57.310341][   T56] cdc_wdm 5-1:1.0: Unknown control protocol
[   57.509177][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   57.600757][   T56] usb 5-1: USB disconnect, device number 5
[   57.837440][ T6011] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[   57.937429][    T9] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[   57.970357][ T6011] usb 7-1: device descriptor read/64, error -71
[   58.057495][   T56] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   58.109027][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   58.111695][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[   58.117579][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   58.120407][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   58.122931][    T9] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   58.127920][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.140339][    T9] hub 5-1:1.0: bad descriptor, ignoring hub
[   58.141877][    T9] hub 5-1:1.0: probe with driver hub failed with error -5
[   58.144156][    T9] cdc_wdm 5-1:1.0: skipping garbage
[   58.152061][    T9] cdc_wdm 5-1:1.0: skipping garbage
[   58.156887][    T9] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   58.158529][    T9] cdc_wdm 5-1:1.0: Unknown control protocol
[   58.207359][   T56] usb 6-1: Using ep0 maxpacket: 32
[   58.208820][ T6011] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[   58.212170][   T56] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[   58.214281][   T56] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   58.216954][   T56] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   58.222732][   T56] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   58.225096][   T56] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   58.227327][   T56] usb 6-1: Product: syz
[   58.228590][   T56] usb 6-1: Manufacturer: syz
[   58.229794][   T56] usb 6-1: SerialNumber: syz
[   58.234505][   T56] usb 6-1: config 0 descriptor??
[   58.334806][ T6740] tmpfs: Bad value for 'mpol'
[   58.343199][ T6011] usb 7-1: device descriptor read/64, error -71
[   58.447718][    T9] usb 5-1: USB disconnect, device number 6
[   58.448049][ T6011] usb usb7-port1: attempt power cycle
[   58.450661][ T6746] netlink: 4 bytes leftover after parsing attributes in process `syz.3.253'.
[   58.547478][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   58.721155][ T6757] pim6reg1: entered promiscuous mode
[   58.722606][ T6757] pim6reg1: entered allmulticast mode
[   58.787733][ T6011] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[   58.818030][ T6011] usb 7-1: device descriptor read/8, error -71
[   59.068655][ T6011] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[   59.088406][ T6011] usb 7-1: device descriptor read/8, error -71
[   59.212429][ T6011] usb usb7-port1: unable to enumerate USB device
[   59.306517][ T6786] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   59.411249][ T6790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=6790 comm=syz.3.270
[   59.588651][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   59.977176][ T6793] netlink: 12 bytes leftover after parsing attributes in process `syz.0.271'.
[   59.978286][   T39] kauditd_printk_skb: 27 callbacks suppressed
[   59.978299][   T39] audit: type=1400 audit(1732090657.138:85580): avc:  denied  { create } for  pid=6791 comm="syz.0.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   60.157019][ T6795] netlink: 'syz.0.272': attribute type 1 has an invalid length.
[   60.159491][ T6795] netlink: 9372 bytes leftover after parsing attributes in process `syz.0.272'.
[   60.163017][ T6795] netlink: 'syz.0.272': attribute type 1 has an invalid length.
[   60.169928][ T6795] netlink: 12 bytes leftover after parsing attributes in process `syz.0.272'.
[   60.317478][ T6796] syz.0.272 (6796): drop_caches: 2
[   60.375445][ T5964] Bluetooth: hci1: unexpected event for opcode 0x2031
[   60.379815][ T6805] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[   60.466184][   T39] audit: type=1400 audit(1732090657.618:85581): avc:  denied  { watch_mount } for  pid=6807 comm="syz.3.276" path="/68" dev="tmpfs" ino=393 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   60.628793][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   60.658054][ T6818] xt_socket: unknown flags 0xe0
[   60.662897][ T6818] fuse: Unknown parameter 'F�d'
[   60.675154][   T39] audit: type=1400 audit(1732090657.828:85582): avc:  denied  { create } for  pid=6819 comm="syz.3.281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   60.691962][   T39] audit: type=1400 audit(1732090657.848:85583): avc:  denied  { create } for  pid=6821 comm="syz.2.282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   60.696978][   T39] audit: type=1400 audit(1732090657.848:85584): avc:  denied  { ioctl } for  pid=6821 comm="syz.2.282" path="socket:[16398]" dev="sockfs" ino=16398 ioctlcmd=0x89e7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   60.720648][ T6012] usb 6-1: USB disconnect, device number 6
[   60.773107][   T39] audit: type=1400 audit(1732090657.928:85585): avc:  denied  { write } for  pid=6827 comm="syz.2.285" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   60.781023][   T39] audit: type=1400 audit(1732090657.928:85586): avc:  denied  { open } for  pid=6827 comm="syz.2.285" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   60.823582][ T6833] input: syz1 as /devices/virtual/input/input9
[   60.842407][   T39] audit: type=1400 audit(1732090657.998:85587): avc:  denied  { write } for  pid=6835 comm="syz.3.287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   60.858492][   T39] audit: type=1400 audit(1732090658.018:85588): avc:  denied  { search } for  pid=5343 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   60.884380][   T39] audit: type=1400 audit(1732090658.038:85589): avc:  denied  { map } for  pid=6832 comm="syz.1.286" path="/dev/uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   60.990960][  T214] Bluetooth: hci4: Frame reassembly failed (-84)
[   61.020257][ T6850] block nbd0: shutting down sockets
[   61.029980][ T6844] 9pnet_fd: Insufficient options for proto=fd
[   61.166529][ T6858] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   61.171606][ T6858] syzkaller0: MTU too low for tipc bearer
[   61.173665][ T6858] tipc: Disabling bearer <eth:syzkaller0>
[   61.217616][   T58] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   61.221618][ T6012] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[   61.367381][ T6012] usb 7-1: Using ep0 maxpacket: 8
[   61.372096][ T6012] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   61.376073][ T6012] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   61.379626][   T58] usb 8-1: Using ep0 maxpacket: 8
[   61.381563][ T6012] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.385925][   T58] usb 8-1: config index 0 descriptor too short (expected 5924, got 36)
[   61.389407][   T58] usb 8-1: config 250 has an invalid interface number: 228 but max is -1
[   61.392463][   T58] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0
[   61.395730][   T58] usb 8-1: config 250 has no interface number 0
[   61.398673][   T58] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[   61.403548][ T6012] usb 7-1: config 0 descriptor??
[   61.405413][   T58] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[   61.410873][   T58] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[   61.414600][   T58] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[   61.418608][   T58] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[   61.423500][   T58] usb 8-1: config 250 interface 228 has no altsetting 0
[   61.425645][ T6869] netlink: 32 bytes leftover after parsing attributes in process `syz.0.299'.
[   61.427596][   T58] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[   61.431280][   T58] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[   61.433578][   T58] usb 8-1: Product: syz
[   61.434718][   T58] usb 8-1: SerialNumber: syz
[   61.440452][   T58] hub 8-1:250.228: bad descriptor, ignoring hub
[   61.442163][   T58] hub 8-1:250.228: probe with driver hub failed with error -5
[   61.443380][ T6869] netlink: 'syz.0.299': attribute type 1 has an invalid length.
[   61.446137][ T6869] netlink: 36 bytes leftover after parsing attributes in process `syz.0.299'.
[   61.557446][ T6011] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   61.616433][ T6012] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   61.644296][   T58] usblp 8-1:250.228: usblp1: USB Bidirectional printer dev 4 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[   61.668864][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   61.687399][ T6308] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   61.717443][ T6011] usb 6-1: Using ep0 maxpacket: 32
[   61.720948][ T6011] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[   61.725119][ T6011] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[   61.727814][ T6011] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   61.729905][ T6011] usb 6-1: Product: syz
[   61.731009][ T6011] usb 6-1: Manufacturer: syz
[   61.732226][ T6011] usb 6-1: SerialNumber: syz
[   61.734867][ T6011] usb 6-1: config 0 descriptor??
[   61.736599][ T6865] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[   61.739462][ T6011] hub 6-1:0.0: bad descriptor, ignoring hub
[   61.740997][ T6011] hub 6-1:0.0: probe with driver hub failed with error -5
[   61.744176][ T6011] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input10
[   61.818919][   T58] usb 7-1: USB disconnect, device number 17
[   61.821526][   T58] iowarrior 7-1:0.0: I/O-Warror #0 now disconnected
[   61.837418][ T6308] usb 5-1: Using ep0 maxpacket: 16
[   61.841546][ T6308] usb 5-1: unable to get BOS descriptor or descriptor too short
[   61.844674][ T6308] usb 5-1: config 253 has an invalid interface number: 254 but max is 0
[   61.846610][ T6308] usb 5-1: config 253 has no interface number 0
[   61.848160][ T6308] usb 5-1: config 253 interface 254 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[   61.850760][ T6308] usb 5-1: config 253 interface 254 has no altsetting 0
[   61.855434][ T6308] usb 5-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=b6.14
[   61.860937][ T6308] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   61.863603][ T6308] usb 5-1: Product: syz
[   61.865022][ T6308] usb 5-1: Manufacturer: syz
[   61.866637][ T6308] usb 5-1: SerialNumber: syz
[   61.942357][ T6865] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.944680][ T6865] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.948875][ T6011] usb 8-1: USB disconnect, device number 4
[   61.952000][ T6011] usblp1: removed
[   62.076844][ T6308] usb 5-1: USB disconnect, device number 7
[   62.352427][ T6872] netlink: 87 bytes leftover after parsing attributes in process `syz.2.300'.
[   62.357988][ T6872] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[   62.583340][ T6885] openvswitch: netlink: Actions may not be safe on all matching packets
[   62.669688][ T6889] netlink: 32 bytes leftover after parsing attributes in process `syz.0.306'.
[   62.707700][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   62.935179][ T6902] netlink: 'syz.0.311': attribute type 178 has an invalid length.
[   63.027450][ T5964] Bluetooth: hci4: command 0x1003 tx timeout
[   63.030584][   T67] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   63.307398][   T58] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[   63.431239][ T6922] netlink: 4 bytes leftover after parsing attributes in process `syz.0.318'.
[   63.510316][   T58] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   63.512729][   T58] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   63.515423][   T58] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[   63.518355][   T58] usb 7-1: too many endpoints for config 1 interface 0 altsetting 247: 48, using maximum allowed: 30
[   63.521596][   T58] usb 7-1: config 1 interface 0 altsetting 247 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[   63.525004][   T58] usb 7-1: config 1 interface 0 has no altsetting 0
[   63.529486][   T58] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   63.531942][   T58] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   63.534032][   T58] usb 7-1: Product: syz
[   63.535139][   T58] usb 7-1: Manufacturer: syz
[   63.748013][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   63.820552][ T6937] netlink: 'syz.3.324': attribute type 9 has an invalid length.
[   63.822463][ T6937] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.324'.
[   63.845701][   T58] usb 7-1: USB disconnect, device number 18
[   64.297527][ T6011] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   64.324663][   T58] usb 6-1: USB disconnect, device number 7
[   64.324694][    C1] usbtouchscreen 6-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[   64.373877][ T6953] openvswitch: netlink: Actions may not be safe on all matching packets
[   64.389435][   T67] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   64.389991][ T6955] netlink: 16 bytes leftover after parsing attributes in process `syz.2.332'.
[   64.392043][   T67] Bluetooth: hci1: Injecting HCI hardware error event
[   64.398282][ T5964] Bluetooth: hci1: hardware error 0x00
[   64.432440][ T6965] program syz.1.335 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   64.437529][ T6308] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   64.447482][ T6011] usb 8-1: Using ep0 maxpacket: 8
[   64.452144][ T6011] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[   64.454094][ T6011] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   64.458174][ T6011] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   64.461559][ T6011] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   64.464550][ T6011] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   64.471604][ T6011] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[   64.473573][ T6011] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   64.476604][ T6011] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   64.480052][ T6011] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   64.483055][ T6011] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   64.486932][ T6011] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[   64.489038][ T6011] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   64.491933][ T6011] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   64.494969][ T6011] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   64.498063][ T6011] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   64.503987][ T6011] usb 8-1: string descriptor 0 read error: -22
[   64.505643][ T6011] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   64.508306][ T6011] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   64.513321][ T6011] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[   64.597585][ T6308] usb 5-1: Using ep0 maxpacket: 8
[   64.601277][ T6308] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[   64.604010][ T6308] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   64.607539][ T6308] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   64.610923][ T6308] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   64.614447][ T6308] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   64.618862][ T6308] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   64.621970][ T6308] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.721246][  T829] usb 8-1: USB disconnect, device number 5
[   64.789762][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   64.805619][ T6982] input: syz1 as /devices/virtual/input/input12
[   64.828253][ T6308] usb 5-1: usb_control_msg returned -32
[   64.830178][ T6308] usbtmc 5-1:16.0: can't read capabilities
[   65.249111][   T39] kauditd_printk_skb: 19 callbacks suppressed
[   65.249121][   T39] audit: type=1400 audit(1732090662.408:85609): avc:  denied  { write } for  pid=6993 comm="syz.3.345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   65.256927][ T5966] Bluetooth: hci0: unexpected event 0x30 length: 10 > 3
[   65.443710][   T39] audit: type=1400 audit(1732090662.598:85610): avc:  denied  { read write } for  pid=7005 comm="syz.3.349" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   65.452234][   T39] audit: type=1400 audit(1732090662.598:85611): avc:  denied  { open } for  pid=7005 comm="syz.3.349" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   65.458380][   T39] audit: type=1400 audit(1732090662.598:85612): avc:  denied  { getopt } for  pid=7005 comm="syz.3.349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   65.465167][   T39] audit: type=1400 audit(1732090662.598:85613): avc:  denied  { setopt } for  pid=7005 comm="syz.3.349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   65.467212][ T7008] FAULT_INJECTION: forcing a failure.
[   65.467212][ T7008] name failslab, interval 1, probability 0, space 0, times 0
[   65.473620][ T7008] CPU: 0 UID: 0 PID: 7008 Comm: syz.3.350 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0
[   65.476069][ T7008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   65.478728][ T7008] Call Trace:
[   65.479542][ T7008]  <TASK>
[   65.480242][ T7008]  dump_stack_lvl+0x16c/0x1f0
[   65.481366][ T7008]  should_fail_ex+0x497/0x5b0
[   65.482483][ T7008]  ? fs_reclaim_acquire+0xae/0x150
[   65.483737][ T7008]  should_failslab+0xc2/0x120
[   65.484853][ T7008]  __kmalloc_noprof+0xcb/0x400
[   65.485990][ T7008]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   65.487398][ T7008]  tomoyo_realpath_from_path+0xb9/0x720
[   65.488919][ T7008]  ? tomoyo_path_number_perm+0x235/0x590
[   65.490273][ T7008]  tomoyo_path_number_perm+0x248/0x590
[   65.491556][ T7008]  ? tomoyo_path_number_perm+0x235/0x590
[   65.492858][ T7008]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   65.494264][ T7008]  ? __pfx_lock_release+0x10/0x10
[   65.495457][ T7008]  ? trace_lock_acquire+0x14a/0x1d0
[   65.496673][ T7008]  ? lock_acquire+0x2f/0xb0
[   65.497896][ T7008]  ? __fget_files+0x40/0x3a0
[   65.499156][ T7008]  ? __fget_files+0x206/0x3a0
[   65.500300][ T7008]  security_file_ioctl+0x9b/0x240
[   65.501508][ T7008]  __x64_sys_ioctl+0xb7/0x200
[   65.502631][ T7008]  do_syscall_64+0xcd/0x250
[   65.503716][ T7008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.505105][ T7008] RIP: 0033:0x7f0167d7e759
[   65.506163][ T7008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.510780][ T7008] RSP: 002b:00007f0168c5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   65.512735][ T7008] RAX: ffffffffffffffda RBX: 00007f0167f35f80 RCX: 00007f0167d7e759
[   65.514568][ T7008] RDX: 0000000020000000 RSI: 0000000000001277 RDI: 0000000000000003
[   65.516419][ T7008] RBP: 00007f0168c5c090 R08: 0000000000000000 R09: 0000000000000000
[   65.518323][ T7008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.520169][ T7008] R13: 0000000000000000 R14: 00007f0167f35f80 R15: 00007ffccc546bd8
[   65.522037][ T7008]  </TASK>
[   65.522844][    C0] vkms_vblank_simulate: vblank timer overrun
[   65.529014][ T7008] ERROR: Out of memory at tomoyo_realpath_from_path.
[   65.630051][   T39] audit: type=1400 audit(1732090662.788:85614): avc:  denied  { setopt } for  pid=7022 comm="syz.3.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   65.637931][   T39] audit: type=1400 audit(1732090662.788:85615): avc:  denied  { mount } for  pid=7021 comm="syz.1.354" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   65.644110][   T39] audit: type=1400 audit(1732090662.798:85616): avc:  denied  { watch } for  pid=7021 comm="syz.1.354" path="/79/file0" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   65.666629][ T7024] netlink: 'syz.1.354': attribute type 1 has an invalid length.
[   65.669107][ T7024] netlink: 194236 bytes leftover after parsing attributes in process `syz.1.354'.
[   65.691845][   T39] audit: type=1400 audit(1732090662.848:85617): avc:  denied  { read } for  pid=7026 comm="syz.3.356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   65.829161][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   65.856008][   T39] audit: type=1400 audit(1732090663.008:85618): avc:  denied  { unmount } for  pid=5960 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   65.932807][ T7052] JFS: discard option not supported on device
[   65.935687][ T7052] syz.1.362: attempt to access beyond end of device
[   65.935687][ T7052] loop1: rw=0, sector=64, nr_sectors = 8 limit=0
[   65.939769][ T7052] syz.1.362: attempt to access beyond end of device
[   65.939769][ T7052] loop1: rw=0, sector=120, nr_sectors = 8 limit=0
[   65.943186][ T7052] Mount JFS Failure: -5
[   65.944347][ T7052] jfs_mount failed w/return code = -5
[   66.051855][ T7062] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   66.054038][ T7062] IPv6: NLM_F_CREATE should be set when creating new route
[   66.247511][ T6011] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   66.399406][ T6011] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 32, changing to 9
[   66.403445][ T6011] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   66.406061][ T6011] usb 6-1: New USB device found, idVendor=074c, idProduct=0268, bcdDevice= 0.00
[   66.409273][ T6011] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.412421][ T6011] usb 6-1: config 0 descriptor??
[   66.431194][ T7087] fuse: Bad value for 'rootmode'
[   66.433314][ T7087] netlink: 'syz.2.377': attribute type 5 has an invalid length.
[   66.435518][ T7089] netlink: 'syz.2.377': attribute type 5 has an invalid length.
[   66.477433][ T5964] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   66.689839][ T6011] usbhid 6-1:0.0: can't add hid device: -71
[   66.691663][ T6011] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[   66.694742][ T6011] usb 6-1: USB disconnect, device number 8
[   66.869513][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   67.196026][  T829] usb 5-1: USB disconnect, device number 8
[   67.228173][ T7100] can0: slcan on ttynull.
[   67.277388][ T5964] Bluetooth: hci2: command 0x0405 tx timeout
[   67.288957][ T7099] can0 (unregistered): slcan off ttynull.
[   67.310102][ T7108] openvswitch: netlink: Missing key (keys=40040, expected=2000)
[   67.477408][ T6011] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[   67.639661][ T6011] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   67.642631][ T6011] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[   67.645455][ T6011] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   67.648408][ T6011] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   67.651396][ T6011] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   67.653686][ T6011] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.657079][ T6011] usb 7-1: config 0 descriptor??
[   67.659381][ T7104] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   67.907384][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   68.137421][   T35] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   68.289232][   T35] usb 8-1: config 0 has no interfaces?
[   68.291784][   T35] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   68.294276][   T35] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   68.296374][   T35] usb 8-1: Product: syz
[   68.297775][   T35] usb 8-1: Manufacturer: syz
[   68.300624][   T35] usb 8-1: config 0 descriptor??
[   68.718229][ T7127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.721248][ T7127] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.947424][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   69.238331][  T828] usb 8-1: USB disconnect, device number 6
[   69.383078][ T6011] usbhid 7-1:0.0: can't add hid device: -71
[   69.384715][ T6011] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[   69.393614][ T6011] usb 7-1: USB disconnect, device number 19
[   69.451435][ T7158] usb usb9: usbfs: process 7158 (syz.2.396) did not claim interface 2 before use
[   69.637382][   T58] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[   69.787384][   T58] usb 6-1: Using ep0 maxpacket: 32
[   69.790479][   T58] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[   69.792846][   T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.796219][   T58] usb 6-1: config 0 descriptor??
[   69.799599][   T58] as10x_usb: device has been detected
[   69.801337][   T58] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[   69.813808][   T58] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[   69.830067][   T58] as10x_usb: error during firmware upload part1
[   69.832618][   T58] Registered device nBox DVB-T Dongle
[   69.987445][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   70.003039][ T6026] usb 6-1: USB disconnect, device number 9
[   70.010095][ T6026] Unregistered device nBox DVB-T Dongle
[   70.012097][ T6026] as10x_usb: device has been disconnected
[   70.209718][ T7151] nfs4: Bad value for 'source'
[   70.447392][ T6026] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[   70.495988][   T39] kauditd_printk_skb: 22 callbacks suppressed
[   70.496003][   T39] audit: type=1400 audit(1732090667.648:85639): avc:  denied  { listen } for  pid=7163 comm="syz.3.391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   70.496300][ T7168] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.391'.
[   70.600192][ T6026] usb 6-1: too many configurations: 13, using maximum allowed: 8
[   70.602954][ T6026] usb 6-1: config 0 has no interfaces?
[   70.605049][ T6026] usb 6-1: config 0 has no interfaces?
[   70.607142][ T6026] usb 6-1: config 0 has no interfaces?
[   70.609333][ T6026] usb 6-1: config 0 has no interfaces?
[   70.611452][ T6026] usb 6-1: config 0 has no interfaces?
[   70.613756][ T6026] usb 6-1: config 0 has no interfaces?
[   70.615855][ T6026] usb 6-1: config 0 has no interfaces?
[   70.618081][ T6026] usb 6-1: config 0 has no interfaces?
[   70.620878][ T6026] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   70.623186][ T6026] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.625229][ T6026] usb 6-1: Product: syz
[   70.626424][ T6026] usb 6-1: Manufacturer: syz
[   70.628074][ T6026] usb 6-1: SerialNumber: syz
[   70.630257][ T6026] usb 6-1: config 0 descriptor??
[   70.634306][   T39] audit: type=1400 audit(1732090667.788:85640): avc:  denied  { listen } for  pid=7171 comm="syz.0.399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   70.775792][   T39] audit: type=1400 audit(1732090667.928:85641): avc:  denied  { ioctl } for  pid=7171 comm="syz.0.399" path="socket:[15186]" dev="sockfs" ino=15186 ioctlcmd=0x8936 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   70.834642][   T58] usb 6-1: USB disconnect, device number 10
[   71.035062][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[   71.037029][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[   71.039138][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   71.768074][   T39] audit: type=1400 audit(1732090668.928:85642): avc:  denied  { setattr } for  pid=7177 comm="syz.3.400" name="video37" dev="devtmpfs" ino=1073 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[   71.781088][ T7179] mac80211_hwsim hwsim11 ������: renamed from wlan1 (while UP)
[   72.080988][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   72.401667][   T39] audit: type=1400 audit(1732090669.558:85643): avc:  denied  { map } for  pid=7233 comm="syz.0.405" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   72.409154][   T39] audit: type=1400 audit(1732090669.558:85644): avc:  denied  { execute } for  pid=7233 comm="syz.0.405" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   72.478562][ T5964] Bluetooth: hci2: command 0x0405 tx timeout
[   72.479107][   T39] audit: type=1400 audit(1732090669.638:85645): avc:  denied  { append } for  pid=7248 comm="syz.1.408" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   72.544354][   T39] audit: type=1400 audit(1732090669.698:85646): avc:  denied  { map } for  pid=7237 comm="syz.0.406" path="socket:[17558]" dev="sockfs" ino=17558 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   72.552371][   T39] audit: type=1400 audit(1732090669.698:85647): avc:  denied  { read } for  pid=7237 comm="syz.0.406" path="socket:[17558]" dev="sockfs" ino=17558 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   72.636820][   T39] audit: type=1400 audit(1732090669.788:85648): avc:  denied  { getopt } for  pid=7265 comm="syz.3.409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   72.681450][ T7266] overlayfs: invalid origin (0000)
[   72.941037][ T7276] kvm: kvm [7275]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x17e00000000
[   72.943920][ T7276] kvm: kvm [7275]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[   72.953312][ T7276] kvm: kvm [7275]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x4700000080
[   72.959088][ T7276] kvm: kvm [7275]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x5800000000
[   72.968648][ T7276] kvm: kvm [7275]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x7700000080
[   72.972343][ T7276] kvm: kvm [7275]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[   72.978091][ T7276] kvm: kvm [7275]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x5800000000
[   73.001891][ T7276] kvm: kvm [7275]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x26800000000
[   73.110612][    C3] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   73.444464][ T7287] netlink: 8 bytes leftover after parsing attributes in process `syz.3.416'.
[   73.520714][ T7296] netlink: 'syz.1.419': attribute type 10 has an invalid length.
[   73.544978][ T7296] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   73.578702][ T7300] ------------[ cut here ]------------
[   73.580787][ T7300] WARNING: CPU: 2 PID: 7300 at mm/util.c:670 __kvmalloc_node_noprof+0x180/0x1a0
[   73.583857][ T7300] Modules linked in:
[   73.585370][ T7300] CPU: 2 UID: 0 PID: 7300 Comm: syz.1.421 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0
[   73.591073][ T7300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.594701][ T7300] RIP: 0010:__kvmalloc_node_noprof+0x180/0x1a0
[   73.596836][ T7300] Code: e9 1c ff ff ff e8 70 6c bf ff 41 81 e4 00 20 00 00 31 ff 44 89 e6 e8 9f 6e bf ff 45 85 e4 0f 85 3b ff ff ff e8 51 6c bf ff 90 <0f> 0b 90 31 ed e9 ed fe ff ff 48 c7 c7 e8 f1 5f 90 e8 ba 4a 21 00
[   73.603708][ T7300] RSP: 0018:ffffc900047a7a68 EFLAGS: 00010283
[   73.605797][ T7300] RAX: 00000000000017f4 RBX: 00000000c5c4de00 RCX: ffffc90007624000
[   73.608625][ T7300] RDX: 0000000000040000 RSI: ffffffff81ce36ff RDI: 0000000000000005
[   73.611304][ T7300] RBP: 0000000000000400 R08: 0000000000000005 R09: 0000000000000000
[   73.613961][ T7300] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[   73.616631][ T7300] R13: 00000000ffffffff R14: 0000000000000002 R15: dffffc0000000000
[   73.619434][ T7300] FS:  00007f9dd55cb6c0(0000) GS:ffff88806a800000(0000) knlGS:0000000000000000
[   73.622452][ T7300] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   73.624686][ T7300] CR2: 000000110c34cc64 CR3: 00000000412e4000 CR4: 0000000000352ef0
[   73.627551][ T7300] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   73.630142][ T7300] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   73.632738][ T7300] Call Trace:
[   73.633825][ T7300]  <TASK>
[   73.634832][ T7300]  ? __warn+0xea/0x3d0
[   73.636225][ T7300]  ? __kvmalloc_node_noprof+0x180/0x1a0
[   73.639108][ T7300]  ? report_bug+0x3c0/0x580
[   73.640569][ T7300]  ? handle_bug+0x54/0xa0
[   73.642022][ T7300]  ? exc_invalid_op+0x17/0x50
[   73.643636][ T7300]  ? asm_exc_invalid_op+0x1a/0x20
[   73.645325][ T7300]  ? __kvmalloc_node_noprof+0x17f/0x1a0
[   73.647230][ T7300]  ? __kvmalloc_node_noprof+0x180/0x1a0
[   73.649238][ T7300]  ? __kvmalloc_node_noprof+0x17f/0x1a0
[   73.651126][ T7300]  __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[   73.653224][ T7300]  vivid_update_format_cap+0x127b/0x2530
[   73.655143][ T7300]  ? __pfx_vivid_update_format_cap+0x10/0x10
[   73.657197][ T7300]  ? v4l2_match_dv_timings+0x1df/0x1010
[   73.659208][ T7300]  vivid_vid_cap_s_dv_timings+0xc0f/0xfb0
[   73.661143][ T7300]  vidioc_s_dv_timings+0xa5/0xc0
[   73.662844][ T7300]  ? v4l_stub_s_dv_timings+0x1b/0x60
[   73.664629][ T7300]  __video_do_ioctl+0xaf0/0xf00
[   73.666290][ T7300]  ? __pfx___video_do_ioctl+0x10/0x10
[   73.668252][ T7300]  ? __might_fault+0xe3/0x190
[   73.669914][ T7300]  video_usercopy+0x4ce/0x1600
[   73.671576][ T7300]  ? __pfx___video_do_ioctl+0x10/0x10
[   73.673396][ T7300]  ? __pfx_video_usercopy+0x10/0x10
[   73.675181][ T7300]  v4l2_ioctl+0x1ba/0x250
[   73.676665][ T7300]  ? __pfx_v4l2_ioctl+0x10/0x10
[   73.678527][ T7300]  __x64_sys_ioctl+0x190/0x200
[   73.679835][ T7300]  do_syscall_64+0xcd/0x250
[   73.681032][ T7300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.682598][ T7300] RIP: 0033:0x7f9dd477e759
[   73.683794][ T7300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.689746][ T7300] RSP: 002b:00007f9dd55cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   73.692720][ T7300] RAX: ffffffffffffffda RBX: 00007f9dd4935f80 RCX: 00007f9dd477e759
[   73.695069][ T7300] RDX: 0000000020000040 RSI: 00000000c0845657 RDI: 0000000000000003
[   73.697453][ T7300] RBP: 00007f9dd47f175e R08: 0000000000000000 R09: 0000000000000000
[   73.699575][ T7300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.701631][ T7300] R13: 0000000000000000 R14: 00007f9dd4935f80 R15: 00007ffd1cdc6b38
[   73.704263][ T7300]  </TASK>
[   73.705298][ T7300] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   73.707366][ T7300] CPU: 2 UID: 0 PID: 7300 Comm: syz.1.421 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0
[   73.710682][ T7300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.714308][ T7300] Call Trace:
[   73.715454][ T7300]  <TASK>
[   73.716462][ T7300]  dump_stack_lvl+0x3d/0x1f0
[   73.718044][ T7300]  panic+0x71d/0x800
[   73.719389][ T7300]  ? __pfx_panic+0x10/0x10
[   73.720914][ T7300]  ? show_trace_log_lvl+0x29d/0x3d0
[   73.722695][ T7300]  ? __kvmalloc_node_noprof+0x180/0x1a0
[   73.724623][ T7300]  check_panic_on_warn+0xab/0xb0
[   73.726300][ T7300]  __warn+0xf6/0x3d0
[   73.727428][ T7300]  ? __kvmalloc_node_noprof+0x180/0x1a0
[   73.728885][ T7300]  report_bug+0x3c0/0x580
[   73.730008][ T7300]  handle_bug+0x54/0xa0
[   73.731129][ T7300]  exc_invalid_op+0x17/0x50
[   73.732335][ T7300]  asm_exc_invalid_op+0x1a/0x20
[   73.733624][ T7300] RIP: 0010:__kvmalloc_node_noprof+0x180/0x1a0
[   73.735250][ T7300] Code: e9 1c ff ff ff e8 70 6c bf ff 41 81 e4 00 20 00 00 31 ff 44 89 e6 e8 9f 6e bf ff 45 85 e4 0f 85 3b ff ff ff e8 51 6c bf ff 90 <0f> 0b 90 31 ed e9 ed fe ff ff 48 c7 c7 e8 f1 5f 90 e8 ba 4a 21 00
[   73.740277][ T7300] RSP: 0018:ffffc900047a7a68 EFLAGS: 00010283
[   73.741875][ T7300] RAX: 00000000000017f4 RBX: 00000000c5c4de00 RCX: ffffc90007624000
[   73.743941][ T7300] RDX: 0000000000040000 RSI: ffffffff81ce36ff RDI: 0000000000000005
[   73.745987][ T7300] RBP: 0000000000000400 R08: 0000000000000005 R09: 0000000000000000
[   73.748049][ T7300] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[   73.750127][ T7300] R13: 00000000ffffffff R14: 0000000000000002 R15: dffffc0000000000
[   73.752212][ T7300]  ? __kvmalloc_node_noprof+0x17f/0x1a0
[   73.753664][ T7300]  ? __kvmalloc_node_noprof+0x17f/0x1a0
[   73.755114][ T7300]  __v4l2_ctrl_modify_dimensions+0x1c7/0x650
[   73.756672][ T7300]  vivid_update_format_cap+0x127b/0x2530
[   73.758227][ T7300]  ? __pfx_vivid_update_format_cap+0x10/0x10
[   73.760047][ T7300]  ? v4l2_match_dv_timings+0x1df/0x1010
[   73.761527][ T7300]  vivid_vid_cap_s_dv_timings+0xc0f/0xfb0
[   73.763058][ T7300]  vidioc_s_dv_timings+0xa5/0xc0
[   73.764398][ T7300]  ? v4l_stub_s_dv_timings+0x1b/0x60
[   73.765830][ T7300]  __video_do_ioctl+0xaf0/0xf00
[   73.767384][ T7300]  ? __pfx___video_do_ioctl+0x10/0x10
[   73.769069][ T7300]  ? __might_fault+0xe3/0x190
[   73.770656][ T7300]  video_usercopy+0x4ce/0x1600
[   73.772275][ T7300]  ? __pfx___video_do_ioctl+0x10/0x10
[   73.773993][ T7300]  ? __pfx_video_usercopy+0x10/0x10
[   73.775676][ T7300]  v4l2_ioctl+0x1ba/0x250
[   73.777184][ T7300]  ? __pfx_v4l2_ioctl+0x10/0x10
[   73.778535][ T7300]  __x64_sys_ioctl+0x190/0x200
[   73.779822][ T7300]  do_syscall_64+0xcd/0x250
[   73.781032][ T7300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.782602][ T7300] RIP: 0033:0x7f9dd477e759
[   73.783795][ T7300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.788794][ T7300] RSP: 002b:00007f9dd55cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   73.790962][ T7300] RAX: ffffffffffffffda RBX: 00007f9dd4935f80 RCX: 00007f9dd477e759
[   73.793005][ T7300] RDX: 0000000020000040 RSI: 00000000c0845657 RDI: 0000000000000003
[   73.795058][ T7300] RBP: 00007f9dd47f175e R08: 0000000000000000 R09: 0000000000000000
[   73.797145][ T7300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.799173][ T7300] R13: 0000000000000000 R14: 00007f9dd4935f80 R15: 00007ffd1cdc6b38
[   73.801253][ T7300]  </TASK>
[   73.802572][ T7300] Kernel Offset: disabled
[   73.803767][ T7300] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:17:50  Registers:
info registers vcpu 0

CPU#0
EAX=000000a1 EBX=00004344 ECX=0000029a EDX=00002ec4
ESI=00000000 EDI=00006465 EBP=00000000 ESP=0000792e
EIP=0000a05b EFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
CS =0010 00000000 0000ffff 00009b00 DPL=0 CS16 [-RA]
SS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
DS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
FS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
GS =0038 00000000 000fffff 00409300 DPL=0 DS   [-WA]
LDT=0008 00001800 000007ff 00408200 DPL=0 LDT
TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy
GDT=     00001000 000007ff
IDT=     00003800 000001ff
CR0=00000031 CR2=00000000 CR3=00000000 CR4=000020c0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000001
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffff7fffffffffff RBX=1ffff920006d0e9b RCX=ffffffff816ac0a9 RDX=0000000000000000
RSI=0000000000000008 RDI=ffffffff905ff290 RBP=0000000000000001 RSP=ffffc900036874a8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000007
R12=ffffffff8e1bb180 R13=0000000000000001 R14=000000000003dc0c R15=dffffc0000000000
RIP=ffffffff81ef7abb RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000555568072500 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f0168a656c0 CR3=000000004ea86000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555deab730
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555deab498
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555deabcd3 000055555deabc30
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00001001002d0209 010000006123db1a ee8d083633730000 011176081f80030a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1e8b050910000000 0002050509000000 02001f8dcd090001 03fe030000040900
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff04010000000806 06014ff003ffffff ff041f80047e1000 00100008004fe220
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03ffffffff0403ff ffffff0401000000 080606014ff603ff ffffff0403ffffff
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0101800410808aec a208000100000208 0606011582001000 02e8100018100006
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 024f8403ffffffff 0403ffffffff0401 000000080606014f f603ffffffff0403
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff04010000 00080606014ff003 ffffffff041f8004 7e10000010000800
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4fe2201e8b050910 0000000002050509 00000002001f8dcd 09000103fe030000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fffffe0800029803 1008000290037008 0002880300080002 80032ec4080001f8
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000049 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850d5855 RDI=ffffffff9ab02400 RBP=ffffffff9ab023c0 RSP=ffffc900047a73c8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000006
R12=0000000000000000 R13=0000000000000049 R14=ffffffff850d57f0 R15=0000000000000000
RIP=ffffffff850d587f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f9dd55cb6c0 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c34cc64 CR3=00000000412e4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffffe00 Opmask01=0000000003000003 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034 6962762f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000017 4a41550c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000279 0000000000000000 0000000000000000 0000000000009470
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=0000000000000005 RCX=ffffffff84c104e5 RDX=ffff88801ee9c880
RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc900008df960
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000014 R11=0000000000000000
R12=0000000000000014 R13=ffff88804c4a9940 R14=0000000000000000 R15=0000000000000014
RIP=ffffffff84c104ff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f9dd55caf98 CR3=000000000df7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000003000007 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd47f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd490c488 00007f9dd490c480 00007f9dd490c478 00007f9dd490c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd546d100 00007f9dd490c440 00007f9dd490c458 00007f9dd490c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd490c498 00007f9dd490c490 00007f9dd490c488 00007f9dd490c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9500000004000000 8500000000000003 b700000008000002 b7fffffff8000001
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 07000000000000a1 bf00000000fff81a 7b20202000000000 00256c7520000001
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1800000004000000 8520da7367000003 b700000008000002 b7fffffff8000001
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 07000000000000a1 bf00000000fff81a 7b20202000000000 00256c6420000001
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000