last executing test programs:

6.20555751s ago: executing program 3 (id=3254):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x62040200)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f0000000200)=[{&(0x7f0000000040)="39000000130003474cbb65e1c3e4ffff06000d00060000000700000025000000040016000c0014000000001f000006060400180000008cdb25", 0x39}], 0x1)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FBIOPAN_DISPLAY(0xffffffffffffffff, 0x4606, &(0x7f0000000200)={0xf00, 0x1000, 0x690, 0x800, 0x40, 0x8000, 0x1, 0x1, {0x4, 0x8}, {0x0, 0x7ff}, {0x6, 0xc, 0x1}, {0x0, 0x10000, 0x1}, 0x2, 0x12, 0xaf, 0x9, 0x0, 0xfd, 0xffffffff, 0x58ac, 0x2, 0x1000, 0x8, 0x4, 0x1, 0x100, 0x1, 0x2})
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000009c0)=ANY=[@ANYBLOB="4800000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000001000058009000100b53fb783ce"], 0x48}}, 0x0)

5.997829715s ago: executing program 3 (id=3255):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r1, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x10)
r2 = gettid()
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000002140))
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000200)=0xd)
r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000180)={0x2000000, 0x81, 0x0, 0x0, 0xfd, "64f30ea84907e175d5966472c23d26ce8d6f3c"})
r5 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r6 = syz_open_dev$ptys(0xc, 0x3, 0x1)
readv(r5, 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2000000073797a300000000034000000090a01040000000000000000010000000900020073797a32000000000900010073797a30000000000800054000000002440000000e0a01020000000000000073797a32000000001800038014000080100001000900010073797a300000e76b0f7000001000010000000000000000000000000a"], 0xc0}}, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0x13)
r8 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TCXONC(r8, 0x540a, 0x3)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@canfd={{}, 0x24, 0x0, 0x0, 0x0, "bc27adc50d03fb36a26d1d33610708eb844846979c3e552e4f42636ec483561f986e3e2a5455252a03b32ffd44fd8a40b0353a4025411e0620ec9757810556d2"}, 0x48}, 0x2}, 0x28010)
clock_gettime(0x0, &(0x7f0000000080)={<r9=>0x0, <r10=>0x0})
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f00000000c0)={r9, r10/1000+60000}, 0x8)
r11 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r11, 0x40088a01, &(0x7f0000000000))
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
socket$nl_netfilter(0x10, 0x3, 0xc)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$sock(r1, &(0x7f00000034c0)={0x0, 0x0, &(0x7f0000003440)}, 0x0)

5.921730081s ago: executing program 2 (id=3256):
r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x40802, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000180)={@local, 0x1})
prlimit64(0x0, 0x8, &(0x7f0000000140), 0x0)
mlockall(0x3)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, &(0x7f0000000140))
unshare(0x68040200)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000000000)={0x4, 0xb5f, 0x0, 'queue0\x00', 0x7f})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x3e, &(0x7f0000000700)={@local, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x8, 0x73, 0x0, @dev, @local, {[@routing={0x5c, 0x0, 0x1}]}}}}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a3c000000090a050600000000000000000100000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001414000000110001"], 0x64}}, 0x0)
unshare(0x38020400)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002500)=ANY=[@ANYBLOB="1400000010009006000000000000000000000a40000000090a030000000000000000000100000008000a40080000000900020073797a31000000000900010073797a3000000000080005400000001402001280140000001100640000000000000000000084000a00"], 0x68}, 0x1, 0x0, 0x0, 0xc015}, 0x48000)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_INFO(r3, 0x29, 0x40, &(0x7f0000000480)={'security\x00', 0x0, [0x7, 0xfffffffe, 0xffffc14f, 0xfe50, 0x2]}, &(0x7f00000003c0)=0x54)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000002740)={0x53, 0xfffffffffffffff9, 0x6, 0x7, @scatter={0x0, 0x0, 0x0}, &(0x7f00000025c0)="7f0000000000", 0x0, 0x8, 0x1, 0x3, 0x0})

4.986654713s ago: executing program 3 (id=3261):
r0 = getpid()
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r1, &(0x7f0000000080)=""/1, 0x1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x12, r2, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$ARPT_SO_GET_INFO(r3, 0x0, 0x60, &(0x7f0000001000), &(0x7f0000000f40)=0x44)
write$cgroup_pid(r1, &(0x7f00000000c0)=r0, 0x12)
close(r1)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000006c00000008000300", @ANYRES32=r6, @ANYBLOB="08002600760900000800a100ff0f0000080027"], 0x34}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.net/devices.allow\x00', 0x1, 0x0)

4.928857014s ago: executing program 0 (id=3262):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key(&(0x7f0000000280)='encrypted\x00', &(0x7f0000000340)={'syz', 0x1}, &(0x7f0000000380), 0x0, 0xfffffffffffffff8)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, 0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000085bfe7000000000000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x0, 0x0)
add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @immediate={{0xe}, @void}}, {0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1413c3, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r5, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381c988a8", 0xe}, {&(0x7f00000005c0)="c2c16558", 0x4}], 0x2)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)

4.857168244s ago: executing program 3 (id=3263):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
memfd_create(&(0x7f0000000580)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\vsW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05k4p\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
r3 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
r4 = open(&(0x7f0000000400)='./bus\x00', 0x4003e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17ffff6, 0x11, r4, 0x0)
ftruncate(r3, 0x7fff)
r5 = syz_open_dev$sndctrl(&(0x7f0000000600), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000001340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x0, 0x8, 0x0, 0x3, 0x0, 'syz1\x00', &(0x7f0000000180)=['\x00', '-[\'\x00', 'r\x0e\x81|\x0f\xa3\x8a\xb9\x8c\x94\x04\x17\v\rh\x10'], 0xfee5})
r6 = syz_open_dev$sndpcmp(&(0x7f00000000c0), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r6, 0xc2604110, &(0x7f0000003ac0)={0x0, [[0x3], [0x7f7f], [0x1]], '\x00', [{0x0, 0x0, 0x0, 0x0, 0x0, 0x1}], '\x00', 0xff})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="25003300d000000008021100000108021100000050505050505000000302"], 0x44}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000580)={{0x12, 0x1, 0x0, 0x97, 0x4, 0xe9, 0x40, 0x59cc, 0x980d, 0xb48e, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0x3, 0x50}}]}}]}}, 0x0)
timer_create(0x2, &(0x7f0000000240)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_CONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x1c, r11, 0x5, 0x0, 0x0, {{0x18}, {@val={0x8, 0x3, r12}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_AUTHENTICATE(r10, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x84, r8, 0x2, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r9}, @void}}, [@key_params=[@NL80211_ATTR_KEY_DEFAULT_TYPES={0x1c, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x23a}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}], @NL80211_ATTR_MAC={0xa, 0x6, @random="3a123baa06bc"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x111}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1de}, @NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x84}, 0x1, 0x0, 0x0, 0x20000000}, 0x5)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
io_setup(0x900a, &(0x7f0000000000))
r13 = dup(r2)
ioctl$KVM_SET_MSRS(r13, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000010"])
preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000000000)=""/92, 0x5c}, {0x0}, {&(0x7f00000002c0)=""/241, 0xf1}, {&(0x7f00000003c0)=""/220, 0xdc}, {&(0x7f0000000dc0)=""/4096, 0x1000}, {&(0x7f0000001dc0)=""/4096, 0x1000}, {&(0x7f00000004c0)=""/220, 0xdc}, {&(0x7f00000005c0)=""/237, 0xed}, {&(0x7f00000001c0)=""/150, 0x96}], 0x9, 0xd, 0x7)

4.026377165s ago: executing program 0 (id=3264):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xe)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[], 0x40}}, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0))
socket$igmp6(0xa, 0x3, 0x2)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
socket$netlink(0x10, 0x3, 0x0)
epoll_create(0x1ff)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r6)
open(&(0x7f0000000180)='./cgroup\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffc}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x2}, 0x0, 0x0)
shutdown(r3, 0x1)

4.026059129s ago: executing program 2 (id=3265):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000800"/16], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
readv(r1, &(0x7f0000002140)=[{&(0x7f00000010c0)=""/29, 0x1d}], 0x1)
ioctl$EVIOCGABS20(r1, 0x40044591, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
io_setup(0x7f, &(0x7f0000000300))

3.566153198s ago: executing program 2 (id=3267):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000180)=0x67e, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000380)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r5, @ANYBLOB="05003400bb00000004009300040005011e00942d70252bb29c13ff027f171f1cb33de6beaf716f2e2e4034f289a6beb7618bb8f7627988d63e135971791492b2702395c849373bb43221fe1c187ee7ad1f1f5f200e1df30b33f41791ff7f17d010b5ba98d89f11f8197cd8a10df37709b11920500f3bc446752608311261"], 0x4c}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1900e7ff04000000080000000800000000000400", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
mount_setattr(r2, &(0x7f0000000140)='./file0\x00', 0x800, &(0x7f0000000200)={0x4, 0x100000, 0x120000, {r2}}, 0x20)
r6 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv2(r6, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/100, 0x64}], 0x1, 0x2d, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
ptrace$ARCH_GET_CPUID(0x1e, 0x0, 0x0, 0x1011)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x0, 0x0, &(0x7f0000000280)='GPL\x00', 0x7d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x200000, @void, @value}, 0x94)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x343180, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000580)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0xc004}, 0x4000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='jbd2_handle_stats\x00', r9}, 0x10)
r10 = syz_open_procfs(0x0, &(0x7f0000000340)='task\x00')
fchdir(r10)
mount(0x0, 0x0, &(0x7f0000000000)='proc\x00', 0x0, 0x0)

3.138154402s ago: executing program 0 (id=3268):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key(&(0x7f0000000280)='encrypted\x00', &(0x7f0000000340)={'syz', 0x1}, &(0x7f0000000380), 0x0, 0xfffffffffffffff8)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, 0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r5, &(0x7f00000001c0)=[{0x0, 0xe1, 0x0, 0x0, @time={0x0, 0x1}, {}, {}, @result}], 0x1c)
write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)

2.846920473s ago: executing program 1 (id=3269):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000040)=[@sack_perm, @mss={0x2, 0x6}, @window={0x3, 0x4}, @mss={0x2, 0x6}], 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000027c0)='\x00', 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r0, 0x2)

2.846620056s ago: executing program 1 (id=3270):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000fcffffff0000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={&(0x7f0000000200), &(0x7f0000000280), &(0x7f00000002c0)="55200b8184862858ffdd7c1c67a1cff0e94856998695948d3ffddb11f97348a3037e87166230d3a67d049e4ecdbd80658181c6058e33ccbc7528e67f9442a9e12c66ab2ad20fe82f9b650e74406e521858e25da5ed80203cb6d161fd098d2dd93fba86662ed64739f97727ff2f2dea85bae5de8008fde04844c6c0dcbc9ae8735834366eb498b61fcb529cab8c0e", &(0x7f0000000380)="a4cb292e0ad505829fa6bd036e7c", 0x61fb07c3, r0, 0x4}, 0x38)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r2}, 0x38)
r3 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)="1c0000005e007f029ea69801d76ab0a272a29a6810a788bab6c95f79", 0x1c}], 0x1}, 0x0)

2.657094228s ago: executing program 1 (id=3271):
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r3, &(0x7f0000000140)=[{&(0x7f0000000680)='*', 0x1}], 0x1)
splice(r1, 0x0, r3, 0x0, 0xf3a, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
splice(r2, 0x0, r4, 0x0, 0x7f, 0x93)
write$binfmt_script(r3, &(0x7f0000000280)={'#! ', './file0'}, 0xb)
close_range(r0, 0xffffffffffffffff, 0x0)

2.567229729s ago: executing program 2 (id=3272):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key(&(0x7f0000000280)='encrypted\x00', &(0x7f0000000340)={'syz', 0x1}, &(0x7f0000000380), 0x0, 0xfffffffffffffff8)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, 0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000085bfe7000000000000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x0, 0x0)
add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @immediate={{0xe}, @void}}, {0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1413c3, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r5, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381c988a8", 0xe}, {&(0x7f00000005c0)="c2c16558", 0x4}], 0x2)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)

2.10326233s ago: executing program 0 (id=3273):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xe)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[], 0x40}}, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0))
socket$igmp6(0xa, 0x3, 0x2)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
socket$netlink(0x10, 0x3, 0x0)
epoll_create(0x1ff)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r6)
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffc}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x2}, 0x0, 0x0)
shutdown(r3, 0x1)

1.776908634s ago: executing program 1 (id=3274):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x129002)
r1 = syz_io_uring_setup(0x4166, &(0x7f0000000780)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8541)
ioctl$USBDEVFS_ALLOW_SUSPEND(r4, 0x5522)
ioctl$USBDEVFS_BULK(r4, 0x5523, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x5522, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_ALLOW_SUSPEND(r3, 0x5522)
ioctl$USBDEVFS_SETINTERFACE(r3, 0x80045510, &(0x7f0000000000))
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f0000000080)={0x3, 0x0, 0x98, &(0x7f00000001c0)={0x9, 0x8, 0x12}})
syz_usb_disconnect(r0)

1.706264463s ago: executing program 3 (id=3275):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xe)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[], 0x40}}, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0))
socket$igmp6(0xa, 0x3, 0x2)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
socket$netlink(0x10, 0x3, 0x0)
epoll_create(0x1ff)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r6)
open(&(0x7f0000000180)='./cgroup\x00', 0x0, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffc}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x2}, 0x0, 0x0)
shutdown(r3, 0x1)

1.702881554s ago: executing program 2 (id=3276):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendto$inet6(r1, &(0x7f0000000140)="7ef0", 0x5, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
dup(r3)
getpid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x25, 0x2, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = syz_io_uring_setup(0x2c3b, &(0x7f0000000080)={0x0, 0x0, 0x80, 0x0, 0x1db, 0x0, r4}, 0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x2007, @fd_index=0x3})
io_uring_enter(r6, 0x2def, 0x0, 0x0, 0x0, 0x0)
r8 = syz_open_pts(r5, 0x0)
ioctl$TCFLSH(r8, 0x540b, 0x2)
r9 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r9, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r9, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
syz_socket_connect_nvme_tcp()
ioctl$int_in(r9, 0x5452, &(0x7f0000000040)=0x5)
ppoll(0x0, 0x0, &(0x7f0000000240), 0x0, 0x0)

1.146434011s ago: executing program 0 (id=3277):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key(&(0x7f0000000280)='encrypted\x00', &(0x7f0000000340)={'syz', 0x1}, &(0x7f0000000380), 0x0, 0xfffffffffffffff8)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, 0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r5, &(0x7f00000001c0)=[{0x0, 0xe1, 0x0, 0x0, @time={0x0, 0x1}, {}, {}, @result}], 0x1c)
write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)

839.355944ms ago: executing program 3 (id=3278):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key(&(0x7f0000000280)='encrypted\x00', &(0x7f0000000340)={'syz', 0x1}, &(0x7f0000000380), 0x0, 0xfffffffffffffff8)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, 0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000085bfe7000000000000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @immediate={{0xe}, @void}}, {0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1413c3, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r5, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381c988a8", 0xe}, {&(0x7f00000005c0)="c2c16558", 0x4}], 0x2)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)

94.652604ms ago: executing program 1 (id=3279):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000fcffffff0000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={&(0x7f0000000200), &(0x7f0000000280), &(0x7f00000002c0)="55200b8184862858ffdd7c1c67a1cff0e94856998695948d3ffddb11f97348a3037e87166230d3a67d049e4ecdbd80658181c6058e33ccbc7528e67f9442a9e12c66ab2ad20fe82f9b650e74406e521858e25da5ed80203cb6d161fd098d2dd93fba86662ed64739f97727ff2f2dea85bae5de8008fde04844c6c0dcbc9ae8735834366eb498b61fcb529cab8c0e", &(0x7f0000000380)="a4cb292e0ad505829fa6bd036e7c", 0x61fb07c3, r0, 0x4}, 0x38)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)="1c0000005e007f029ea69801d76ab0a272a29a6810a788bab6c95f79", 0x1c}], 0x1}, 0x0)

23.750025ms ago: executing program 1 (id=3280):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000480)={0x2020, 0x0, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
fchown(r1, r3, r4)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r5, &(0x7f0000004180)={0x2020}, 0x2020)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000340)="ba200066b8a9b1b27066eff36c660feef266b80500000066b9a70000000f01d90f00d9baf80c66b87cd3c68f66efbafc0ced67670f2374baa000b88c00eff30f092e660f3a628aeae04f", 0x4a}], 0x1, 0x1, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000070000000000000000000000009500000000000000"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
removexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000400)=ANY=[@ANYBLOB='secu\t\x00tyB#+:-Y\x00'])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='balance_dirty_pages\x00', r7}, 0x18)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r8, 0x4c80, 0xb)
unshare(0x2c020400)
r9 = socket(0x2, 0x2, 0x1)
bind$inet6(r9, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, 0xb)
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000040)='FROZEN\x00', 0x7)
sendmsg$IPCTNL_MSG_EXP_GET(r6, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000240)=ANY=[@ANYBLOB="1800003a8c000102010800000000000000000200001004000280"], 0x18}}, 0x0)
socket(0x400000000010, 0x3, 0x0)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f00000000c0)={'pim6reg0\x00', 0x2})

287.49µs ago: executing program 2 (id=3281):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000fcffffff0000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={&(0x7f0000000200), &(0x7f0000000280), &(0x7f00000002c0)="55200b8184862858ffdd7c1c67a1cff0e94856998695948d3ffddb11f97348a3037e87166230d3a67d049e4ecdbd80658181c6058e33ccbc7528e67f9442a9e12c66ab2ad20fe82f9b650e74406e521858e25da5ed80203cb6d161fd098d2dd93fba86662ed64739f97727ff2f2dea85bae5de8008fde04844c6c0dcbc9ae8735834366eb498b61fcb529cab8c0e", &(0x7f0000000380)="a4cb292e0ad505829fa6bd036e7c", 0x61fb07c3, r0, 0x4}, 0x38)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r2}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000004c0), 0x1000, r2}, 0x38)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xc, &(0x7f0000000240)=@assoc_value, &(0x7f0000000080)=0x8)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)="1c0000005e007f029ea69801d76ab0a272a29a6810a788bab6c95f79", 0x1c}], 0x1}, 0x0)

0s ago: executing program 0 (id=3288):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000fcffffff0000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={&(0x7f0000000200), &(0x7f0000000280), &(0x7f00000002c0)="55200b8184862858ffdd7c1c67a1cff0e94856998695948d3ffddb11f97348a3037e87166230d3a67d049e4ecdbd80658181c6058e33ccbc7528e67f9442a9e12c66ab2ad20fe82f9b650e74406e521858e25da5ed80203cb6d161fd098d2dd93fba86662ed64739f97727ff2f2dea85bae5de8008fde04844c6c0dcbc9ae8735834366eb498b61fcb529cab8c0e", &(0x7f0000000380)="a4cb292e0ad505829fa6bd036e7c", 0x61fb07c3, r0, 0x4}, 0x38)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)="1c0000005e007f029ea69801d76ab0a272a29a6810a788bab6c95f79", 0x1c}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

8] Call Trace:
[  803.868588][T15868]  <TASK>
[  803.869384][T15868]  dump_stack_lvl+0x16c/0x1f0
[  803.870645][T15868]  should_fail_ex+0x497/0x5b0
[  803.871916][T15868]  _copy_from_iter+0x2a1/0x1540
[  803.873232][T15868]  ? __pfx__copy_from_iter+0x10/0x10
[  803.874641][T15868]  ? __virt_addr_valid+0x1a4/0x590
[  803.876012][T15868]  ? __virt_addr_valid+0x5e/0x590
[  803.877340][T15868]  ? __phys_addr_symbol+0x30/0x80
[  803.878670][T15868]  ? __check_object_size+0x488/0x710
[  803.880061][T15868]  netlink_sendmsg+0x813/0xd70
[  803.881333][T15868]  ? __pfx_netlink_sendmsg+0x10/0x10
[  803.882701][T15868]  ? __import_iovec+0x1fd/0x6e0
[  803.883442][   T39] audit: type=1400 audit(8172076585.545:749): avc:  denied  { ioctl } for  pid=15869 comm="syz.3.2935" path="socket:[49935]" dev="sockfs" ino=49935 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  803.883969][T15868]  ____sys_sendmsg+0xaaf/0xc90
[  803.891504][T15868]  ? copy_msghdr_from_user+0x10b/0x160
[  803.892945][T15868]  ? __pfx_____sys_sendmsg+0x10/0x10
[  803.894344][T15868]  ? __pfx___lock_acquire+0x10/0x10
[  803.895700][T15868]  ___sys_sendmsg+0x135/0x1e0
[  803.896942][T15868]  ? __pfx____sys_sendmsg+0x10/0x10
[  803.898300][T15868]  ? lock_acquire+0x2f/0xb0
[  803.899483][T15868]  ? __fget_files+0x40/0x3f0
[  803.900711][T15868]  ? fdget+0x176/0x210
[  803.901788][T15868]  __sys_sendmsg+0x117/0x1f0
[  803.902999][T15868]  ? __pfx___sys_sendmsg+0x10/0x10
[  803.904339][T15868]  ? __fget_files+0x244/0x3f0
[  803.905584][T15868]  do_syscall_64+0xcd/0x250
[  803.906777][T15868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.908302][T15868] RIP: 0033:0x7f469677dff9
[  803.909471][T15868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  803.914414][T15868] RSP: 002b:00007f46975af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  803.916578][T15868] RAX: ffffffffffffffda RBX: 00007f4696935f80 RCX: 00007f469677dff9
[  803.918628][T15868] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  803.920698][T15868] RBP: 00007f46975af090 R08: 0000000000000000 R09: 0000000000000000
[  803.922750][T15868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  803.924820][T15868] R13: 0000000000000000 R14: 00007f4696935f80 R15: 00007fff1cb8d108
[  803.926876][T15868]  </TASK>
[  803.927791][    C2] vkms_vblank_simulate: vblank timer overrun
[  803.938422][T15870] lo speed is unknown, defaulting to 1000
[  803.941003][T15870] lo speed is unknown, defaulting to 1000
[  803.942923][T15870] lo speed is unknown, defaulting to 1000
[  803.947066][T15870] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  803.981680][T15870] lo speed is unknown, defaulting to 1000
[  803.983672][T15870] lo speed is unknown, defaulting to 1000
[  803.985606][T15870] lo speed is unknown, defaulting to 1000
[  803.987501][T15870] lo speed is unknown, defaulting to 1000
[  803.994919][T15870] lo speed is unknown, defaulting to 1000
[  803.997341][T15870] lo speed is unknown, defaulting to 1000
[  803.999422][T15870] lo speed is unknown, defaulting to 1000
[  804.118652][T15883] netlink: 'syz.0.2940': attribute type 1 has an invalid length.
[  804.358303][T15904] FAULT_INJECTION: forcing a failure.
[  804.358303][T15904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  804.364142][T15904] CPU: 2 UID: 0 PID: 15904 Comm: syz.1.2946 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  804.367295][T15904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  804.370136][T15904] Call Trace:
[  804.371121][T15904]  <TASK>
[  804.372219][T15904]  dump_stack_lvl+0x16c/0x1f0
[  804.373727][T15904]  should_fail_ex+0x497/0x5b0
[  804.375041][T15904]  _copy_to_user+0x30/0xc0
[  804.376325][T15904]  simple_read_from_buffer+0xd0/0x160
[  804.378122][T15904]  proc_fail_nth_read+0x198/0x270
[  804.379822][T15904]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  804.381422][T15904]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  804.382931][T15904]  vfs_read+0x1ce/0xbd0
[  804.384025][T15904]  ? __fget_files+0x23a/0x3f0
[  804.385294][T15904]  ? fdget_pos+0x24c/0x360
[  804.386459][T15904]  ? __pfx_lock_release+0x10/0x10
[  804.388002][T15904]  ? trace_lock_acquire+0x14a/0x1d0
[  804.389948][T15904]  ? __pfx_vfs_read+0x10/0x10
[  804.391571][T15904]  ? __pfx___mutex_lock+0x10/0x10
[  804.393000][T15904]  ? __fget_files+0x244/0x3f0
[  804.394698][T15904]  ksys_read+0x12f/0x260
[  804.396191][T15904]  ? __pfx_ksys_read+0x10/0x10
[  804.397784][T15904]  do_syscall_64+0xcd/0x250
[  804.398976][T15904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.400530][T15904] RIP: 0033:0x7fb53ed7ca3c
[  804.401828][T15904] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  804.408623][T15904] RSP: 002b:00007fb53fb7a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  804.411181][T15904] RAX: ffffffffffffffda RBX: 00007fb53ef35f80 RCX: 00007fb53ed7ca3c
[  804.413251][T15904] RDX: 000000000000000f RSI: 00007fb53fb7a0a0 RDI: 0000000000000003
[  804.415316][T15904] RBP: 00007fb53fb7a090 R08: 0000000000000000 R09: 0000000000000000
[  804.417306][T15904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  804.419735][T15904] R13: 0000000000000000 R14: 00007fb53ef35f80 R15: 00007ffd53339c38
[  804.421837][T15904]  </TASK>
[  804.422787][    C2] vkms_vblank_simulate: vblank timer overrun
[  804.425083][T15905] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  804.427359][T15905] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  804.689961][ T1083] sr 2:0:0:0: [sr0] tag#20 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  804.693717][ T1083] sr 2:0:0:0: [sr0] tag#20 Sense Key : Illegal Request [current] 
[  804.696585][ T1083] sr 2:0:0:0: [sr0] tag#20 Add. Sense: Invalid command operation code
[  804.699697][ T1083] sr 2:0:0:0: [sr0] tag#20 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00
[  804.702773][ T1083] blk_print_req_error: 60 callbacks suppressed
[  804.702785][ T1083] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  804.709655][ T1083] buffer_io_error: 60 callbacks suppressed
[  804.709669][ T1083] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  804.723167][T15914] netlink: 'syz.2.2949': attribute type 1 has an invalid length.
[  805.226573][T15931] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  805.230196][T15931] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  805.232620][T15931] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  805.235459][T15931] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  805.239609][T15931] vxlan0: entered promiscuous mode
[  805.261948][T15935] FAULT_INJECTION: forcing a failure.
[  805.261948][T15935] name failslab, interval 1, probability 0, space 0, times 0
[  805.266313][T15935] CPU: 1 UID: 0 PID: 15935 Comm: syz.1.2954 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  805.269199][T15935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  805.271973][T15935] Call Trace:
[  805.272861][T15935]  <TASK>
[  805.273645][T15935]  dump_stack_lvl+0x16c/0x1f0
[  805.274892][T15935]  should_fail_ex+0x497/0x5b0
[  805.276142][T15935]  should_failslab+0xc2/0x120
[  805.277346][T15935]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  805.278775][T15935]  ? skb_clone+0x190/0x3f0
[  805.279981][T15935]  skb_clone+0x190/0x3f0
[  805.281108][T15935]  netlink_deliver_tap+0xab3/0xd90
[  805.282479][T15935]  netlink_unicast+0x5e1/0x7f0
[  805.283742][T15935]  ? __pfx_netlink_unicast+0x10/0x10
[  805.285148][T15935]  ? const_folio_flags.constprop.0+0x56/0x150
[  805.286993][T15935]  netlink_sendmsg+0x8b8/0xd70
[  805.288686][T15935]  ? __pfx_netlink_sendmsg+0x10/0x10
[  805.290577][T15935]  sock_sendmsg+0x3cb/0x470
[  805.292266][T15935]  ? pipe_lock+0x64/0x80
[  805.293856][T15935]  ? __pfx_sock_sendmsg+0x10/0x10
[  805.295736][T15935]  ? avc_has_perm_noaudit+0x119/0x3a0
[  805.297699][T15935]  splice_to_socket+0xaac/0x1040
[  805.299526][T15935]  ? __pfx_splice_to_socket+0x10/0x10
[  805.301342][T15935]  ? inode_has_perm+0x16f/0x1d0
[  805.303112][T15935]  ? bpf_lsm_file_permission+0x9/0x10
[  805.304905][T15935]  ? security_file_permission+0x71/0x210
[  805.306740][T15935]  ? rw_verify_area+0xd0/0x700
[  805.308440][T15935]  ? __pfx_splice_to_socket+0x10/0x10
[  805.310336][T15935]  do_splice+0x145c/0x1f60
[  805.311931][T15935]  ? find_held_lock+0x2d/0x110
[  805.313454][T15935]  ? __pfx_do_splice+0x10/0x10
[  805.314666][T15935]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  805.316089][T15935]  ? trace_lock_acquire+0x14a/0x1d0
[  805.317493][T15935]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  805.318987][T15935]  __do_splice+0x327/0x360
[  805.320105][T15935]  ? __pfx___do_splice+0x10/0x10
[  805.321324][T15935]  __x64_sys_splice+0x1cd/0x270
[  805.322611][T15935]  do_syscall_64+0xcd/0x250
[  805.323749][T15935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  805.325270][T15935] RIP: 0033:0x7fb53ed7dff9
[  805.326401][T15935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  805.331306][T15935] RSP: 002b:00007fb53fb59038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  805.333921][T15935] RAX: ffffffffffffffda RBX: 00007fb53ef36058 RCX: 00007fb53ed7dff9
[  805.336423][T15935] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  805.338462][T15935] RBP: 00007fb53fb59090 R08: 000000000004ffe2 R09: 0000000000000000
[  805.340508][T15935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  805.342570][T15935] R13: 0000000000000001 R14: 00007fb53ef36058 R15: 00007ffd53339c38
[  805.344727][T15935]  </TASK>
[  805.346267][T15935] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2954'.
[  805.348492][T15935] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2954'.
[  805.529706][T15943] FAULT_INJECTION: forcing a failure.
[  805.529706][T15943] name failslab, interval 1, probability 0, space 0, times 0
[  805.532838][T15943] CPU: 2 UID: 0 PID: 15943 Comm: syz.0.2957 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  805.535599][T15943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  805.538361][T15943] Call Trace:
[  805.539259][T15943]  <TASK>
[  805.540032][T15943]  dump_stack_lvl+0x16c/0x1f0
[  805.541247][T15943]  should_fail_ex+0x497/0x5b0
[  805.542429][T15943]  should_failslab+0xc2/0x120
[  805.543656][T15943]  __kmalloc_noprof+0xcb/0x400
[  805.544881][T15943]  ___neigh_create+0x152b/0x2ac0
[  805.546106][T15943]  ? __pfx____neigh_create+0x10/0x10
[  805.547444][T15943]  ip6_finish_output2+0x121c/0x1a50
[  805.548818][T15943]  ip6_finish_output+0x3f9/0x1300
[  805.550132][T15943]  ip6_output+0x1f8/0x540
[  805.551262][T15943]  ? __pfx_ip6_output+0x10/0x10
[  805.552545][T15943]  ip6_local_out+0xcd/0x4a0
[  805.553741][T15943]  ip6_send_skb+0x112/0x460
[  805.554931][T15943]  udp_v6_send_skb+0x906/0x1820
[  805.556217][T15943]  udpv6_sendmsg+0x253e/0x3030
[  805.557467][T15943]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  805.558916][T15943]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  805.560464][T15943]  ? avc_has_perm_noaudit+0x143/0x3a0
[  805.561869][T15943]  ? avc_has_perm+0x11b/0x1c0
[  805.563114][T15943]  ? __pfx_mark_lock+0x10/0x10
[  805.564383][T15943]  ? find_held_lock+0x2d/0x110
[  805.565531][T15943]  ? __import_iovec+0x1fd/0x6e0
[  805.566804][T15943]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  805.568103][T15943]  ? inet6_sendmsg+0x105/0x140
[  805.569361][T15943]  inet6_sendmsg+0x105/0x140
[  805.570580][T15943]  ____sys_sendmsg+0x68c/0xc90
[  805.571837][T15943]  ? copy_msghdr_from_user+0x10b/0x160
[  805.573265][T15943]  ? __pfx_____sys_sendmsg+0x10/0x10
[  805.574623][T15943]  ? __pfx___lock_acquire+0x10/0x10
[  805.576461][T15943]  ___sys_sendmsg+0x135/0x1e0
[  805.578191][T15943]  ? __pfx____sys_sendmsg+0x10/0x10
[  805.579838][T15943]  ? lock_acquire+0x2f/0xb0
[  805.581436][T15943]  ? __fget_files+0x40/0x3f0
[  805.583058][T15943]  ? fdget+0x176/0x210
[  805.584495][T15943]  __sys_sendmmsg+0x1a1/0x450
[  805.586015][T15943]  ? __pfx___sys_sendmmsg+0x10/0x10
[  805.587304][T15943]  ? vfs_write+0x14d/0x1140
[  805.588481][T15943]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  805.590047][T15943]  ? fput+0x30/0x390
[  805.591072][T15943]  ? ksys_write+0x1ad/0x260
[  805.592272][T15943]  ? __pfx_ksys_write+0x10/0x10
[  805.593552][T15943]  __x64_sys_sendmmsg+0x9c/0x100
[  805.594901][T15943]  ? lockdep_hardirqs_on+0x7c/0x110
[  805.596275][T15943]  do_syscall_64+0xcd/0x250
[  805.597472][T15943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  805.599011][T15943] RIP: 0033:0x7f142d97dff9
[  805.600191][T15943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  805.605036][T15943] RSP: 002b:00007f142d3ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  805.607172][T15943] RAX: ffffffffffffffda RBX: 00007f142db35f80 RCX: 00007f142d97dff9
[  805.609297][T15943] RDX: 0000000000000002 RSI: 0000000020000d00 RDI: 0000000000000003
[  805.611307][T15943] RBP: 00007f142d3ff090 R08: 0000000000000000 R09: 0000000000000000
[  805.613326][T15943] R10: 0000000000040800 R11: 0000000000000246 R12: 0000000000000001
[  805.615444][T15943] R13: 0000000000000000 R14: 00007f142db35f80 R15: 00007ffef318bd78
[  805.617486][T15943]  </TASK>
[  805.618382][    C2] vkms_vblank_simulate: vblank timer overrun
[  805.779102][   T68] Bluetooth: hci4: command tx timeout
[  806.050003][   T39] audit: type=1326 audit(8172076587.725:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15953 comm="syz.2.2960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469677dff9 code=0x7ffc0000
[  806.057392][   T39] audit: type=1326 audit(8172076587.725:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15953 comm="syz.2.2960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469677dff9 code=0x7ffc0000
[  806.078977][   T39] audit: type=1326 audit(8172076587.725:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15953 comm="syz.2.2960" exe="/syz-executor" sig=0 arch=c000003e syscall=300 compat=0 ip=0x7f469677dff9 code=0x7ffc0000
[  806.088087][   T39] audit: type=1326 audit(8172076587.725:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15953 comm="syz.2.2960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f469677dff9 code=0x7ffc0000
[  806.251377][T15967] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2964'.
[  806.254619][T15967] bridge0: port 2(bridge_slave_1) entered disabled state
[  806.259609][T15967] bridge0: port 1(bridge_slave_0) entered disabled state
[  807.465886][T15992] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  807.469154][   T39] audit: type=1400 audit(8172076589.135:754): avc:  denied  { create } for  pid=15988 comm="syz.2.2970" name="net_prio.prioidx" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  807.495247][   T39] audit: type=1400 audit(8172076589.145:755): avc:  denied  { associate } for  pid=15988 comm="syz.2.2970" name="net_prio.prioidx" scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  807.522326][   T39] audit: type=1400 audit(8172076589.145:756): avc:  denied  { read append open } for  pid=15988 comm="syz.2.2970" path="/66/file1/net_prio.prioidx" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=2321202E2F6367726F75702F66696C653061616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  807.551756][   T39] audit: type=1400 audit(8172076589.165:757): avc:  denied  { create } for  pid=15988 comm="syz.2.2970" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  807.945675][T15999] FAULT_INJECTION: forcing a failure.
[  807.945675][T15999] name failslab, interval 1, probability 0, space 0, times 0
[  807.972411][T15999] CPU: 2 UID: 0 PID: 15999 Comm: syz.0.2972 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  807.975181][T15999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  807.977949][T15999] Call Trace:
[  807.978838][T15999]  <TASK>
[  807.979619][T15999]  dump_stack_lvl+0x16c/0x1f0
[  807.980863][T15999]  should_fail_ex+0x497/0x5b0
[  807.982096][T15999]  ? fs_reclaim_acquire+0xae/0x150
[  807.983436][T15999]  should_failslab+0xc2/0x120
[  807.984679][T15999]  __kmalloc_noprof+0xcb/0x400
[  807.985924][T15999]  ? find_held_lock+0x2d/0x110
[  807.987175][T15999]  skcipher_walk_next+0xf33/0x1620
[  807.988639][T15999]  skcipher_walk_first+0xf7/0x3d0
[  807.989976][T15999]  ? lockdep_hardirqs_on+0x7c/0x110
[  807.991347][T15999]  skcipher_walk_skcipher+0x4d2/0x640
[  807.992759][T15999]  skcipher_walk_virt+0xa8/0x150
[  807.994062][T15999]  ? __pfx_aes_xts_decrypt_vaes_avx10_256+0x10/0x10
[  807.995768][T15999]  xts_crypt_slowpath+0x565/0x700
[  807.997102][T15999]  ? __kasan_slab_free+0x51/0x70
[  807.998400][T15999]  ? kfree+0x14f/0x4b0
[  807.999476][T15999]  ? ___sys_recvmsg+0x115/0x1a0
[  808.000753][T15999]  ? __pfx_xts_crypt_slowpath+0x10/0x10
[  808.002194][T15999]  ? mark_lock+0xb5/0xc60
[  808.003338][T15999]  ? mark_held_locks+0x9f/0xe0
[  808.004601][T15999]  ? __pfx_kernel_fpu_begin_mask+0x10/0x10
[  808.006115][T15999]  ? sock_kfree_s+0x39/0x60
[  808.007301][T15999]  xts_decrypt_vaes_avx10_256+0x37b/0x440
[  808.008802][T15999]  crypto_skcipher_decrypt+0xf8/0x170
[  808.010212][T15999]  crypto_skcipher_decrypt+0xf8/0x170
[  808.011608][T15999]  skcipher_recvmsg+0xc23/0x1020
[  808.012916][T15999]  ? find_held_lock+0x2d/0x110
[  808.014166][T15999]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  808.015556][T15999]  sock_recvmsg+0x1f6/0x250
[  808.016749][T15999]  ____sys_recvmsg+0x219/0x6b0
[  808.018009][T15999]  ? __pfx_____sys_recvmsg+0x10/0x10
[  808.019616][T15999]  ? find_held_lock+0x2d/0x110
[  808.021016][T15999]  ___sys_recvmsg+0x115/0x1a0
[  808.022304][T15999]  ? __pfx____sys_recvmsg+0x10/0x10
[  808.023699][T15999]  ? lock_acquire+0x2f/0xb0
[  808.024941][T15999]  ? fdget+0x176/0x210
[  808.026039][T15999]  do_recvmmsg+0x2ba/0x750
[  808.027233][T15999]  ? __pfx_do_recvmmsg+0x10/0x10
[  808.028566][T15999]  ? vfs_write+0x14d/0x1140
[  808.029793][T15999]  ? __mutex_unlock_slowpath+0x164/0x650
[  808.031280][T15999]  ? __fget_files+0x244/0x3f0
[  808.032639][T15999]  __x64_sys_recvmmsg+0x239/0x290
[  808.033980][T15999]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  808.035446][T15999]  do_syscall_64+0xcd/0x250
[  808.036669][T15999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.038217][T15999] RIP: 0033:0x7f142d97dff9
[  808.039389][T15999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  808.044335][T15999] RSP: 002b:00007f142d3ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  808.046467][T15999] RAX: ffffffffffffffda RBX: 00007f142db35f80 RCX: 00007f142d97dff9
[  808.048521][T15999] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000004
[  808.050562][T15999] RBP: 00007f142d3ff090 R08: 0000000000000000 R09: 0000000000000000
[  808.052605][T15999] R10: 0000000000000042 R11: 0000000000000246 R12: 0000000000000001
[  808.054654][T15999] R13: 0000000000000000 R14: 00007f142db35f80 R15: 00007ffef318bd78
[  808.056656][T15999]  </TASK>
[  808.431093][ T1382] ieee802154 phy0 wpan0: encryption failed: -22
[  808.432854][ T1382] ieee802154 phy1 wpan1: encryption failed: -22
[  808.727789][T16025] cgroup: Unknown subsys name 'subj_user'
[  809.849055][   T35] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  810.170696][   T35] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  810.174938][   T35] usb 5-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  810.179531][   T35] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  810.182287][   T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.187009][   T35] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  810.189135][   T35] usb 5-1: invalid MIDI out EP 0
[  810.227668][   T35] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[  810.419777][ T1297] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  810.480515][ T7254] usb 5-1: USB disconnect, device number 34
[  810.568913][ T1297] usb 6-1: Using ep0 maxpacket: 8
[  810.575028][ T1297] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  810.578100][ T1297] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  810.580779][ T1297] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  810.583361][ T1297] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  810.585948][ T1297] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  810.589775][ T1297] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  810.592410][ T1297] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.683587][T16059] Bluetooth: MGMT ver 1.23
[  810.836211][ T1297] usb 6-1: usb_control_msg returned -32
[  810.838351][ T1297] usbtmc 6-1:16.0: can't read capabilities
[  812.076363][T16087] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  812.702710][ T1297] usb 6-1: USB disconnect, device number 38
[  813.262411][   T35] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  813.409055][   T35] usb 5-1: device descriptor read/64, error -71
[  813.638964][ T7278] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[  813.810294][ T7278] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  813.813206][ T7278] usb 7-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  813.816063][ T7278] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  813.818356][ T7278] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  813.823927][ T7278] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  813.825884][ T7278] usb 7-1: invalid MIDI out EP 0
[  813.849058][T14603] usb 6-1: new full-speed USB device number 39 using dummy_hcd
[  813.855768][T14918] udevd[14918]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  813.857137][ T7278] snd-usb-audio 7-1:27.0: probe with driver snd-usb-audio failed with error -22
[  813.882618][   T11] Bluetooth: Error in BCSP hdr checksum
[  813.888934][   T35] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  814.010426][T14603] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  814.013246][T14603] usb 6-1: config 0 has no interface number 0
[  814.015464][T14603] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  814.018536][T14603] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  814.021847][T14603] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  814.024703][T14603] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  814.027734][T14603] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  814.031334][T14603] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  814.033889][T14603] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.039062][   T35] usb 5-1: device descriptor read/64, error -71
[  814.043783][T14603] usb 6-1: config 0 descriptor??
[  814.051645][T14603] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  814.093949][ T7278] usb 7-1: USB disconnect, device number 49
[  814.139758][   T11] Bluetooth: Error in BCSP hdr checksum
[  814.149420][   T35] usb usb5-port1: attempt power cycle
[  814.410678][   T12] Bluetooth: Error in BCSP hdr checksum
[  814.489091][   T35] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  814.519324][   T35] usb 5-1: device descriptor read/8, error -71
[  814.679956][   T11] Bluetooth: Error in BCSP hdr checksum
[  814.763506][   T35] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  814.779766][   T35] usb 5-1: device descriptor read/8, error -71
[  814.889421][   T35] usb usb5-port1: unable to enumerate USB device
[  814.939266][  T107] Bluetooth: Error in BCSP hdr checksum
[  815.031588][T16115] FAULT_INJECTION: forcing a failure.
[  815.031588][T16115] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  815.036147][T16115] CPU: 3 UID: 0 PID: 16115 Comm: syz.0.2998 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  815.040001][T16115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  815.043793][T16115] Call Trace:
[  815.045001][T16115]  <TASK>
[  815.046112][T16115]  dump_stack_lvl+0x16c/0x1f0
[  815.047547][T16115]  should_fail_ex+0x497/0x5b0
[  815.049085][T16115]  _copy_from_iter+0x2a1/0x1540
[  815.050872][T16115]  ? __pfx__copy_from_iter+0x10/0x10
[  815.052876][T16115]  ? __virt_addr_valid+0x1a4/0x590
[  815.054834][T16115]  ? __virt_addr_valid+0x5e/0x590
[  815.056706][T16115]  ? __phys_addr_symbol+0x30/0x80
[  815.058490][T16115]  ? __check_object_size+0x488/0x710
[  815.060418][T16115]  netlink_sendmsg+0x813/0xd70
[  815.062150][T16115]  ? __pfx_netlink_sendmsg+0x10/0x10
[  815.064073][T16115]  ? __import_iovec+0x1fd/0x6e0
[  815.065745][T16115]  ____sys_sendmsg+0xaaf/0xc90
[  815.067442][T16115]  ? copy_msghdr_from_user+0x10b/0x160
[  815.069430][T16115]  ? __pfx_____sys_sendmsg+0x10/0x10
[  815.071309][T16115]  ? __pfx___lock_acquire+0x10/0x10
[  815.073297][T16115]  ___sys_sendmsg+0x135/0x1e0
[  815.075138][T16115]  ? __pfx____sys_sendmsg+0x10/0x10
[  815.077070][T16115]  ? lock_acquire+0x2f/0xb0
[  815.078573][T16115]  ? __fget_files+0x40/0x3f0
[  815.080316][T16115]  ? fdget+0x176/0x210
[  815.081460][T16115]  __sys_sendmsg+0x117/0x1f0
[  815.083110][T16115]  ? __pfx___sys_sendmsg+0x10/0x10
[  815.084960][T16115]  ? __fget_files+0x244/0x3f0
[  815.086769][T16115]  do_syscall_64+0xcd/0x250
[  815.088441][T16115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.090498][T16115] RIP: 0033:0x7f142d97dff9
[  815.092169][T16115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  815.098425][T16115] RSP: 002b:00007f142d3ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  815.101094][T16115] RAX: ffffffffffffffda RBX: 00007f142db35f80 RCX: 00007f142d97dff9
[  815.103159][T16115] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  815.105222][T16115] RBP: 00007f142d3ff090 R08: 0000000000000000 R09: 0000000000000000
[  815.107383][T16115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  815.109489][T16115] R13: 0000000000000000 R14: 00007f142db35f80 R15: 00007ffef318bd78
[  815.111557][T16115]  </TASK>
[  815.200280][   T11] Bluetooth: Error in BCSP hdr checksum
[  815.516613][T15164] Bluetooth: Error in BCSP hdr checksum
[  815.629332][   T68] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  815.717218][   T39] audit: type=1400 audit(8172076597.385:758): avc:  denied  { create } for  pid=16126 comm="syz.2.3001" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  815.769979][  T107] Bluetooth: Error in BCSP hdr checksum
[  815.787980][   T39] audit: type=1326 audit(8172076597.455:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16126 comm="syz.2.3001" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f469677dff9 code=0x0
[  816.032556][  T107] Bluetooth: Error in BCSP hdr checksum
[  816.299516][ T1215] Bluetooth: Error in BCSP hdr checksum
[  816.389745][ T5411] usb 6-1: USB disconnect, device number 39
[  816.393721][ T5411] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  816.740087][T16152] FAULT_INJECTION: forcing a failure.
[  816.740087][T16152] name fail_futex, interval 1, probability 0, space 0, times 1
[  816.744402][T16152] CPU: 1 UID: 0 PID: 16152 Comm: syz.2.3007 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  816.747767][T16152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  816.750598][T16152] Call Trace:
[  816.751475][T16152]  <TASK>
[  816.752263][T16152]  dump_stack_lvl+0x16c/0x1f0
[  816.753507][T16152]  should_fail_ex+0x497/0x5b0
[  816.754764][T16152]  get_futex_key+0x1b1/0x1090
[  816.756020][T16152]  ? __pfx_get_futex_key+0x10/0x10
[  816.757370][T16152]  futex_wait_requeue_pi+0x201/0x8d0
[  816.758761][T16152]  ? __pfx_futex_wait_requeue_pi+0x10/0x10
[  816.760317][T16152]  ? find_held_lock+0x2d/0x110
[  816.761926][T16152]  ? __pfx_futex_wake_mark+0x10/0x10
[  816.763827][T16152]  ? vfs_write+0x14d/0x1140
[  816.765464][T16152]  do_futex+0x2b0/0x350
[  816.766593][T16152]  ? __pfx_do_futex+0x10/0x10
[  816.767855][T16152]  __x64_sys_futex+0x1e1/0x4c0
[  816.769133][T16152]  ? fput+0x30/0x390
[  816.770171][T16152]  ? __pfx___x64_sys_futex+0x10/0x10
[  816.771558][T16152]  ? ksys_write+0x1ad/0x260
[  816.772784][T16152]  ? __pfx_ksys_write+0x10/0x10
[  816.774080][T16152]  do_syscall_64+0xcd/0x250
[  816.775340][T16152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.776901][T16152] RIP: 0033:0x7f469677dff9
[  816.778071][T16152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  816.783047][T16152] RSP: 002b:00007f46975af038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  816.785230][T16152] RAX: ffffffffffffffda RBX: 00007f4696935f80 RCX: 00007f469677dff9
[  816.787298][T16152] RDX: 0000000000000000 RSI: 000080000000000b RDI: 000000002000cffc
[  816.789389][T16152] RBP: 00007f46975af090 R08: 0000000020048000 R09: 0000000000000000
[  816.791457][T16152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  816.793546][T16152] R13: 0000000000000000 R14: 00007f4696935f80 R15: 00007fff1cb8d108
[  816.795616][T16152]  </TASK>
[  817.858973][   T68] Bluetooth: hci4: command tx timeout
[  817.956494][T16181] FAULT_INJECTION: forcing a failure.
[  817.956494][T16181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  817.961290][T16181] CPU: 3 UID: 0 PID: 16181 Comm: syz.2.3015 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  817.965039][T16181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  817.968744][T16181] Call Trace:
[  817.970037][T16181]  <TASK>
[  817.971169][T16181]  dump_stack_lvl+0x16c/0x1f0
[  817.972876][T16181]  should_fail_ex+0x497/0x5b0
[  817.974611][T16181]  _copy_to_user+0x30/0xc0
[  817.976196][T16181]  simple_read_from_buffer+0xd0/0x160
[  817.978062][T16181]  proc_fail_nth_read+0x198/0x270
[  817.979850][T16181]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  817.981843][T16181]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  817.983819][T16181]  vfs_read+0x1ce/0xbd0
[  817.985314][T16181]  ? __fget_files+0x23a/0x3f0
[  817.986951][T16181]  ? fdget_pos+0x24c/0x360
[  817.988553][T16181]  ? __pfx_lock_release+0x10/0x10
[  817.990322][T16181]  ? trace_lock_acquire+0x14a/0x1d0
[  817.992149][T16181]  ? __pfx_vfs_read+0x10/0x10
[  817.993792][T16181]  ? __pfx___mutex_lock+0x10/0x10
[  817.995558][T16181]  ? __fget_files+0x244/0x3f0
[  817.997195][T16181]  ksys_read+0x12f/0x260
[  817.998686][T16181]  ? __pfx_ksys_read+0x10/0x10
[  818.000431][T16181]  do_syscall_64+0xcd/0x250
[  818.002048][T16181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.004233][T16181] RIP: 0033:0x7f469677ca3c
[  818.005793][T16181] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  818.011463][T16181] RSP: 002b:00007f46975af030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  818.013537][T16181] RAX: ffffffffffffffda RBX: 00007f4696935f80 RCX: 00007f469677ca3c
[  818.015539][T16181] RDX: 000000000000000f RSI: 00007f46975af0a0 RDI: 0000000000000012
[  818.017539][T16181] RBP: 00007f46975af090 R08: 0000000000000000 R09: 0000000000000000
[  818.019527][T16181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  818.021522][T16181] R13: 0000000000000000 R14: 00007f4696935f80 R15: 00007fff1cb8d108
[  818.023545][T16181]  </TASK>
[  818.259190][ T5411] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  818.363598][   T39] audit: type=1326 audit(8172076600.035:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16184 comm="syz.1.3016" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb53ed7dff9 code=0x0
[  818.730591][ T5411] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  818.734304][ T5411] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  818.738051][ T5411] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  818.741309][ T5411] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  818.744976][ T5411] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  818.747955][ T5411] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.752444][ T5411] usb 5-1: config 0 descriptor??
[  818.754887][T16177] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  819.557932][ T5411] usbhid 5-1:0.0: can't add hid device: -71
[  819.560302][ T5411] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  819.564316][ T5411] usb 5-1: USB disconnect, device number 39
[  820.052061][   T39] audit: type=1400 audit(8172076601.725:761): avc:  denied  { setopt } for  pid=16205 comm="syz.1.3020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  820.053253][T16220] FAULT_INJECTION: forcing a failure.
[  820.053253][T16220] name failslab, interval 1, probability 0, space 0, times 0
[  820.062754][T16220] CPU: 3 UID: 0 PID: 16220 Comm: syz.3.3023 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  820.065384][T16220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  820.067959][T16220] Call Trace:
[  820.068811][T16220]  <TASK>
[  820.069582][T16220]  dump_stack_lvl+0x16c/0x1f0
[  820.070765][T16220]  should_fail_ex+0x497/0x5b0
[  820.071978][T16220]  ? fs_reclaim_acquire+0xae/0x150
[  820.073475][T16220]  should_failslab+0xc2/0x120
[  820.074946][T16220]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  820.076566][T16220]  ? alloc_empty_file+0x73/0x1e0
[  820.078011][T16220]  alloc_empty_file+0x73/0x1e0
[  820.079413][T16220]  alloc_file_pseudo+0x147/0x210
[  820.080814][T16220]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  820.082462][T16220]  ? __pfx_idr_alloc_u32+0x10/0x10
[  820.084033][T16220]  ? find_held_lock+0x2d/0x110
[  820.085459][T16220]  ? find_held_lock+0x2d/0x110
[  820.088207][T16220]  __anon_inode_getfile+0x136/0x3d0
[  820.089669][T16220]  ? __pfx___anon_inode_getfile+0x10/0x10
[  820.091163][T16220]  ? bpf_link_prime+0x8a/0x4d0
[  820.092464][T16220]  ? __local_bh_enable_ip+0xa4/0x120
[  820.093858][T16220]  bpf_link_prime+0x202/0x4d0
[  820.095103][T16220]  netns_bpf_link_create+0x282/0xb40
[  820.096518][T16220]  ? __pfx_netns_bpf_link_create+0x10/0x10
[  820.098055][T16220]  ? fput+0x30/0x390
[  820.099023][T16220]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  820.100620][T16220]  __sys_bpf+0x2716/0x49a0
[  820.101690][T16220]  ? ksys_write+0x21e/0x260
[  820.102817][T16220]  ? reacquire_held_locks+0x450/0x4c0
[  820.104143][T16220]  ? __pfx___sys_bpf+0x10/0x10
[  820.105445][T16220]  ? vfs_write+0x14d/0x1140
[  820.106746][T16220]  ? __mutex_unlock_slowpath+0x164/0x650
[  820.108415][T16220]  ? fput+0x30/0x390
[  820.109671][T16220]  ? ksys_write+0x1ad/0x260
[  820.110891][T16220]  ? __pfx_ksys_write+0x10/0x10
[  820.112127][T16220]  __x64_sys_bpf+0x78/0xc0
[  820.113219][T16220]  ? lockdep_hardirqs_on+0x7c/0x110
[  820.114641][T16220]  do_syscall_64+0xcd/0x250
[  820.115885][T16220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  820.117384][T16220] RIP: 0033:0x7fb5dbf7dff9
[  820.118545][T16220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  820.123643][T16220] RSP: 002b:00007fb5dcca2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  820.125866][T16220] RAX: ffffffffffffffda RBX: 00007fb5dc135f80 RCX: 00007fb5dbf7dff9
[  820.127798][T16220] RDX: 0000000000000050 RSI: 0000000020000440 RDI: 000000000000001c
[  820.129872][T16220] RBP: 00007fb5dcca2090 R08: 0000000000000000 R09: 0000000000000000
[  820.131786][T16220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  820.133780][T16220] R13: 0000000000000000 R14: 00007fb5dc135f80 R15: 00007ffed5845248
[  820.135800][T16220]  </TASK>
[  820.314406][T16226] fuseblk: Unknown parameter 'group_!d'
[  820.392106][T16230] pimreg: entered allmulticast mode
[  820.618321][T16237] raw_sendmsg: syz.1.3028 forgot to set AF_INET. Fix it!
[  821.757448][T16266] FAULT_INJECTION: forcing a failure.
[  821.757448][T16266] name failslab, interval 1, probability 0, space 0, times 0
[  821.761506][T16266] CPU: 2 UID: 0 PID: 16266 Comm: syz.3.3035 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  821.764085][T16266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  821.766573][T16266] Call Trace:
[  821.767385][T16266]  <TASK>
[  821.768160][T16266]  dump_stack_lvl+0x16c/0x1f0
[  821.769400][T16266]  should_fail_ex+0x497/0x5b0
[  821.770612][T16266]  ? fs_reclaim_acquire+0xae/0x150
[  821.771973][T16266]  should_failslab+0xc2/0x120
[  821.773130][T16266]  __kmalloc_noprof+0xcb/0x400
[  821.774279][T16266]  ? kasan_save_stack+0x42/0x60
[  821.775428][T16266]  ? kasan_save_stack+0x33/0x60
[  821.776601][T16266]  vb2_core_allocated_buffers_storage+0x184/0x220
[  821.778206][T16266]  vb2_core_reqbufs+0x381/0xfb0
[  821.779391][T16266]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  821.780684][T16266]  ? __pfx___mutex_trylock_common+0x10/0x10
[  821.782078][T16266]  ? rcu_is_watching+0x12/0xc0
[  821.783239][T16266]  ? trace_contention_end+0xea/0x140
[  821.784696][T16266]  vb2_reqbufs+0x1a5/0x1f0
[  821.785874][T16266]  ? __video_do_ioctl+0x4a2/0xf00
[  821.787086][T16266]  ? __pfx_vb2_reqbufs+0x10/0x10
[  821.788330][T16266]  ? __pfx___mutex_lock+0x10/0x10
[  821.789519][T16266]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  821.791030][T16266]  v4l2_m2m_ioctl_reqbufs+0xdc/0x1e0
[  821.792297][T16266]  v4l_reqbufs+0x14c/0x1e0
[  821.793426][T16266]  __video_do_ioctl+0xaf0/0xf00
[  821.794832][T16266]  ? __pfx___video_do_ioctl+0x10/0x10
[  821.796144][T16266]  video_usercopy+0x4ce/0x1600
[  821.797305][T16266]  ? __pfx___video_do_ioctl+0x10/0x10
[  821.798603][T16266]  ? __pfx_video_usercopy+0x10/0x10
[  821.799829][T16266]  v4l2_ioctl+0x1ba/0x250
[  821.800925][T16266]  ? __pfx_v4l2_ioctl+0x10/0x10
[  821.802080][T16266]  __x64_sys_ioctl+0x18f/0x220
[  821.803326][T16266]  do_syscall_64+0xcd/0x250
[  821.804522][T16266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.805936][T16266] RIP: 0033:0x7fb5dbf7dff9
[  821.807002][T16266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  821.811770][T16266] RSP: 002b:00007fb5db9ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  821.813741][T16266] RAX: ffffffffffffffda RBX: 00007fb5dc136058 RCX: 00007fb5dbf7dff9
[  821.815706][T16266] RDX: 0000000020000040 RSI: 00000000c0145608 RDI: 0000000000000007
[  821.817762][T16266] RBP: 00007fb5db9ff090 R08: 0000000000000000 R09: 0000000000000000
[  821.819682][T16266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  821.821602][T16266] R13: 0000000000000000 R14: 00007fb5dc136058 R15: 00007ffed5845248
[  821.823542][T16266]  </TASK>
[  823.658965][   T35] usb 5-1: new full-speed USB device number 40 using dummy_hcd
[  823.712443][   T12] Bluetooth: Error in BCSP hdr checksum
[  823.811662][   T35] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  823.814633][   T35] usb 5-1: config 0 has no interface number 0
[  823.817151][   T35] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  823.821289][   T35] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  823.825477][   T35] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  823.830868][   T35] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  823.834555][   T35] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  823.839059][   T35] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  823.842243][   T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  823.849231][   T35] usb 5-1: config 0 descriptor??
[  823.860921][   T35] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  823.969476][   T12] Bluetooth: Error in BCSP hdr checksum
[  824.230122][   T45] Bluetooth: Error in BCSP hdr checksum
[  824.491321][  T107] Bluetooth: Error in BCSP hdr checksum
[  824.554884][T16312] futex_wake_op: syz.2.3046 tries to shift op by -1; fix this program
[  824.751446][  T107] Bluetooth: Error in BCSP hdr checksum
[  825.011721][  T107] Bluetooth: Error in BCSP hdr checksum
[  825.279038][  T107] Bluetooth: Error in BCSP hdr checksum
[  825.455541][T16329] FAULT_INJECTION: forcing a failure.
[  825.455541][T16329] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  825.459087][   T68] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  825.461358][T16329] CPU: 2 UID: 0 PID: 16329 Comm: syz.2.3052 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  825.464035][T16329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  825.466775][T16329] Call Trace:
[  825.467656][T16329]  <TASK>
[  825.468703][T16329]  dump_stack_lvl+0x16c/0x1f0
[  825.470093][T16329]  should_fail_ex+0x497/0x5b0
[  825.471242][T16329]  _copy_from_iter+0x2a1/0x1540
[  825.472492][T16329]  ? __pfx__copy_from_iter+0x10/0x10
[  825.473766][T16329]  ? __virt_addr_valid+0x1a4/0x590
[  825.475108][T16329]  ? __virt_addr_valid+0x5e/0x590
[  825.476372][T16329]  ? __phys_addr_symbol+0x30/0x80
[  825.477637][T16329]  ? __check_object_size+0x488/0x710
[  825.479148][T16329]  netlink_sendmsg+0x813/0xd70
[  825.480421][T16329]  ? __pfx_netlink_sendmsg+0x10/0x10
[  825.481850][T16329]  ? __import_iovec+0x1fd/0x6e0
[  825.483173][T16329]  ____sys_sendmsg+0xaaf/0xc90
[  825.484575][T16329]  ? copy_msghdr_from_user+0x10b/0x160
[  825.485946][T16329]  ? __pfx_____sys_sendmsg+0x10/0x10
[  825.487358][T16329]  ? __pfx___lock_acquire+0x10/0x10
[  825.488973][T16329]  ___sys_sendmsg+0x135/0x1e0
[  825.490114][T16329]  ? __pfx____sys_sendmsg+0x10/0x10
[  825.491382][T16329]  ? lock_acquire+0x2f/0xb0
[  825.492592][T16329]  ? __fget_files+0x40/0x3f0
[  825.493764][T16329]  ? fdget+0x176/0x210
[  825.494808][T16329]  __sys_sendmsg+0x117/0x1f0
[  825.495984][T16329]  ? __pfx___sys_sendmsg+0x10/0x10
[  825.497281][T16329]  ? __fget_files+0x244/0x3f0
[  825.498539][T16329]  do_syscall_64+0xcd/0x250
[  825.499634][T16329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.501219][T16329] RIP: 0033:0x7f469677dff9
[  825.502391][T16329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  825.507156][T16329] RSP: 002b:00007f46975af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  825.509330][T16329] RAX: ffffffffffffffda RBX: 00007f4696935f80 RCX: 00007f469677dff9
[  825.511234][T16329] RDX: 0000000004000080 RSI: 00000000200002c0 RDI: 0000000000000004
[  825.513182][T16329] RBP: 00007f46975af090 R08: 0000000000000000 R09: 0000000000000000
[  825.515468][T16329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  825.517484][T16329] R13: 0000000000000000 R14: 00007f4696935f80 R15: 00007fff1cb8d108
[  825.519507][T16329]  </TASK>
[  825.530637][  T107] Bluetooth: Error in BCSP hdr checksum
[  825.789317][  T107] Bluetooth: Error in BCSP hdr checksum
[  826.107991][   T35] usb 5-1: USB disconnect, device number 40
[  826.112646][   T35] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  826.344232][T16345] pimreg: entered allmulticast mode
[  827.701697][T16372] FAULT_INJECTION: forcing a failure.
[  827.701697][T16372] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  827.705427][T16372] CPU: 2 UID: 0 PID: 16372 Comm: syz.2.3063 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  827.709231][T16372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  827.712206][T16372] Call Trace:
[  827.713015][T16372]  <TASK>
[  827.713807][T16372]  dump_stack_lvl+0x16c/0x1f0
[  827.715144][T16372]  should_fail_ex+0x497/0x5b0
[  827.716352][T16372]  _copy_from_user+0x30/0xf0
[  827.717538][T16372]  dev_ethtool+0x150/0x57e0
[  827.718742][T16372]  ? kernel_text_address+0x8d/0x100
[  827.720068][T16372]  ? __kernel_text_address+0xd/0x40
[  827.721387][T16372]  ? unwind_get_return_address+0x59/0xa0
[  827.722738][T16372]  ? arch_stack_walk+0xa7/0x100
[  827.723964][T16372]  ? __pfx_dev_ethtool+0x10/0x10
[  827.725439][T16372]  ? hlock_class+0x4e/0x130
[  827.726986][T16372]  ? hlock_class+0x4e/0x130
[  827.728594][T16372]  ? mark_lock+0xb5/0xc60
[  827.730096][T16372]  ? __pfx_mark_lock+0x10/0x10
[  827.731355][T16372]  ? __pfx_mark_lock+0x10/0x10
[  827.732523][T16372]  ? __pfx___lock_acquire+0x10/0x10
[  827.733852][T16372]  ? kasan_save_stack+0x42/0x60
[  827.735205][T16372]  ? kasan_save_stack+0x33/0x60
[  827.736879][T16372]  ? kasan_save_track+0x14/0x30
[  827.738347][T16372]  ? kasan_save_free_info+0x3b/0x60
[  827.739595][T16372]  ? __kasan_slab_free+0x51/0x70
[  827.740859][T16372]  ? kfree+0x14f/0x4b0
[  827.741876][T16372]  ? hlock_class+0x4e/0x130
[  827.743081][T16372]  ? __lock_acquire+0xbdd/0x3ce0
[  827.744392][T16372]  ? __pfx___lock_acquire+0x10/0x10
[  827.746091][T16372]  ? avc_has_extended_perms+0x902/0xf70
[  827.748045][T16372]  ? find_held_lock+0x2d/0x110
[  827.749802][T16372]  ? dev_load+0x8e/0x240
[  827.750975][T16372]  ? __pfx_lock_release+0x10/0x10
[  827.752201][T16372]  ? trace_lock_acquire+0x14a/0x1d0
[  827.753488][T16372]  ? full_name_hash+0xbc/0x110
[  827.754696][T16372]  dev_ioctl+0x2a2/0x10c0
[  827.755819][T16372]  sock_do_ioctl+0x19e/0x280
[  827.757035][T16372]  ? __pfx_sock_do_ioctl+0x10/0x10
[  827.758312][T16372]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  827.759965][T16372]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  827.761498][T16372]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  827.763248][T16372]  sock_ioctl+0x228/0x6c0
[  827.764418][T16372]  ? __pfx_sock_ioctl+0x10/0x10
[  827.766078][T16372]  ? selinux_file_ioctl+0x180/0x270
[  827.767908][T16372]  ? selinux_file_ioctl+0xb4/0x270
[  827.769664][T16372]  ? __pfx_sock_ioctl+0x10/0x10
[  827.771184][T16372]  __x64_sys_ioctl+0x18f/0x220
[  827.772345][T16372]  do_syscall_64+0xcd/0x250
[  827.773472][T16372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.774911][T16372] RIP: 0033:0x7f469677dff9
[  827.776043][T16372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  827.780737][T16372] RSP: 002b:00007f46975af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  827.782798][T16372] RAX: ffffffffffffffda RBX: 00007f4696935f80 RCX: 00007f469677dff9
[  827.784814][T16372] RDX: 00000000200000c0 RSI: 0000000000008946 RDI: 0000000000000004
[  827.787506][T16372] RBP: 00007f46975af090 R08: 0000000000000000 R09: 0000000000000000
[  827.790288][T16372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  827.792229][T16372] R13: 0000000000000000 R14: 00007f4696935f80 R15: 00007fff1cb8d108
[  827.794182][T16372]  </TASK>
[  827.842169][   T39] audit: type=1400 audit(8172076609.505:762): avc:  denied  { mount } for  pid=16373 comm="syz.2.3064" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  827.954165][T16389] FAULT_INJECTION: forcing a failure.
[  827.954165][T16389] name failslab, interval 1, probability 0, space 0, times 0
[  827.957513][T16389] CPU: 2 UID: 0 PID: 16389 Comm: syz.2.3066 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  827.960517][T16389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  827.963353][T16389] Call Trace:
[  827.964304][T16389]  <TASK>
[  827.965134][T16389]  dump_stack_lvl+0x16c/0x1f0
[  827.966363][T16389]  should_fail_ex+0x497/0x5b0
[  827.967677][T16389]  should_failslab+0xc2/0x120
[  827.968915][T16389]  __kmalloc_cache_noprof+0x6b/0x300
[  827.970262][T16389]  ? __hw_addr_add_ex+0x3c8/0x7c0
[  827.971566][T16389]  ? __pfx_lock_release+0x10/0x10
[  827.972388][   T39] audit: type=1400 audit(8172076609.645:763): avc:  denied  { ioctl } for  pid=16385 comm="syz.0.3067" path="/dev/sg0" dev="devtmpfs" ino=705 ioctlcmd=0x5393 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  827.972861][T16389]  __hw_addr_add_ex+0x3c8/0x7c0
[  827.980422][T16389]  ? __pfx___hw_addr_add_ex+0x10/0x10
[  827.981767][T16389]  ? __mutex_unlock_slowpath+0x164/0x650
[  827.983294][T16389]  dev_addr_init+0x162/0x250
[  827.984523][T16389]  ? __pfx_dev_addr_init+0x10/0x10
[  827.985948][T16389]  alloc_netdev_mqs+0x3c9/0x1420
[  827.987176][T16389]  ? __pfx_can_setup+0x10/0x10
[  827.988547][T16389]  alloc_candev_mqs+0x69/0x490
[  827.989770][T16389]  slcan_open+0x9f/0x530
[  827.990878][T16389]  ? __pfx_slcan_open+0x10/0x10
[  827.992231][T16389]  tty_ldisc_open+0x9c/0x120
[  827.993412][T16389]  tty_set_ldisc+0x318/0x720
[  827.994668][T16389]  tty_ioctl+0xbd0/0x15d0
[  827.995801][T16389]  ? __pfx_tty_ioctl+0x10/0x10
[  827.997014][T16389]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  827.998788][T16389]  ? trace_lock_acquire+0x14a/0x1d0
[  828.000178][T16389]  ? selinux_file_ioctl+0x180/0x270
[  828.001449][T16389]  ? selinux_file_ioctl+0xb4/0x270
[  828.002831][T16389]  ? __pfx_tty_ioctl+0x10/0x10
[  828.004170][T16389]  __x64_sys_ioctl+0x18f/0x220
[  828.005469][T16389]  do_syscall_64+0xcd/0x250
[  828.006706][T16389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.008277][T16389] RIP: 0033:0x7f469677dff9
[  828.009425][T16389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  828.014419][T16389] RSP: 002b:00007f469758e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  828.016557][T16389] RAX: ffffffffffffffda RBX: 00007f4696936058 RCX: 00007f469677dff9
[  828.018602][T16389] RDX: 0000000020000080 RSI: 0000000000005423 RDI: 0000000000000007
[  828.020614][T16389] RBP: 00007f469758e090 R08: 0000000000000000 R09: 0000000000000000
[  828.022592][T16389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  828.024657][T16389] R13: 0000000000000000 R14: 00007f4696936058 R15: 00007fff1cb8d108
[  828.026798][T16389]  </TASK>
[  828.582502][T16400] FAULT_INJECTION: forcing a failure.
[  828.582502][T16400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  828.586105][T16400] CPU: 0 UID: 0 PID: 16400 Comm: syz.1.3071 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  828.588732][T16400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  828.591822][T16400] Call Trace:
[  828.592768][T16400]  <TASK>
[  828.593536][T16400]  dump_stack_lvl+0x16c/0x1f0
[  828.594761][T16400]  should_fail_ex+0x497/0x5b0
[  828.596118][T16400]  _copy_to_user+0x30/0xc0
[  828.597288][T16400]  simple_read_from_buffer+0xd0/0x160
[  828.598733][T16400]  proc_fail_nth_read+0x198/0x270
[  828.600099][T16400]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  828.601708][T16400]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  828.603092][T16400]  vfs_read+0x1ce/0xbd0
[  828.604169][T16400]  ? __fget_files+0x23a/0x3f0
[  828.605328][T16400]  ? fdget_pos+0x24c/0x360
[  828.606448][T16400]  ? __pfx_lock_release+0x10/0x10
[  828.607698][T16400]  ? trace_lock_acquire+0x14a/0x1d0
[  828.609027][T16400]  ? __pfx_vfs_read+0x10/0x10
[  828.610426][T16400]  ? __pfx___mutex_lock+0x10/0x10
[  828.612003][T16400]  ? __fget_files+0x244/0x3f0
[  828.613373][T16400]  ksys_read+0x12f/0x260
[  828.614609][T16400]  ? __pfx_ksys_read+0x10/0x10
[  828.616075][T16400]  do_syscall_64+0xcd/0x250
[  828.617464][T16400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.619141][T16400] RIP: 0033:0x7fb53ed7ca3c
[  828.620442][T16400] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  828.625963][T16400] RSP: 002b:00007fb53fb7a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  828.628184][T16400] RAX: ffffffffffffffda RBX: 00007fb53ef35f80 RCX: 00007fb53ed7ca3c
[  828.630462][T16400] RDX: 000000000000000f RSI: 00007fb53fb7a0a0 RDI: 0000000000000004
[  828.632468][T16400] RBP: 00007fb53fb7a090 R08: 0000000000000000 R09: 0000000000000000
[  828.634420][T16400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  828.636335][T16400] R13: 0000000000000000 R14: 00007fb53ef35f80 R15: 00007ffd53339c38
[  828.638321][T16400]  </TASK>
[  828.752178][   T39] audit: type=1400 audit(8172076610.425:764): avc:  denied  { getopt } for  pid=16407 comm="syz.2.3074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  829.737150][T16422] FAULT_INJECTION: forcing a failure.
[  829.737150][T16422] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  829.741417][T16422] CPU: 2 UID: 0 PID: 16422 Comm: syz.0.3077 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  829.744810][T16422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  829.748079][T16422] Call Trace:
[  829.749049][T16422]  <TASK>
[  829.749889][T16422]  dump_stack_lvl+0x16c/0x1f0
[  829.751562][T16422]  should_fail_ex+0x497/0x5b0
[  829.753291][T16422]  _copy_from_user+0x30/0xf0
[  829.754829][T16422]  binder_ioctl+0x50a/0x6fa0
[  829.756473][T16422]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  829.758151][T16422]  ? __pfx_binder_ioctl+0x10/0x10
[  829.759581][T16422]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  829.761267][T16422]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  829.763053][T16422]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  829.764975][T16422]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  829.766972][T16422]  ? trace_lock_acquire+0x14a/0x1d0
[  829.768557][T16422]  ? selinux_file_ioctl+0x180/0x270
[  829.770344][T16422]  ? selinux_file_ioctl+0xb4/0x270
[  829.772056][T16422]  ? __pfx_binder_ioctl+0x10/0x10
[  829.773451][T16422]  __x64_sys_ioctl+0x18f/0x220
[  829.774869][T16422]  do_syscall_64+0xcd/0x250
[  829.776442][T16422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  829.778403][T16422] RIP: 0033:0x7f142d97dff9
[  829.779660][T16422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  829.785462][T16422] RSP: 002b:00007f142d3de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  829.788114][T16422] RAX: ffffffffffffffda RBX: 00007f142db36058 RCX: 00007f142d97dff9
[  829.790740][T16422] RDX: 0000000020000080 RSI: 00000000c0306201 RDI: 0000000000000003
[  829.793085][T16422] RBP: 00007f142d3de090 R08: 0000000000000000 R09: 0000000000000000
[  829.795432][T16422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  829.798121][T16422] R13: 0000000000000001 R14: 00007f142db36058 R15: 00007ffef318bd78
[  829.800760][T16422]  </TASK>
[  829.802807][T16422] binder: 16419:16422 ioctl c0306201 20000080 returned -14
[  830.682823][T16440] overlayfs: failed to resolve './file0': -2
[  830.686528][ T7091] Bluetooth: hci3: Invalid handle: 0x3065 > 0x0eff
[  830.940369][T16449] sctp: [Deprecated]: syz.3.3085 (pid 16449) Use of int in max_burst socket option deprecated.
[  830.940369][T16449] Use struct sctp_assoc_value instead
[  831.493055][T16471] FAULT_INJECTION: forcing a failure.
[  831.493055][T16471] name failslab, interval 1, probability 0, space 0, times 0
[  831.496868][T16471] CPU: 2 UID: 0 PID: 16471 Comm: syz.3.3090 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  831.500422][T16471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  831.503673][T16471] Call Trace:
[  831.504673][T16471]  <TASK>
[  831.505534][T16471]  dump_stack_lvl+0x16c/0x1f0
[  831.506832][T16471]  should_fail_ex+0x497/0x5b0
[  831.508147][T16471]  ? fs_reclaim_acquire+0xae/0x150
[  831.509640][T16471]  should_failslab+0xc2/0x120
[  831.510954][T16471]  __kmalloc_node_noprof+0xd1/0x430
[  831.512399][T16471]  ? __vmalloc_node_range_noprof+0x3d8/0x15a0
[  831.514086][T16471]  __vmalloc_node_range_noprof+0x3d8/0x15a0
[  831.515720][T16471]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  831.517277][T16471]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  831.519019][T16471]  ? __pfx___lock_acquire+0x10/0x10
[  831.520442][T16471]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  831.521929][T16471]  __vmalloc_noprof+0x6d/0x90
[  831.523177][T16471]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  831.524679][T16471]  bpf_prog_alloc_no_stats+0x54/0x5d0
[  831.526189][T16471]  ? security_capable+0x7e/0x260
[  831.527922][T16471]  bpf_prog_alloc+0x3b/0x230
[  831.529504][T16471]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  831.531455][T16471]  bpf_prog_load+0x159e/0x2660
[  831.532765][T16471]  ? __pfx_bpf_prog_load+0x10/0x10
[  831.534151][T16471]  ? avc_has_perm_noaudit+0x143/0x3a0
[  831.535607][T16471]  ? selinux_bpf+0xde/0x130
[  831.536832][T16471]  __sys_bpf+0x402b/0x49a0
[  831.538062][T16471]  ? ksys_write+0x21e/0x260
[  831.539280][T16471]  ? reacquire_held_locks+0x450/0x4c0
[  831.540726][T16471]  ? __pfx___sys_bpf+0x10/0x10
[  831.542001][T16471]  ? vfs_write+0x14d/0x1140
[  831.543221][T16471]  ? __mutex_unlock_slowpath+0x164/0x650
[  831.544731][T16471]  ? fput+0x30/0x390
[  831.545784][T16471]  ? ksys_write+0x1ad/0x260
[  831.547002][T16471]  ? __pfx_ksys_write+0x10/0x10
[  831.548356][T16471]  __x64_sys_bpf+0x78/0xc0
[  831.549555][T16471]  ? lockdep_hardirqs_on+0x7c/0x110
[  831.550943][T16471]  do_syscall_64+0xcd/0x250
[  831.552178][T16471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.553765][T16471] RIP: 0033:0x7fb5dbf7dff9
[  831.555090][T16471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  831.560563][T16471] RSP: 002b:00007fb5dcca2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  831.562943][T16471] RAX: ffffffffffffffda RBX: 00007fb5dc135f80 RCX: 00007fb5dbf7dff9
[  831.565032][T16471] RDX: 0000000000000094 RSI: 0000000020000840 RDI: 0000000000000005
[  831.567108][T16471] RBP: 00007fb5dcca2090 R08: 0000000000000000 R09: 0000000000000000
[  831.569258][T16471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  831.571433][T16471] R13: 0000000000000000 R14: 00007fb5dc135f80 R15: 00007ffed5845248
[  831.573762][T16471]  </TASK>
[  831.579100][T16471] syz.3.3090: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  831.584061][T16471] CPU: 3 UID: 0 PID: 16471 Comm: syz.3.3090 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  831.586892][T16471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  831.589907][T16471] Call Trace:
[  831.590842][T16471]  <TASK>
[  831.591678][T16471]  dump_stack_lvl+0x16c/0x1f0
[  831.593186][T16471]  warn_alloc+0x24d/0x3a0
[  831.593237][   T39] audit: type=1326 audit(8172076613.265:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16464 comm="syz.2.3089" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f469677dff9 code=0x0
[  831.594344][T16471]  ? __pfx_warn_alloc+0x10/0x10
[  831.594360][T16471]  ? dump_stack_lvl+0x197/0x1f0
[  831.594375][T16471]  ? dump_stack_lvl+0x1a1/0x1f0
[  831.594392][T16471]  ? should_fail_ex+0x2de/0x5b0
[  831.594404][T16471]  ? rcu_is_watching+0x12/0xc0
[  831.608336][T16471]  ? trace_kmalloc+0x2d/0xe0
[  831.609652][T16471]  ? __kmalloc_node_noprof+0x22f/0x430
[  831.611106][T16471]  __vmalloc_node_range_noprof+0x114a/0x15a0
[  831.612779][T16471]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  831.614313][T16471]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  831.616072][T16471]  ? __pfx___lock_acquire+0x10/0x10
[  831.617495][T16471]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  831.619052][T16471]  __vmalloc_noprof+0x6d/0x90
[  831.620541][T16471]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  831.622205][T16471]  bpf_prog_alloc_no_stats+0x54/0x5d0
[  831.623939][T16471]  ? security_capable+0x7e/0x260
[  831.625391][T16471]  bpf_prog_alloc+0x3b/0x230
[  831.626745][T16471]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  831.628860][T16471]  bpf_prog_load+0x159e/0x2660
[  831.630652][T16471]  ? __pfx_bpf_prog_load+0x10/0x10
[  831.632446][T16471]  ? avc_has_perm_noaudit+0x143/0x3a0
[  831.634419][T16471]  ? selinux_bpf+0xde/0x130
[  831.636064][T16471]  __sys_bpf+0x402b/0x49a0
[  831.637648][T16471]  ? ksys_write+0x21e/0x260
[  831.639282][T16471]  ? reacquire_held_locks+0x450/0x4c0
[  831.641246][T16471]  ? __pfx___sys_bpf+0x10/0x10
[  831.642861][T16471]  ? vfs_write+0x14d/0x1140
[  831.644601][T16471]  ? __mutex_unlock_slowpath+0x164/0x650
[  831.646715][T16471]  ? fput+0x30/0x390
[  831.648267][T16471]  ? ksys_write+0x1ad/0x260
[  831.650034][T16471]  ? __pfx_ksys_write+0x10/0x10
[  831.651954][T16471]  __x64_sys_bpf+0x78/0xc0
[  831.653676][T16471]  ? lockdep_hardirqs_on+0x7c/0x110
[  831.655896][T16471]  do_syscall_64+0xcd/0x250
[  831.657728][T16471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.660058][T16471] RIP: 0033:0x7fb5dbf7dff9
[  831.661902][T16471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  831.667764][T16471] RSP: 002b:00007fb5dcca2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  831.670132][T16471] RAX: ffffffffffffffda RBX: 00007fb5dc135f80 RCX: 00007fb5dbf7dff9
[  831.672368][T16471] RDX: 0000000000000094 RSI: 0000000020000840 RDI: 0000000000000005
[  831.674557][T16471] RBP: 00007fb5dcca2090 R08: 0000000000000000 R09: 0000000000000000
[  831.676777][T16471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  831.679072][T16471] R13: 0000000000000000 R14: 00007fb5dc135f80 R15: 00007ffed5845248
[  831.681383][T16471]  </TASK>
[  831.683058][T16471] Mem-Info:
[  831.683969][T16471] active_anon:1909 inactive_anon:3643 isolated_anon:0
[  831.683969][T16471]  active_file:5128 inactive_file:51976 isolated_file:0
[  831.683969][T16471]  unevictable:1768 dirty:302 writeback:0
[  831.683969][T16471]  slab_reclaimable:6681 slab_unreclaimable:76106
[  831.683969][T16471]  mapped:19229 shmem:2270 pagetables:761
[  831.683969][T16471]  sec_pagetables:324 bounce:0
[  831.683969][T16471]  kernel_misc_reclaimable:0
[  831.683969][T16471]  free:479019 free_pcp:5585 free_cma:0
[  831.695609][T16471] Node 0 active_anon:7636kB inactive_anon:14572kB active_file:20492kB inactive_file:207904kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:76916kB dirty:1200kB writeback:0kB shmem:5544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11504kB pagetables:3044kB sec_pagetables:1296kB all_unreclaimable? yes
[  831.706586][T16471] Node 1 active_anon:0kB inactive_anon:0kB active_file:20kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? yes
[  831.718281][T16471] Node 0 DMA free:14924kB boost:2048kB min:2388kB low:2472kB high:2556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:12kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:292kB local_pcp:104kB free_cma:0kB
[  831.730687][T16471] lowmem_reserve[]: 0 1214 0 0 0
[  831.732749][T16471] Node 0 DMA32 free:306560kB boost:62176kB min:89812kB low:96720kB high:103628kB reserved_highatomic:14336KB active_anon:7636kB inactive_anon:14572kB active_file:20488kB inactive_file:207892kB unevictable:3536kB writepending:1204kB present:2080628kB managed:1272188kB mlocked:0kB bounce:0kB free_pcp:7408kB local_pcp:556kB free_cma:0kB
[  831.744809][T16471] lowmem_reserve[]: 0 0 0 0 0
[  831.746503][T16471] Node 1 Normal free:1605396kB boost:0kB min:39600kB low:49500kB high:59400kB reserved_highatomic:10240KB active_anon:0kB inactive_anon:0kB active_file:20kB inactive_file:0kB unevictable:3536kB writepending:8kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:4260kB local_pcp:0kB free_cma:0kB
[  831.757492][T16471] lowmem_reserve[]: 0 0 0 0 0
[  831.759323][T16471] Node 0 DMA: 9*4kB (M) 13*8kB (M) 16*16kB (UM) 16*32kB (UM) 17*64kB (UM) 15*128kB (UM) 11*256kB (UM) 10*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 14924kB
[  831.765075][T16471] Node 0 DMA32: 898*4kB (UMEH) 1875*8kB (UMEH) 1430*16kB (UMEH) 692*32kB (UMEH) 959*64kB (UMEH) 698*128kB (UMEH) 82*256kB (UMH) 17*512kB (UMH) 13*1024kB (UMH) 10*2048kB (UMH) 7*4096kB (UM) = 306496kB
[  831.771301][T16471] Node 1 Normal: 31*4kB (UME) 81*8kB (UME) 115*16kB (UME) 209*32kB (UMEH) 163*64kB (UMEH) 114*128kB (UMEH) 77*256kB (UMEH) 74*512kB (UMEH) 62*1024kB (UEH) 46*2048kB (UMH) 331*4096kB (UMH) = 1605396kB
[  831.776860][T16471] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  831.780451][T16471] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  831.782986][T16471] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  831.786546][T16471] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  831.790132][T16471] 59375 total pagecache pages
[  831.791876][T16471] 0 pages in swap cache
[  831.793357][T16471] Free swap  = 123976kB
[  831.794900][T16471] Total swap = 124996kB
[  831.796614][T16471] 1048443 pages RAM
[  831.798106][T16471] 0 pages HighMem/MovableOnly
[  831.800082][T16471] 281075 pages reserved
[  831.801722][T16471] 0 pages cma reserved
[  831.808986][   T35] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  831.966884][   T35] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  831.971295][   T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  831.975415][   T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  831.978353][   T35] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  831.984246][   T35] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  831.987333][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.991232][   T35] usb 6-1: config 0 descriptor??
[  831.993481][T16477] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  832.150725][T16484] FAULT_INJECTION: forcing a failure.
[  832.150725][T16484] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  832.154959][T16484] CPU: 2 UID: 0 PID: 16484 Comm: syz.3.3095 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  832.157797][T16484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  832.160649][T16484] Call Trace:
[  832.161547][T16484]  <TASK>
[  832.162346][T16484]  dump_stack_lvl+0x16c/0x1f0
[  832.163644][T16484]  should_fail_ex+0x497/0x5b0
[  832.164913][T16484]  _copy_from_user+0x30/0xf0
[  832.166152][T16484]  move_addr_to_kernel+0x68/0x160
[  832.167502][T16484]  __copy_msghdr+0x386/0x470
[  832.168766][T16484]  copy_msghdr_from_user+0xc2/0x160
[  832.170233][T16484]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  832.171781][T16484]  ? __pfx___lock_acquire+0x10/0x10
[  832.173173][T16484]  ___sys_sendmsg+0xff/0x1e0
[  832.174411][T16484]  ? __pfx____sys_sendmsg+0x10/0x10
[  832.175799][T16484]  ? lock_acquire+0x2f/0xb0
[  832.177028][T16484]  ? __fget_files+0x40/0x3f0
[  832.178279][T16484]  ? fdget+0x176/0x210
[  832.179382][T16484]  __sys_sendmmsg+0x1a1/0x450
[  832.180656][T16484]  ? __pfx___sys_sendmmsg+0x10/0x10
[  832.182031][T16484]  ? vfs_write+0x14d/0x1140
[  832.183255][T16484]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  832.184862][T16484]  ? fput+0x30/0x390
[  832.185902][T16484]  ? ksys_write+0x1ad/0x260
[  832.187117][T16484]  ? __pfx_ksys_write+0x10/0x10
[  832.188416][T16484]  __x64_sys_sendmmsg+0x9c/0x100
[  832.189741][T16484]  ? lockdep_hardirqs_on+0x7c/0x110
[  832.191129][T16484]  do_syscall_64+0xcd/0x250
[  832.192345][T16484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.193900][T16484] RIP: 0033:0x7fb5dbf7dff9
[  832.195078][T16484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  832.200227][T16484] RSP: 002b:00007fb5dcca2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  832.202398][T16484] RAX: ffffffffffffffda RBX: 00007fb5dc135f80 RCX: 00007fb5dbf7dff9
[  832.204489][T16484] RDX: 0000000000000001 RSI: 0000000020000440 RDI: 0000000000000008
[  832.206522][T16484] RBP: 00007fb5dcca2090 R08: 0000000000000000 R09: 0000000000000000
[  832.208663][T16484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  832.210678][T16484] R13: 0000000000000000 R14: 00007fb5dc135f80 R15: 00007ffed5845248
[  832.212721][T16484]  </TASK>
[  832.933783][   T35] usbhid 6-1:0.0: can't add hid device: -71
[  832.936707][   T35] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  832.965255][   T35] usb 6-1: USB disconnect, device number 40
[  833.091795][T16516] syz.0.3102: attempt to access beyond end of device
[  833.091795][T16516] nbd0: rw=0, sector=1, nr_sectors = 1 limit=0
[  833.095265][T16516] VFS: unable to read V7 FS superblock on device nbd0.
[  833.097034][T16516] VFS: could not find a valid V7 on nbd0.
[  833.313242][T16524] netlink: 'syz.2.3103': attribute type 1 has an invalid length.
[  833.814464][T16541] pimreg: entered allmulticast mode
[  834.087790][   T39] audit: type=1400 audit(8172076615.755:766): avc:  denied  { read } for  pid=16550 comm="syz.2.3113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  834.576624][   T39] audit: type=1400 audit(8172076616.245:767): avc:  denied  { getopt } for  pid=16561 comm="syz.3.3117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  834.579184][T16562] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3117'.
[  834.606588][T16564] FAULT_INJECTION: forcing a failure.
[  834.606588][T16564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  834.614526][T16564] CPU: 2 UID: 0 PID: 16564 Comm: syz.3.3118 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  834.618016][T16564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  834.621615][T16564] Call Trace:
[  834.622750][T16564]  <TASK>
[  834.623754][T16564]  dump_stack_lvl+0x16c/0x1f0
[  834.625382][T16564]  should_fail_ex+0x497/0x5b0
[  834.626983][T16564]  _copy_to_user+0x30/0xc0
[  834.628522][T16564]  simple_read_from_buffer+0xd0/0x160
[  834.630336][T16564]  proc_fail_nth_read+0x198/0x270
[  834.632047][T16564]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  834.633915][T16564]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  834.635772][T16564]  vfs_read+0x1ce/0xbd0
[  834.637305][T16564]  ? __fget_files+0x23a/0x3f0
[  834.639067][T16564]  ? fdget_pos+0x24c/0x360
[  834.640749][T16564]  ? __pfx_lock_release+0x10/0x10
[  834.642605][T16564]  ? trace_lock_acquire+0x14a/0x1d0
[  834.644528][T16564]  ? __pfx_vfs_read+0x10/0x10
[  834.646283][T16564]  ? __pfx___mutex_lock+0x10/0x10
[  834.648169][T16564]  ? __fget_files+0x244/0x3f0
[  834.649944][T16564]  ksys_read+0x12f/0x260
[  834.651534][T16564]  ? __pfx_ksys_read+0x10/0x10
[  834.653340][T16564]  do_syscall_64+0xcd/0x250
[  834.655047][T16564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.657244][T16564] RIP: 0033:0x7fb5dbf7ca3c
[  834.658905][T16564] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  834.665906][T16564] RSP: 002b:00007fb5dcca2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  834.668979][T16564] RAX: ffffffffffffffda RBX: 00007fb5dc135f80 RCX: 00007fb5dbf7ca3c
[  834.671878][T16564] RDX: 000000000000000f RSI: 00007fb5dcca20a0 RDI: 0000000000000004
[  834.674772][T16564] RBP: 00007fb5dcca2090 R08: 0000000000000000 R09: 0000000000000000
[  834.677673][T16564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  834.680563][T16564] R13: 0000000000000000 R14: 00007fb5dc135f80 R15: 00007ffed5845248
[  834.683481][T16564]  </TASK>
[  834.724676][T16569] FAULT_INJECTION: forcing a failure.
[  834.724676][T16569] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  834.733735][T16569] CPU: 3 UID: 0 PID: 16569 Comm: syz.3.3119 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  834.736517][T16569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  834.739280][T16569] Call Trace:
[  834.740176][T16569]  <TASK>
[  834.740962][T16569]  dump_stack_lvl+0x16c/0x1f0
[  834.742214][T16569]  should_fail_ex+0x497/0x5b0
[  834.743467][T16569]  _copy_to_user+0x30/0xc0
[  834.744658][T16569]  copy_siginfo_to_user+0x23/0xc0
[  834.746119][T16569]  x64_setup_rt_frame+0x7ff/0xce0
[  834.747443][T16569]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  834.748912][T16569]  ? __pfx_do_timer_settime+0x10/0x10
[  834.750542][T16569]  arch_do_signal_or_restart+0x5e6/0x7e0
[  834.752131][T16569]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  834.753747][T16569]  ? ksys_write+0x1ad/0x260
[  834.755116][T16569]  syscall_exit_to_user_mode+0x150/0x2a0
[  834.756631][T16569]  do_syscall_64+0xda/0x250
[  834.757855][T16569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.759394][T16569] RIP: 0033:0x7fb5dbf7dff9
[  834.760545][T16569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  834.765425][T16569] RSP: 002b:00007fb5dcca2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  834.767742][T16569] RAX: 0000000000000000 RBX: 00007fb5dc135f80 RCX: 00007fb5dbf7dff9
[  834.769913][T16569] RDX: 000000002006b000 RSI: 0000000000000000 RDI: 0000000000000000
[  834.772119][T16569] RBP: 00007fb5dcca2090 R08: 0000000000000000 R09: 0000000000000000
[  834.774183][T16569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  834.776262][T16569] R13: 0000000000000000 R14: 00007fb5dc135f80 R15: 00007ffed5845248
[  834.778343][T16569]  </TASK>
[  834.779243][    C3] vkms_vblank_simulate: vblank timer overrun
[  835.808918][   T35] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  835.970687][   T35] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  835.973958][   T35] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  835.977541][   T35] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  835.984109][   T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  835.990430][   T35] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  835.992863][   T35] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  835.994968][   T35] usb 6-1: Product: syz
[  835.996069][   T35] usb 6-1: Manufacturer: syz
[  836.006871][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  836.008362][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  836.011832][   T35] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  836.013978][   T35] cdc_wdm 6-1:1.0: Unknown control protocol
[  836.211669][   T35] usb 6-1: USB disconnect, device number 41
[  837.015690][T16628] FAULT_INJECTION: forcing a failure.
[  837.015690][T16628] name failslab, interval 1, probability 0, space 0, times 0
[  837.019300][T16628] CPU: 3 UID: 0 PID: 16628 Comm: syz.0.3136 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  837.022108][T16628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  837.024914][T16628] Call Trace:
[  837.025803][T16628]  <TASK>
[  837.026591][T16628]  dump_stack_lvl+0x16c/0x1f0
[  837.027881][T16628]  should_fail_ex+0x497/0x5b0
[  837.029172][T16628]  should_failslab+0xc2/0x120
[  837.030410][T16628]  __kmalloc_noprof+0xcb/0x400
[  837.031678][T16628]  ___neigh_create+0x152b/0x2ac0
[  837.033009][T16628]  ? __pfx____neigh_create+0x10/0x10
[  837.034406][T16628]  ip6_finish_output2+0x121c/0x1a50
[  837.035807][T16628]  ip6_finish_output+0x3f9/0x1300
[  837.037156][T16628]  ip6_output+0x1f8/0x540
[  837.038306][T16628]  ? __pfx_ip6_output+0x10/0x10
[  837.039595][T16628]  ip6_local_out+0xcd/0x4a0
[  837.040822][T16628]  ip6_send_skb+0x112/0x460
[  837.042048][T16628]  udp_v6_send_skb+0x906/0x1820
[  837.043343][T16628]  udpv6_sendmsg+0x253e/0x3030
[  837.044655][T16628]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  837.046133][T16628]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  837.047500][T16628]  ? avc_has_perm_noaudit+0x143/0x3a0
[  837.048944][T16628]  ? avc_has_perm+0x11b/0x1c0
[  837.050201][T16628]  ? __pfx_mark_lock+0x10/0x10
[  837.051469][T16628]  ? find_held_lock+0x2d/0x110
[  837.052752][T16628]  ? __import_iovec+0x1fd/0x6e0
[  837.054030][T16628]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  837.055368][T16628]  ? inet6_sendmsg+0x105/0x140
[  837.056717][T16628]  inet6_sendmsg+0x105/0x140
[  837.057943][T16628]  ____sys_sendmsg+0x68c/0xc90
[  837.059209][T16628]  ? copy_msghdr_from_user+0x10b/0x160
[  837.060649][T16628]  ? __pfx_____sys_sendmsg+0x10/0x10
[  837.062038][T16628]  ? __pfx___lock_acquire+0x10/0x10
[  837.063372][T16628]  ___sys_sendmsg+0x135/0x1e0
[  837.064543][T16628]  ? __pfx____sys_sendmsg+0x10/0x10
[  837.065905][T16628]  ? lock_acquire+0x2f/0xb0
[  837.067138][T16628]  ? __fget_files+0x40/0x3f0
[  837.068382][T16628]  ? fdget+0x176/0x210
[  837.069466][T16628]  __sys_sendmmsg+0x1a1/0x450
[  837.070710][T16628]  ? __pfx___sys_sendmmsg+0x10/0x10
[  837.072084][T16628]  ? vfs_write+0x14d/0x1140
[  837.073293][T16628]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  837.074872][T16628]  ? fput+0x30/0x390
[  837.075932][T16628]  ? ksys_write+0x1ad/0x260
[  837.077144][T16628]  ? __pfx_ksys_write+0x10/0x10
[  837.078436][T16628]  __x64_sys_sendmmsg+0x9c/0x100
[  837.079749][T16628]  ? lockdep_hardirqs_on+0x7c/0x110
[  837.081127][T16628]  do_syscall_64+0xcd/0x250
[  837.082329][T16628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.083898][T16628] RIP: 0033:0x7f142d97dff9
[  837.085078][T16628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  837.090085][T16628] RSP: 002b:00007f142d3ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  837.092263][T16628] RAX: ffffffffffffffda RBX: 00007f142db35f80 RCX: 00007f142d97dff9
[  837.094327][T16628] RDX: 0000000000000002 RSI: 0000000020000d00 RDI: 0000000000000003
[  837.096402][T16628] RBP: 00007f142d3ff090 R08: 0000000000000000 R09: 0000000000000000
[  837.098416][T16628] R10: 0000000000040800 R11: 0000000000000246 R12: 0000000000000001
[  837.100491][T16628] R13: 0000000000000000 R14: 00007f142db35f80 R15: 00007ffef318bd78
[  837.102569][T16628]  </TASK>
[  837.103597][    C3] vkms_vblank_simulate: vblank timer overrun
[  837.122322][T16629] overlayfs: failed to resolve './file0': -2
[  838.326849][T16646] FAULT_INJECTION: forcing a failure.
[  838.326849][T16646] name failslab, interval 1, probability 0, space 0, times 0
[  838.330749][T16646] CPU: 0 UID: 0 PID: 16646 Comm: syz.1.3141 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  838.333556][T16646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  838.336374][T16646] Call Trace:
[  838.337268][T16646]  <TASK>
[  838.338057][T16646]  dump_stack_lvl+0x16c/0x1f0
[  838.339324][T16646]  should_fail_ex+0x497/0x5b0
[  838.341560][T16646]  ? fs_reclaim_acquire+0xae/0x150
[  838.343827][T16646]  should_failslab+0xc2/0x120
[  838.345173][T16646]  __kmalloc_noprof+0xcb/0x400
[  838.346520][T16646]  io_alloc_async_data+0x9d/0x150
[  838.347890][T16646]  io_msg_alloc_async+0x82/0x390
[  838.349184][T16646]  io_connect_prep+0x228/0x350
[  838.350520][T16646]  io_submit_sqes+0x8aa/0x2530
[  838.352109][T16646]  __do_sys_io_uring_enter+0xc0f/0x1170
[  838.353545][T16646]  ? __fget_files+0x244/0x3f0
[  838.354856][T16646]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  838.356460][T16646]  ? fput+0x30/0x390
[  838.357484][T16646]  ? ksys_write+0x1ad/0x260
[  838.358700][T16646]  ? __pfx_ksys_write+0x10/0x10
[  838.360069][T16646]  do_syscall_64+0xcd/0x250
[  838.361297][T16646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.362878][T16646] RIP: 0033:0x7fb53ed7dff9
[  838.364081][T16646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  838.369136][T16646] RSP: 002b:00007fb53fb7a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  838.371333][T16646] RAX: ffffffffffffffda RBX: 00007fb53ef35f80 RCX: 00007fb53ed7dff9
[  838.373414][T16646] RDX: 0000000000000000 RSI: 000000000000291c RDI: 0000000000000003
[  838.375488][T16646] RBP: 00007fb53fb7a090 R08: 0000000000000000 R09: 0000000000000000
[  838.377838][T16646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  838.379937][T16646] R13: 0000000000000000 R14: 00007fb53ef35f80 R15: 00007ffd53339c38
[  838.382036][T16646]  </TASK>
[  838.428960][T16653] FAULT_INJECTION: forcing a failure.
[  838.428960][T16653] name failslab, interval 1, probability 0, space 0, times 0
[  838.432836][T16653] CPU: 3 UID: 0 PID: 16653 Comm: syz.1.3144 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  838.435552][T16653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  838.438633][T16653] Call Trace:
[  838.439642][T16653]  <TASK>
[  838.440591][T16653]  dump_stack_lvl+0x16c/0x1f0
[  838.441858][T16653]  should_fail_ex+0x497/0x5b0
[  838.443102][T16653]  ? fs_reclaim_acquire+0xae/0x150
[  838.444548][T16653]  should_failslab+0xc2/0x120
[  838.445791][T16653]  kmem_cache_alloc_node_noprof+0x71/0x310
[  838.447321][T16653]  ? __alloc_skb+0x2b1/0x380
[  838.448568][T16653]  __alloc_skb+0x2b1/0x380
[  838.449746][T16653]  ? __pfx___alloc_skb+0x10/0x10
[  838.451080][T16653]  ? hlock_class+0x4e/0x130
[  838.452643][T16653]  ? mark_lock+0xb5/0xc60
[  838.453877][T16653]  ? __pfx_mark_lock+0x10/0x10
[  838.455129][T16653]  alloc_skb_with_frags+0xe4/0x850
[  838.456828][T16653]  sock_alloc_send_pskb+0x7f1/0x980
[  838.458317][T16653]  ? __pfx_mark_lock+0x10/0x10
[  838.459605][T16653]  ? __lock_acquire+0xbdd/0x3ce0
[  838.460946][T16653]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  838.462438][T16653]  ? __pfx___lock_acquire+0x10/0x10
[  838.463825][T16653]  __ip6_append_data.isra.0+0x2a33/0x4540
[  838.465315][T16653]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  838.466759][T16653]  ? __pfx___ip6_append_data.isra.0+0x10/0x10
[  838.468361][T16653]  ? ip6_mtu+0x231/0x4a0
[  838.469487][T16653]  ? ip6_setup_cork+0xbdc/0x1370
[  838.470801][T16653]  ip6_make_skb+0x30b/0x4e0
[  838.472017][T16653]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  838.473471][T16653]  ? __pfx_ip6_make_skb+0x10/0x10
[  838.474797][T16653]  ? find_held_lock+0x2d/0x110
[  838.476082][T16653]  ? udpv6_sendmsg+0x24f2/0x3030
[  838.477387][T16653]  udpv6_sendmsg+0x24f2/0x3030
[  838.478653][T16653]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  838.480130][T16653]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  838.481493][T16653]  ? avc_has_perm_noaudit+0x143/0x3a0
[  838.482910][T16653]  ? avc_has_perm+0x11b/0x1c0
[  838.484170][T16653]  ? __might_fault+0xe3/0x190
[  838.485404][T16653]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  838.486744][T16653]  ? inet6_sendmsg+0x105/0x140
[  838.488019][T16653]  inet6_sendmsg+0x105/0x140
[  838.489240][T16653]  ____sys_sendmsg+0x68c/0xc90
[  838.490497][T16653]  ? __pfx_____sys_sendmsg+0x10/0x10
[  838.491898][T16653]  ? __pfx___lock_acquire+0x10/0x10
[  838.493265][T16653]  ___sys_sendmsg+0x135/0x1e0
[  838.494504][T16653]  ? __pfx____sys_sendmsg+0x10/0x10
[  838.496034][T16653]  ? lock_acquire+0x2f/0xb0
[  838.497239][T16653]  ? __fget_files+0x40/0x3f0
[  838.498477][T16653]  ? fdget+0x176/0x210
[  838.499578][T16653]  __sys_sendmmsg+0x1a1/0x450
[  838.500846][T16653]  ? __pfx___sys_sendmmsg+0x10/0x10
[  838.502217][T16653]  ? vfs_write+0x14d/0x1140
[  838.503437][T16653]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  838.505035][T16653]  ? fput+0x30/0x390
[  838.506072][T16653]  ? ksys_write+0x1ad/0x260
[  838.507283][T16653]  ? __pfx_ksys_write+0x10/0x10
[  838.508594][T16653]  __x64_sys_sendmmsg+0x9c/0x100
[  838.509891][T16653]  ? lockdep_hardirqs_on+0x7c/0x110
[  838.511265][T16653]  do_syscall_64+0xcd/0x250
[  838.512474][T16653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.514025][T16653] RIP: 0033:0x7fb53ed7dff9
[  838.515199][T16653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  838.520206][T16653] RSP: 002b:00007fb53fb7a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  838.522372][T16653] RAX: ffffffffffffffda RBX: 00007fb53ef35f80 RCX: 00007fb53ed7dff9
[  838.524436][T16653] RDX: 0000000000000001 RSI: 0000000020000d00 RDI: 0000000000000003
[  838.526487][T16653] RBP: 00007fb53fb7a090 R08: 0000000000000000 R09: 0000000000000000
[  838.528583][T16653] R10: 0000000000040800 R11: 0000000000000246 R12: 0000000000000001
[  838.530658][T16653] R13: 0000000000000000 R14: 00007fb53ef35f80 R15: 00007ffd53339c38
[  838.532736][T16653]  </TASK>
[  839.071058][   T39] audit: type=1400 audit(8172076620.745:768): avc:  denied  { map } for  pid=16664 comm="syz.3.3148" path="socket:[54894]" dev="sockfs" ino=54894 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  840.252935][T16690] FAULT_INJECTION: forcing a failure.
[  840.252935][T16690] name failslab, interval 1, probability 0, space 0, times 0
[  840.256395][T16690] CPU: 0 UID: 0 PID: 16690 Comm: syz.3.3154 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  840.259226][T16690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  840.262052][T16690] Call Trace:
[  840.262949][T16690]  <TASK>
[  840.263758][T16690]  dump_stack_lvl+0x16c/0x1f0
[  840.265027][T16690]  should_fail_ex+0x497/0x5b0
[  840.266281][T16690]  ? fs_reclaim_acquire+0xae/0x150
[  840.267672][T16690]  should_failslab+0xc2/0x120
[  840.268940][T16690]  kmem_cache_alloc_node_noprof+0x71/0x310
[  840.270487][T16690]  ? __alloc_skb+0x2b1/0x380
[  840.271728][T16690]  __alloc_skb+0x2b1/0x380
[  840.272939][T16690]  ? __pfx___alloc_skb+0x10/0x10
[  840.274266][T16690]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  840.275873][T16690]  netlink_alloc_large_skb+0x69/0x130
[  840.277307][T16690]  netlink_sendmsg+0x689/0xd70
[  840.278594][T16690]  ? __pfx_netlink_sendmsg+0x10/0x10
[  840.280005][T16690]  ? __import_iovec+0x1fd/0x6e0
[  840.281306][T16690]  ____sys_sendmsg+0xaaf/0xc90
[  840.282586][T16690]  ? copy_msghdr_from_user+0x10b/0x160
[  840.284048][T16690]  ? __pfx_____sys_sendmsg+0x10/0x10
[  840.285455][T16690]  ? __pfx___lock_acquire+0x10/0x10
[  840.286853][T16690]  ___sys_sendmsg+0x135/0x1e0
[  840.288254][T16690]  ? __pfx____sys_sendmsg+0x10/0x10
[  840.289850][T16690]  ? lock_acquire+0x2f/0xb0
[  840.291096][T16690]  ? __fget_files+0x40/0x3f0
[  840.292375][T16690]  ? fdget+0x176/0x210
[  840.293492][T16690]  __sys_sendmsg+0x117/0x1f0
[  840.294756][T16690]  ? __pfx___sys_sendmsg+0x10/0x10
[  840.296180][T16690]  ? __fget_files+0x244/0x3f0
[  840.297731][T16690]  do_syscall_64+0xcd/0x250
[  840.299379][T16690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.301560][T16690] RIP: 0033:0x7fb5dbf7dff9
[  840.303153][T16690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  840.309904][T16690] RSP: 002b:00007fb5dcca2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  840.312840][T16690] RAX: ffffffffffffffda RBX: 00007fb5dc135f80 RCX: 00007fb5dbf7dff9
[  840.315027][T16690] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000009
[  840.317590][T16690] RBP: 00007fb5dcca2090 R08: 0000000000000000 R09: 0000000000000000
[  840.319895][T16690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  840.322046][T16690] R13: 0000000000000000 R14: 00007fb5dc135f80 R15: 00007ffed5845248
[  840.324208][T16690]  </TASK>
[  840.339316][T16690] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3154'.
[  840.341974][T16690] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3154'.
[  840.639367][   T39] audit: type=1326 audit(8172076622.305:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16694 comm="syz.3.3155" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5dbf7dff9 code=0x0
[  841.164442][   T68] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  841.168204][   T68] CPU: 3 UID: 0 PID: 68 Comm: kworker/u33:0 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  841.172256][   T68] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  841.176254][   T68] Workqueue: hci3 hci_rx_work
[  841.178046][   T68] Call Trace:
[  841.179314][   T68]  <TASK>
[  841.180470][   T68]  dump_stack_lvl+0x16c/0x1f0
[  841.182306][   T68]  sysfs_warn_dup+0x7f/0xa0
[  841.184224][   T68]  sysfs_create_dir_ns+0x24d/0x2b0
[  841.186211][   T68]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  841.188388][   T68]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  841.190409][   T68]  ? kobject_add_internal+0x12d/0x990
[  841.192488][   T68]  ? do_raw_spin_unlock+0x172/0x230
[  841.194499][   T68]  kobject_add_internal+0x2c8/0x990
[  841.196595][   T68]  kobject_add+0x16f/0x240
[  841.198281][   T68]  ? __pfx_kobject_add+0x10/0x10
[  841.200209][   T68]  ? class_to_subsys+0x3e/0x160
[  841.202106][   T68]  ? do_raw_spin_unlock+0x172/0x230
[  841.204040][   T68]  ? kobject_put+0xab/0x5a0
[  841.205240][   T68]  device_add+0x289/0x1a70
[  841.206520][   T68]  ? __pfx_dev_set_name+0x10/0x10
[  841.208196][   T68]  ? __pfx_device_add+0x10/0x10
[  841.209955][   T68]  ? mgmt_send_event_skb+0x2f2/0x460
[  841.211720][   T68]  hci_conn_add_sysfs+0x17e/0x230
[  841.213275][   T68]  le_conn_complete_evt+0x1078/0x1d80
[  841.214771][   T68]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  841.216503][   T68]  ? trace_contention_end+0xea/0x140
[  841.218134][   T68]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  841.219884][   T68]  ? skb_pull_data+0x166/0x210
[  841.221545][   T68]  hci_le_meta_evt+0x2e2/0x5d0
[  841.223139][   T68]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  841.225117][   T68]  hci_event_packet+0x666/0x1180
[  841.226721][   T68]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  841.228431][   T68]  ? __pfx_hci_event_packet+0x10/0x10
[  841.229917][   T68]  ? mark_held_locks+0x9f/0xe0
[  841.231361][   T68]  ? kcov_remote_start+0x3cf/0x6e0
[  841.232911][   T68]  ? lockdep_hardirqs_on+0x7c/0x110
[  841.234602][   T68]  hci_rx_work+0x2c6/0x16c0
[  841.236001][   T68]  ? lock_acquire+0x2f/0xb0
[  841.237481][   T68]  ? process_one_work+0x921/0x1ba0
[  841.239143][   T68]  process_one_work+0x9c5/0x1ba0
[  841.240797][   T68]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  841.242704][   T68]  ? __pfx_process_one_work+0x10/0x10
[  841.244048][T16714] fuseblk: Bad value for 'group_id'
[  841.244397][   T68]  ? assign_work+0x1a0/0x250
[  841.245877][T16714] fuseblk: Bad value for 'group_id'
[  841.247323][   T68]  worker_thread+0x6c8/0xf00
[  841.247353][   T68]  ? __pfx_worker_thread+0x10/0x10
[  841.247365][   T68]  kthread+0x2c1/0x3a0
[  841.253084][   T68]  ? _raw_spin_unlock_irq+0x23/0x50
[  841.254824][   T68]  ? __pfx_kthread+0x10/0x10
[  841.256249][   T68]  ret_from_fork+0x45/0x80
[  841.257695][   T68]  ? __pfx_kthread+0x10/0x10
[  841.259056][   T68]  ret_from_fork_asm+0x1a/0x30
[  841.260805][   T68]  </TASK>
[  841.263282][   T68] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  841.267133][   T68] Bluetooth: hci3: failed to register connection device
[  841.382403][T16719] binder: Unknown parameter 'l'
[  841.397164][   T39] audit: type=1400 audit(8172076623.055:770): avc:  denied  { remount } for  pid=16718 comm="syz.3.3159" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  841.402421][T16719] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3159'.
[  841.473370][   T39] audit: type=1400 audit(8172076623.145:771): avc:  denied  { setopt } for  pid=16720 comm="syz.2.3161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  841.556018][T16728] FAULT_INJECTION: forcing a failure.
[  841.556018][T16728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  841.559579][T16728] CPU: 3 UID: 0 PID: 16728 Comm: syz.3.3164 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  841.562378][T16728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  841.565158][T16728] Call Trace:
[  841.566028][T16728]  <TASK>
[  841.566796][T16728]  dump_stack_lvl+0x16c/0x1f0
[  841.568057][T16728]  should_fail_ex+0x497/0x5b0
[  841.569448][T16728]  _copy_to_user+0x30/0xc0
[  841.570798][T16728]  simple_read_from_buffer+0xd0/0x160
[  841.572316][T16728]  proc_fail_nth_read+0x198/0x270
[  841.573704][T16728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  841.575157][T16728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  841.576598][T16728]  vfs_read+0x1ce/0xbd0
[  841.577689][T16728]  ? __fget_files+0x23a/0x3f0
[  841.578961][T16728]  ? fdget_pos+0x24c/0x360
[  841.580541][T16728]  ? __pfx_lock_release+0x10/0x10
[  841.582308][T16728]  ? trace_lock_acquire+0x14a/0x1d0
[  841.583966][T16728]  ? __pfx_vfs_read+0x10/0x10
[  841.585213][T16728]  ? __pfx___mutex_lock+0x10/0x10
[  841.586553][T16728]  ? __fget_files+0x244/0x3f0
[  841.587979][T16728]  ksys_read+0x12f/0x260
[  841.589190][T16728]  ? __pfx_ksys_read+0x10/0x10
[  841.590489][T16728]  do_syscall_64+0xcd/0x250
[  841.591716][T16728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.593324][T16728] RIP: 0033:0x7fb5dbf7ca3c
[  841.594541][T16728] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  841.599897][T16728] RSP: 002b:00007fb5dcca2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  841.602333][T16728] RAX: ffffffffffffffda RBX: 00007fb5dc135f80 RCX: 00007fb5dbf7ca3c
[  841.604639][T16728] RDX: 000000000000000f RSI: 00007fb5dcca20a0 RDI: 0000000000000004
[  841.606853][T16728] RBP: 00007fb5dcca2090 R08: 0000000000000000 R09: 0000000000000000
[  841.609111][T16728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  841.611300][T16728] R13: 0000000000000000 R14: 00007fb5dc135f80 R15: 00007ffed5845248
[  841.613524][T16728]  </TASK>
[  841.966633][   T39] audit: type=1326 audit(8172076623.635:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16734 comm="syz.2.3166" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f469677dff9 code=0x0
[  842.797446][T16752] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3168'.
[  842.803911][T16753] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  843.029204][T16759] netlink: 'syz.3.3170': attribute type 2 has an invalid length.
[  843.298960][   T68] Bluetooth: hci3: command tx timeout
[  843.575316][T16773] netlink: 'syz.1.3172': attribute type 1 has an invalid length.
[  843.577603][T16773] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3172'.
[  844.274942][   T39] audit: type=1326 audit(8172076625.945:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16788 comm="syz.2.3179" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f469677dff9 code=0x0
[  844.297563][   T39] audit: type=1326 audit(8172076625.965:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.0.3177" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f142d97dff9 code=0x0
[  845.008327][   T39] audit: type=1326 audit(8172076626.675:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16806 comm="syz.1.3181" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb53ed7dff9 code=0x0
[  845.266734][T16831] FAULT_INJECTION: forcing a failure.
[  845.266734][T16831] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  845.270527][T16831] CPU: 1 UID: 0 PID: 16831 Comm: syz.2.3186 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  845.273100][T16831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  845.275803][T16831] Call Trace:
[  845.276637][T16831]  <TASK>
[  845.277406][T16831]  dump_stack_lvl+0x16c/0x1f0
[  845.278610][T16831]  should_fail_ex+0x497/0x5b0
[  845.279781][T16831]  _copy_from_user+0x30/0xf0
[  845.280992][T16831]  move_addr_to_kernel+0x68/0x160
[  845.282248][T16831]  __copy_msghdr+0x386/0x470
[  845.283393][T16831]  copy_msghdr_from_user+0xc2/0x160
[  845.284679][T16831]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  845.286086][T16831]  ? __pfx___lock_acquire+0x10/0x10
[  845.287350][T16831]  ___sys_sendmsg+0xff/0x1e0
[  845.288497][T16831]  ? __pfx____sys_sendmsg+0x10/0x10
[  845.289936][T16831]  ? lock_acquire+0x2f/0xb0
[  845.291123][T16831]  ? __fget_files+0x40/0x3f0
[  845.292380][T16831]  ? fdget+0x176/0x210
[  845.293551][T16831]  __sys_sendmmsg+0x1a1/0x450
[  845.294862][T16831]  ? __pfx___sys_sendmmsg+0x10/0x10
[  845.296382][T16831]  ? vfs_write+0x14d/0x1140
[  845.297672][T16831]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  845.299391][T16831]  ? fput+0x30/0x390
[  845.300499][T16831]  ? ksys_write+0x1ad/0x260
[  845.301770][T16831]  ? __pfx_ksys_write+0x10/0x10
[  845.303139][T16831]  __x64_sys_sendmmsg+0x9c/0x100
[  845.304507][T16831]  ? lockdep_hardirqs_on+0x7c/0x110
[  845.305974][T16831]  do_syscall_64+0xcd/0x250
[  845.307172][T16831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.308794][T16831] RIP: 0033:0x7f469677dff9
[  845.309947][T16831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  845.314915][T16831] RSP: 002b:00007f46975af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  845.317083][T16831] RAX: ffffffffffffffda RBX: 00007f4696935f80 RCX: 00007f469677dff9
[  845.319022][T16831] RDX: 0000000000000001 RSI: 0000000020000440 RDI: 0000000000000004
[  845.320991][T16831] RBP: 00007f46975af090 R08: 0000000000000000 R09: 0000000000000000
[  845.322926][T16831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  845.325015][T16831] R13: 0000000000000000 R14: 00007f4696935f80 R15: 00007fff1cb8d108
[  845.326968][T16831]  </TASK>
[  845.970560][T16854] dccp_invalid_packet: P.Data Offset(1) too small
[  845.973210][   T39] audit: type=1326 audit(8172076627.645:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16840 comm="syz.1.3189" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb53ed7dff9 code=0x0
[  846.411593][   T39] audit: type=1326 audit(8172076628.085:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16872 comm="syz.2.3199" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f469677dff9 code=0x0
[  847.022024][T16894] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  847.025280][T16894] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  847.379213][   T39] audit: type=1400 audit(8172076629.055:778): avc:  denied  { append } for  pid=16895 comm="syz.3.3203" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  847.385253][   T39] audit: type=1400 audit(8172076629.055:779): avc:  denied  { map } for  pid=16895 comm="syz.3.3203" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  847.386248][T16912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3207'.
[  847.402440][T16912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3207'.
[  847.443035][   T39] audit: type=1400 audit(8172076629.115:780): avc:  denied  { read } for  pid=16915 comm="syz.0.3208" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  847.451181][   T39] audit: type=1400 audit(8172076629.115:781): avc:  denied  { open } for  pid=16915 comm="syz.0.3208" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  847.452332][T16916] FAULT_INJECTION: forcing a failure.
[  847.452332][T16916] name failslab, interval 1, probability 0, space 0, times 0
[  847.461626][T16916] CPU: 0 UID: 0 PID: 16916 Comm: syz.0.3208 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  847.464391][T16916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  847.467082][T16916] Call Trace:
[  847.468056][T16916]  <TASK>
[  847.468943][T16916]  dump_stack_lvl+0x16c/0x1f0
[  847.470943][T16916]  should_fail_ex+0x497/0x5b0
[  847.472262][T16916]  ? fs_reclaim_acquire+0xae/0x150
[  847.473632][T16916]  should_failslab+0xc2/0x120
[  847.474895][T16916]  kmem_cache_alloc_node_noprof+0x71/0x310
[  847.476468][T16916]  ? copy_process+0x4c1/0x8db0
[  847.477757][T16916]  copy_process+0x4c1/0x8db0
[  847.479017][T16916]  ? create_io_worker+0x49/0x5f0
[  847.480314][T16916]  ? stack_trace_save+0x95/0xd0
[  847.481556][T16916]  ? __pfx_stack_trace_save+0x10/0x10
[  847.482875][T16916]  ? stack_depot_save_flags+0x28/0x8f0
[  847.484335][T16916]  ? create_io_worker+0x49/0x5f0
[  847.485655][T16916]  ? __pfx_copy_process+0x10/0x10
[  847.486995][T16916]  ? kasan_save_track+0x14/0x30
[  847.488483][T16916]  ? __kasan_kmalloc+0xaa/0xb0
[  847.490040][T16916]  ? create_io_worker+0xcc/0x5f0
[  847.491436][T16916]  ? io_wq_enqueue+0x664/0xb30
[  847.492729][T16916]  ? io_queue_iowq+0x259/0x4e0
[  847.494005][T16916]  ? io_queue_async+0x251/0x4b0
[  847.495302][T16916]  ? io_req_task_submit+0x1e0/0x210
[  847.496695][T16916]  ? io_handle_tw_list+0x4c3/0x540
[  847.498175][T16916]  ? tctx_task_work_run+0xa9/0x370
[  847.499556][T16916]  ? tctx_task_work+0x7b/0xd0
[  847.500829][T16916]  ? task_work_run+0x14e/0x250
[  847.502124][T16916]  ? get_signal+0x1ca/0x2770
[  847.503382][T16916]  ? arch_do_signal_or_restart+0x90/0x7e0
[  847.505372][T16916]  ? syscall_exit_to_user_mode+0x150/0x2a0
[  847.507584][T16916]  ? do_syscall_64+0xda/0x250
[  847.509366][T16916]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  847.511643][T16916]  ? __pfx_io_wq_worker+0x10/0x10
[  847.513556][T16916]  ? create_io_worker+0x49/0x5f0
[  847.515260][T16916]  create_io_thread+0xaa/0xf0
[  847.516555][T16916]  ? __pfx_create_io_thread+0x10/0x10
[  847.518062][T16916]  ? __pfx_io_wq_worker+0x10/0x10
[  847.519601][T16916]  ? __init_swait_queue_head+0xca/0x150
[  847.521094][T16916]  create_io_worker+0x1c2/0x5f0
[  847.522408][T16916]  io_wq_enqueue+0x664/0xb30
[  847.523826][T16916]  ? __pfx_io_wq_enqueue+0x10/0x10
[  847.525207][T16916]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  847.526786][T16916]  ? io_prep_async_work+0x654/0x770
[  847.528471][T16916]  io_queue_iowq+0x259/0x4e0
[  847.530033][T16916]  ? io_issue_sqe+0x1d3/0x13d0
[  847.531307][T16916]  io_queue_async+0x251/0x4b0
[  847.532717][T16916]  io_req_task_submit+0x1e0/0x210
[  847.534082][T16916]  ? __pfx_io_req_task_submit+0x10/0x10
[  847.535572][T16916]  io_handle_tw_list+0x4c3/0x540
[  847.536925][T16916]  ? __pfx_io_handle_tw_list+0x10/0x10
[  847.538421][T16916]  ? lock_acquire.part.0+0x11b/0x380
[  847.539856][T16916]  ? find_held_lock+0x2d/0x110
[  847.541139][T16916]  tctx_task_work_run+0xa9/0x370
[  847.542674][T16916]  tctx_task_work+0x7b/0xd0
[  847.544216][T16916]  ? __pfx_tctx_task_work+0x10/0x10
[  847.545598][T16916]  ? _raw_spin_unlock_irq+0x23/0x50
[  847.546970][T16916]  ? lockdep_hardirqs_on+0x7c/0x110
[  847.548443][T16916]  task_work_run+0x14e/0x250
[  847.549670][T16916]  ? __pfx_task_work_run+0x10/0x10
[  847.551022][T16916]  ? __mutex_unlock_slowpath+0x164/0x650
[  847.552509][T16916]  get_signal+0x1ca/0x2770
[  847.553706][T16916]  ? __pfx_get_signal+0x10/0x10
[  847.555021][T16916]  ? fput+0x30/0x390
[  847.556097][T16916]  ? __do_sys_io_uring_enter+0x4a7/0x1170
[  847.557928][T16916]  arch_do_signal_or_restart+0x90/0x7e0
[  847.559911][T16916]  ? __fget_files+0x244/0x3f0
[  847.561171][T16916]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  847.562794][T16916]  ? ksys_write+0x1ad/0x260
[  847.563937][T16916]  ? __pfx_ksys_write+0x10/0x10
[  847.565464][T16916]  syscall_exit_to_user_mode+0x150/0x2a0
[  847.567554][T16916]  do_syscall_64+0xda/0x250
[  847.569234][T16916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  847.571399][T16916] RIP: 0033:0x7f142d97dff9
[  847.572734][T16916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  847.578163][T16916] RSP: 002b:00007f142d3ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  847.581396][T16916] RAX: 0000000000000001 RBX: 00007f142db35f80 RCX: 00007f142d97dff9
[  847.584403][T16916] RDX: 0000000000000000 RSI: 0000000000000567 RDI: 0000000000000005
[  847.587381][T16916] RBP: 00007f142d3ff090 R08: 0000000000000000 R09: 0000000000000000
[  847.590000][T16916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  847.592149][T16916] R13: 0000000000000000 R14: 00007f142db35f80 R15: 00007ffef318bd78
[  847.594233][T16916]  </TASK>
[  849.110741][T16947] binder: 16946:16947 ioctl c018620c 20000140 returned -22
[  849.120988][    C2] sr 2:0:0:0: [sr0] tag#8 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  849.123733][    C2] sr 2:0:0:0: [sr0] tag#8 CDB: short variable length command, len=8 7f 00 00 00 00 00
[  849.136543][T16947] FAULT_INJECTION: forcing a failure.
[  849.136543][T16947] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  849.140139][T16947] CPU: 2 UID: 0 PID: 16947 Comm: syz.2.3216 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  849.142942][T16947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  849.145747][T16947] Call Trace:
[  849.146628][T16947]  <TASK>
[  849.147426][T16947]  dump_stack_lvl+0x16c/0x1f0
[  849.148719][T16947]  should_fail_ex+0x497/0x5b0
[  849.150231][T16947]  _copy_to_user+0x30/0xc0
[  849.151564][T16947]  put_sg_io_hdr+0x13a/0x6e0
[  849.152819][T16947]  ? __pfx_put_sg_io_hdr+0x10/0x10
[  849.154192][T16947]  ? blk_mq_free_request+0x1e9/0x340
[  849.155579][T16947]  ? sg_io+0x251/0xd80
[  849.156691][T16947]  scsi_ioctl+0x109b/0x1840
[  849.157890][T16947]  ? rpm_resume+0x81d/0x1330
[  849.159124][T16947]  ? lock_acquire.part.0+0x11b/0x380
[  849.160546][T16947]  ? find_held_lock+0x2d/0x110
[  849.161812][T16947]  ? __pfx_scsi_ioctl+0x10/0x10
[  849.163094][T16947]  ? __pfx_lock_release+0x10/0x10
[  849.164464][T16947]  ? lockdep_hardirqs_on+0x7c/0x110
[  849.165839][T16947]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  849.167363][T16947]  ? __pm_runtime_resume+0xc3/0x170
[  849.168767][T16947]  sr_block_ioctl+0x202/0x250
[  849.169971][T16947]  ? __pfx_sr_block_ioctl+0x10/0x10
[  849.171294][T16947]  blkdev_ioctl+0x276/0x6d0
[  849.172478][T16947]  ? __pfx_blkdev_ioctl+0x10/0x10
[  849.173787][T16947]  ? selinux_file_ioctl+0x180/0x270
[  849.175128][T16947]  ? selinux_file_ioctl+0xb4/0x270
[  849.176452][T16947]  ? __pfx_blkdev_ioctl+0x10/0x10
[  849.177727][T16947]  __x64_sys_ioctl+0x18f/0x220
[  849.178961][T16947]  do_syscall_64+0xcd/0x250
[  849.180139][T16947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  849.181677][T16947] RIP: 0033:0x7f469677dff9
[  849.182852][T16947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  849.187790][T16947] RSP: 002b:00007f46975af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  849.189926][T16947] RAX: ffffffffffffffda RBX: 00007f4696935f80 RCX: 00007f469677dff9
[  849.191982][T16947] RDX: 0000000020002740 RSI: 0000000000002285 RDI: 0000000000000003
[  849.194034][T16947] RBP: 00007f46975af090 R08: 0000000000000000 R09: 0000000000000000
[  849.196092][T16947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  849.198154][T16947] R13: 0000000000000000 R14: 00007f4696935f80 R15: 00007fff1cb8d108
[  849.200227][T16947]  </TASK>
[  849.431412][   T39] audit: type=1326 audit(8172076631.095:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.3.3215" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5dbf7dff9 code=0x0
[  849.592842][T16964] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61562 sclass=netlink_route_socket pid=16964 comm=syz.2.3221
[  850.154868][T16979] binder: 16978:16979 ioctl c018620c 20000140 returned -22
[  850.156941][T16979] FAULT_INJECTION: forcing a failure.
[  850.156941][T16979] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  850.160422][T16979] CPU: 3 UID: 0 PID: 16979 Comm: syz.3.3225 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  850.163252][T16979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  850.166170][T16979] Call Trace:
[  850.167049][T16979]  <TASK>
[  850.167950][T16979]  dump_stack_lvl+0x16c/0x1f0
[  850.169206][T16979]  should_fail_ex+0x497/0x5b0
[  850.170444][T16979]  _copy_from_user+0x30/0xf0
[  850.171673][T16979]  kstrtouint_from_user+0xd7/0x1c0
[  850.173010][T16979]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  850.174499][T16979]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  850.175965][T16979]  proc_fail_nth_write+0x84/0x250
[  850.177303][T16979]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  850.178757][T16979]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  850.180227][T16979]  vfs_write+0x28e/0x1140
[  850.181366][T16979]  ? __fget_files+0x23a/0x3f0
[  850.182601][T16979]  ? fdget_pos+0x24c/0x360
[  850.183778][T16979]  ? __pfx_lock_release+0x10/0x10
[  850.185073][T16979]  ? trace_lock_acquire+0x14a/0x1d0
[  850.186585][T16979]  ? __pfx_vfs_write+0x10/0x10
[  850.188219][T16979]  ? __pfx___mutex_lock+0x10/0x10
[  850.189535][T16979]  ? __fget_files+0x244/0x3f0
[  850.190775][T16979]  ksys_write+0x12f/0x260
[  850.191933][T16979]  ? __pfx_ksys_write+0x10/0x10
[  850.193211][T16979]  do_syscall_64+0xcd/0x250
[  850.194413][T16979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.195975][T16979] RIP: 0033:0x7fb5dbf7cadf
[  850.197170][T16979] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  850.202113][T16979] RSP: 002b:00007fb5dcca2030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  850.204269][T16979] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb5dbf7cadf
[  850.206341][T16979] RDX: 0000000000000001 RSI: 00007fb5dcca20a0 RDI: 0000000000000005
[  850.208416][T16979] RBP: 00007fb5dcca2090 R08: 0000000000000000 R09: 0000000000000000
[  850.210509][T16979] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  850.212563][T16979] R13: 0000000000000000 R14: 00007fb5dc135f80 R15: 00007ffed5845248
[  850.214602][T16979]  </TASK>
[  850.340738][   T39] audit: type=1400 audit(8172076632.015:783): avc:  denied  { create } for  pid=16980 comm="syz.3.3226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  850.348318][   T39] audit: type=1400 audit(8172076632.015:784): avc:  denied  { getopt } for  pid=16980 comm="syz.3.3226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  850.509013][T16987] FAULT_INJECTION: forcing a failure.
[  850.509013][T16987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  850.529915][T16987] CPU: 2 UID: 0 PID: 16987 Comm: syz.1.3229 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  850.533081][T16987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  850.536815][T16987] Call Trace:
[  850.537785][T16987]  <TASK>
[  850.538583][T16987]  dump_stack_lvl+0x16c/0x1f0
[  850.539871][T16987]  should_fail_ex+0x497/0x5b0
[  850.541154][T16987]  _copy_from_user+0x30/0xf0
[  850.542423][T16987]  core_sys_select+0x2cf/0xb80
[  850.543703][T16987]  ? __pfx_core_sys_select+0x10/0x10
[  850.545093][T16987]  ? get_pid_task+0xfc/0x250
[  850.546320][T16987]  ? set_user_sigmask+0x217/0x2a0
[  850.547751][T16987]  ? __pfx_set_user_sigmask+0x10/0x10
[  850.549202][T16987]  do_pselect.constprop.0+0x1a0/0x1f0
[  850.550788][T16987]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  850.552414][T16987]  __x64_sys_pselect6+0x183/0x240
[  850.553751][T16987]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  850.555219][T16987]  do_syscall_64+0xcd/0x250
[  850.556430][T16987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.557980][T16987] RIP: 0033:0x7fb53ed7dff9
[  850.559148][T16987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  850.564227][T16987] RSP: 002b:00007fb53fb7a038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  850.566376][T16987] RAX: ffffffffffffffda RBX: 00007fb53ef35f80 RCX: 00007fb53ed7dff9
[  850.568436][T16987] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000040
[  850.570477][T16987] RBP: 00007fb53fb7a090 R08: 0000000000000000 R09: 0000000000000000
[  850.572678][T16987] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  850.575562][T16987] R13: 0000000000000000 R14: 00007fb53ef35f80 R15: 00007ffd53339c38
[  850.577873][T16987]  </TASK>
[  851.077044][T17013] macvlan2: entered promiscuous mode
[  851.078576][T17013] macvlan2: entered allmulticast mode
[  851.080521][T17013] bond_slave_0: entered promiscuous mode
[  851.082319][T17013] bond_slave_1: entered promiscuous mode
[  851.083814][T17013] bond0: entered allmulticast mode
[  851.085186][T17013] bond_slave_0: entered allmulticast mode
[  851.086803][T17013] bond_slave_1: entered allmulticast mode
[  851.088356][T17013] bond0: entered promiscuous mode
[  851.095756][T17013] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  851.100466][T17013] team0: Port device macvlan2 added
[  851.107961][   T39] audit: type=1400 audit(8172076632.775:785): avc:  denied  { getopt } for  pid=17012 comm="syz.3.3236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  851.168991][   T35] usb 7-1: new high-speed USB device number 50 using dummy_hcd
[  851.339789][   T35] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  851.358699][   T35] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  851.377556][   T35] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  851.381064][   T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  851.412524][T17004] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  851.449232][   T35] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  851.726207][ T7146] usb 7-1: USB disconnect, device number 50
[  851.847601][T17029] syzkaller1: entered promiscuous mode
[  851.850526][T17029] syzkaller1: entered allmulticast mode
[  852.255042][   T39] audit: type=1326 audit(8172076633.925:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17034 comm="syz.3.3244" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5dbf7dff9 code=0x0
[  852.458920][   T39] audit: type=1400 audit(8172076634.125:787): avc:  denied  { write } for  pid=17049 comm="syz.0.3245" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  852.466979][   T39] audit: type=1400 audit(8172076634.125:788): avc:  denied  { ioctl } for  pid=17049 comm="syz.0.3245" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  852.508168][T17055] binder: 17054:17055 ioctl c018620c 20000140 returned -22
[  852.559510][T17059] FAULT_INJECTION: forcing a failure.
[  852.559510][T17059] name failslab, interval 1, probability 0, space 0, times 0
[  852.569909][T17059] CPU: 3 UID: 0 PID: 17059 Comm: syz.2.3248 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  852.573045][T17059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  852.576393][T17059] Call Trace:
[  852.577439][T17059]  <TASK>
[  852.578530][T17059]  dump_stack_lvl+0x16c/0x1f0
[  852.580009][T17059]  should_fail_ex+0x497/0x5b0
[  852.581396][T17059]  ? fs_reclaim_acquire+0xae/0x150
[  852.582971][T17059]  should_failslab+0xc2/0x120
[  852.584406][T17059]  __kmalloc_cache_noprof+0x6b/0x300
[  852.585950][T17059]  ? percpu_ref_init+0xd9/0x400
[  852.587363][T17059]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[  852.589116][T17059]  percpu_ref_init+0xd9/0x400
[  852.590480][T17059]  io_uring_setup+0x357/0x3750
[  852.591865][T17059]  ? __pfx_io_uring_setup+0x10/0x10
[  852.593370][T17059]  ? __fget_files+0x244/0x3f0
[  852.594733][T17059]  ? ksys_write+0x1ad/0x260
[  852.596047][T17059]  ? __pfx_ksys_write+0x10/0x10
[  852.597461][T17059]  __x64_sys_io_uring_setup+0x98/0x140
[  852.599143][T17059]  do_syscall_64+0xcd/0x250
[  852.600681][T17059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.602458][T17059] RIP: 0033:0x7f469677dff9
[  852.603992][T17059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  852.609981][T17059] RSP: 002b:00007f46975aefc8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9
[  852.612422][T17059] RAX: ffffffffffffffda RBX: 00007f4696935f80 RCX: 00007f469677dff9
[  852.615154][T17059] RDX: 0000000020000440 RSI: 0000000020000240 RDI: 0000000000002c92
[  852.617434][T17059] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000020000440
[  852.619782][T17059] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  852.622055][T17059] R13: 0000000020000380 R14: 0000000000002c92 R15: 0000000020000440
[  852.624359][T17059]  </TASK>
[  853.009799][T17080] netlink: 5 bytes leftover after parsing attributes in process `syz.3.3254'.
[  853.040250][T17080] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  853.268896][T17082] 9pnet_fd: p9_fd_create_unix (17082): problem connecting socket: éq‰Y’3aK: -111
[  854.110119][T17097] binder: 17086:17097 ioctl c018620c 20000140 returned -22
[  854.118948][ T7277] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  854.203842][    C2] sr 2:0:0:0: [sr0] tag#18 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  854.207575][    C2] sr 2:0:0:0: [sr0] tag#18 CDB: short variable length command, len=8 7f 00 00 00 00 00
[  854.283762][ T7277] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  854.286824][ T7277] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  854.290069][ T7277] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  854.292229][ T7277] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  854.301062][T17091] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  854.310877][ T7277] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  854.588643][ T5411] usb 6-1: USB disconnect, device number 42
[  855.236407][   T39] audit: type=1326 audit(8172076636.905:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17114 comm="syz.0.3264" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f142d97dff9 code=0x0
[  855.524869][T17128] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3266'.
[  857.599006][ T7277] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  857.752024][ T7277] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  857.756088][ T7277] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  857.759666][ T7277] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  857.763815][ T7277] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  857.772370][T17162] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  857.779409][ T7277] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  858.062966][ T5411] usb 6-1: USB disconnect, device number 43
[  859.195710][T17187] 
[  859.196445][T17187] ============================================
[  859.198127][T17187] WARNING: possible recursive locking detected
[  859.199855][T17187] 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 Not tainted
[  859.202500][T17187] --------------------------------------------
[  859.204740][T17187] syz.3.3278/17187 is trying to acquire lock:
[  859.206408][T17187] ffffc90006ab90d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.209060][T17187] 
[  859.209060][T17187] but task is already holding lock:
[  859.211331][T17187] ffffc90006aa50d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.213976][T17187] 
[  859.213976][T17187] other info that might help us debug this:
[  859.216156][T17187]  Possible unsafe locking scenario:
[  859.216156][T17187] 
[  859.218200][T17187]        CPU0
[  859.219123][T17187]        ----
[  859.220080][T17187]   lock(&rb->spinlock);
[  859.221269][T17187]   lock(&rb->spinlock);
[  859.222429][T17187] 
[  859.222429][T17187]  *** DEADLOCK ***
[  859.222429][T17187] 
[  859.224641][T17187]  May be due to missing lock nesting notation
[  859.224641][T17187] 
[  859.226867][T17187] 4 locks held by syz.3.3278/17187:
[  859.228312][T17187]  #0: ffff888023454a18 (&sighand->siglock){-.-.}-{2:2}, at: taskstats_exit+0x15c/0xbe0
[  859.230985][T17187]  #1: ffffffff8e1b8380 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590
[  859.233455][T17187]  #2: ffffc90006aa50d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.236186][T17187]  #3: ffffffff8e1b8380 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590
[  859.238761][T17187] 
[  859.238761][T17187] stack backtrace:
[  859.240467][T17187] CPU: 3 UID: 0 PID: 17187 Comm: syz.3.3278 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  859.243997][T17187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  859.247675][T17187] Call Trace:
[  859.248832][T17187]  <TASK>
[  859.249789][T17187]  dump_stack_lvl+0x116/0x1f0
[  859.251166][T17187]  print_deadlock_bug+0x2e3/0x410
[  859.252573][T17187]  __lock_acquire+0x2185/0x3ce0
[  859.253902][T17187]  ? __pfx___lock_acquire+0x10/0x10
[  859.255327][T17187]  ? hlock_class+0x4e/0x130
[  859.256585][T17187]  ? __lock_acquire+0xbdd/0x3ce0
[  859.257975][T17187]  lock_acquire.part.0+0x11b/0x380
[  859.259400][T17187]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.260958][T17187]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  859.262514][T17187]  ? rcu_is_watching+0x12/0xc0
[  859.263824][T17187]  ? trace_lock_acquire+0x14a/0x1d0
[  859.265234][T17187]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.266728][T17187]  ? lock_acquire+0x2f/0xb0
[  859.268047][T17187]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.269544][T17187]  _raw_spin_lock_irqsave+0x3a/0x60
[  859.271057][T17187]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.272569][T17187]  __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.273992][T17187]  ? bpf_trace_run2+0x1c2/0x590
[  859.275336][T17187]  bpf_ringbuf_output+0x60/0xd0
[  859.276683][T17187]  bpf_prog_a3e2825f60354855+0x46/0x4a
[  859.278187][T17187]  bpf_trace_run2+0x231/0x590
[  859.279519][T17187]  ? __pfx_bpf_trace_run2+0x10/0x10
[  859.281118][T17187]  ? __pfx_mark_lock+0x10/0x10
[  859.282409][T17187]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[  859.284109][T17187]  __bpf_trace_contention_end+0xca/0x110
[  859.285644][T17187]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[  859.287377][T17187]  ? hlock_class+0x4e/0x130
[  859.288670][T17187]  ? __lock_acquire+0x163e/0x3ce0
[  859.290081][T17187]  __traceiter_contention_end+0x5a/0xa0
[  859.291666][T17187]  trace_contention_end.constprop.0+0xea/0x170
[  859.293336][T17187]  __pv_queued_spin_lock_slowpath+0x27e/0xc90
[  859.294935][T17187]  ? print_lock+0x170/0x310
[  859.296156][T17187]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  859.297938][T17187]  do_raw_spin_lock+0x210/0x2c0
[  859.299322][T17187]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  859.301094][T17187]  ? lock_acquire+0x2f/0xb0
[  859.302317][T17187]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.303842][T17187]  _raw_spin_lock_irqsave+0x42/0x60
[  859.305249][T17187]  ? __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.306723][T17187]  __bpf_ringbuf_reserve+0x36e/0x4b0
[  859.308245][T17187]  ? bpf_trace_run2+0x1c2/0x590
[  859.309651][T17187]  bpf_ringbuf_output+0x60/0xd0
[  859.311066][T17187]  bpf_prog_a3e2825f60354855+0x46/0x4a
[  859.312545][T17187]  bpf_trace_run2+0x231/0x590
[  859.313858][T17187]  ? __pfx_bpf_trace_run2+0x10/0x10
[  859.315285][T17187]  ? __pfx_mark_lock+0x10/0x10
[  859.316631][T17187]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[  859.318328][T17187]  __bpf_trace_contention_end+0xca/0x110
[  859.320028][T17187]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[  859.321998][T17187]  ? hlock_class+0x4e/0x130
[  859.323252][T17187]  ? __lock_acquire+0x163e/0x3ce0
[  859.324628][T17187]  __traceiter_contention_end+0x5a/0xa0
[  859.326149][T17187]  trace_contention_end.constprop.0+0xea/0x170
[  859.327842][T17187]  __pv_queued_spin_lock_slowpath+0x27e/0xc90
[  859.329603][T17187]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  859.331458][T17187]  do_raw_spin_lock+0x210/0x2c0
[  859.332832][T17187]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  859.334306][T17187]  ? lock_acquire+0x2f/0xb0
[  859.335580][T17187]  ? taskstats_exit+0x15c/0xbe0
[  859.336919][T17187]  _raw_spin_lock_irqsave+0x42/0x60
[  859.338354][T17187]  ? taskstats_exit+0x15c/0xbe0
[  859.339726][T17187]  taskstats_exit+0x15c/0xbe0
[  859.341006][T17187]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  859.342454][T17187]  ? __pfx_taskstats_exit+0x10/0x10
[  859.343851][T17187]  ? _raw_spin_unlock_irq+0x23/0x50
[  859.345250][T17187]  ? __seccomp_filter_orphan+0x18/0x110
[  859.346709][T17187]  ? __put_seccomp_filter+0x16/0xf0
[  859.348116][T17187]  do_exit+0x84a/0x2d70
[  859.349289][T17187]  ? lockdep_hardirqs_on+0x7c/0x110
[  859.350836][T17187]  ? __pfx_do_exit+0x10/0x10
[  859.352231][T17187]  do_group_exit+0xd3/0x2a0
[  859.353721][T17187]  get_signal+0x25fb/0x2770
[  859.354948][T17187]  ? __pfx_get_signal+0x10/0x10
[  859.356253][T17187]  ? __pfx_do_futex+0x10/0x10
[  859.357506][T17187]  arch_do_signal_or_restart+0x90/0x7e0
[  859.359003][T17187]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  859.360689][T17187]  ? rcu_is_watching+0x12/0xc0
[  859.362053][T17187]  syscall_exit_to_user_mode+0x150/0x2a0
[  859.363542][T17187]  do_syscall_64+0xda/0x250
[  859.364780][T17187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.366352][T17187] RIP: 0033:0x7fb5dbf7dff9
[  859.367579][T17187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  859.372812][T17187] RSP: 002b:00007fb5db9bd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  859.375132][T17187] RAX: fffffffffffffe00 RBX: 00007fb5dc136210 RCX: 00007fb5dbf7dff9
[  859.377364][T17187] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb5dc136210
[  859.379492][T17187] RBP: 00007fb5dc136208 R08: 0000000000000000 R09: 0000000000000000
[  859.381689][T17187] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb5dc136214
[  859.383800][T17187] R13: 0000000000000000 R14: 00007ffed5845160 R15: 00007ffed5845248
[  859.385892][T17187]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  859.711978][T15164] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  859.715323][T15164] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.812934][T15164] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  859.816455][T15164] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.914364][T15164] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  859.917977][T15164] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.992016][T15164] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  859.995116][T15164] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  860.047209][T15164] bridge_slave_1: left allmulticast mode
[  860.048829][T15164] bridge_slave_1: left promiscuous mode
[  860.050342][T15164] bridge0: port 2(bridge_slave_1) entered disabled state
[  860.052733][T15164] bridge_slave_0: left allmulticast mode
[  860.054198][T15164] bridge_slave_0: left promiscuous mode
[  860.055684][T15164] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.136177][T15164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  860.139479][T15164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  860.142461][T15164] bond0 (unregistering): Released all slaves
[  860.418503][T15164] hsr_slave_0: left promiscuous mode
[  860.422039][T15164] hsr_slave_1: left promiscuous mode
[  860.426328][T15164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  860.429172][T15164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  860.432058][T15164] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  860.434190][T15164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  860.437413][T15164] veth1_macvtap: left promiscuous mode
[  860.439534][T15164] veth0_macvtap: left promiscuous mode
[  860.441000][T15164] veth1_vlan: left promiscuous mode
[  860.442381][T15164] veth0_vlan: left promiscuous mode
[  860.467074][T15164] pimreg (unregistering): left allmulticast mode
[  860.674605][T15164] team0 (unregistering): Port device team_slave_1 removed
[  860.735307][T15164] team0 (unregistering): Port device team_slave_0 removed
[  861.328638][   T39] audit: type=1400 audit(8172076642.995:790): avc:  denied  { sys_chroot } for  pid=17247 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  861.333697][   T39] audit: type=1400 audit(8172076643.005:791): avc:  denied  { setgid } for  pid=17247 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  861.338976][   T39] audit: type=1400 audit(8172076643.005:792): avc:  denied  { setrlimit } for  pid=17247 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  861.426165][T15164] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.513832][T15164] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.582891][T15164] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.643967][T15164] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.695795][T15164] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.754020][T15164] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.805605][T15164] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.862034][T15164] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.930399][T15164] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.001719][T15164] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.072523][T15164] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.146152][T15164] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.231956][T15164] bridge_slave_1: left allmulticast mode
[  862.233962][T15164] bridge_slave_1: left promiscuous mode
[  862.236089][T15164] bridge0: port 2(bridge_slave_1) entered disabled state
[  862.239050][T15164] bridge_slave_0: left allmulticast mode
[  862.240525][T15164] bridge_slave_0: left promiscuous mode
[  862.242471][T15164] bridge0: port 1(bridge_slave_0) entered disabled state
[  862.245848][T15164] bridge_slave_1: left allmulticast mode
[  862.247280][T15164] bridge_slave_1: left promiscuous mode
[  862.249154][T15164] bridge0: port 2(bridge_slave_1) entered disabled state
[  862.252277][T15164] bridge_slave_0: left allmulticast mode
[  862.254214][T15164] bridge_slave_0: left promiscuous mode
[  862.256039][T15164] bridge0: port 1(bridge_slave_0) entered disabled state
[  862.258831][T15164] bridge_slave_1: left allmulticast mode
[  862.260231][T15164] bridge_slave_1: left promiscuous mode
[  862.261974][T15164] bridge0: port 2(bridge_slave_1) entered disabled state
[  862.264388][T15164] bridge_slave_0: left allmulticast mode
[  862.265792][T15164] bridge_slave_0: left promiscuous mode
[  862.267351][T15164] bridge0: port 1(bridge_slave_0) entered disabled state
[  862.593264][T15164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  862.597164][T15164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  862.601418][T15164] bond0 (unregistering): Released all slaves
[  862.608396][T15164] bond0 (unregistering): left allmulticast mode
[  862.610867][T15164] bond_slave_0: left allmulticast mode
[  862.612787][T15164] bond_slave_1: left allmulticast mode
[  862.614776][T15164] bond0 (unregistering): left promiscuous mode
[  862.616649][T15164] bond_slave_0: left promiscuous mode
[  862.618124][T15164] bond_slave_1: left promiscuous mode
[  862.621730][T15164] team0: Port device macvlan2 removed
[  862.626128][T15164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  862.630813][T15164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  862.634559][T15164] bond0 (unregistering): Released all slaves
[  862.640592][T15164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  862.643609][T15164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  862.646800][T15164] bond0 (unregistering): Released all slaves
[  863.154696][T15164] hsr_slave_0: left promiscuous mode
[  863.156464][T15164] hsr_slave_1: left promiscuous mode
[  863.158120][T15164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  863.160354][T15164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  863.162513][T15164] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  863.164441][T15164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  863.167670][T15164] hsr_slave_0: left promiscuous mode
[  863.169483][T15164] hsr_slave_1: left promiscuous mode
[  863.171223][T15164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  863.173146][T15164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  863.175234][T15164] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  863.177159][T15164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  863.181024][T15164] hsr_slave_0: left promiscuous mode
[  863.182744][T15164] hsr_slave_1: left promiscuous mode
[  863.184424][T15164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  863.186350][T15164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  863.188474][T15164] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  863.190860][T15164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  863.195783][T15164] veth1_macvtap: left promiscuous mode
[  863.197231][T15164] veth0_macvtap: left promiscuous mode
[  863.198681][T15164] veth1_vlan: left promiscuous mode
[  863.199992][T15164] veth0_vlan: left promiscuous mode
[  863.201778][T15164] veth1_macvtap: left promiscuous mode
[  863.203218][T15164] veth0_macvtap: left promiscuous mode
[  863.204678][T15164] veth1_vlan: left promiscuous mode
[  863.206058][T15164] veth0_vlan: left promiscuous mode
[  863.207887][T15164] veth1_macvtap: left promiscuous mode
[  863.209928][T15164] veth0_macvtap: left promiscuous mode
[  863.211390][T15164] veth1_vlan: left promiscuous mode
[  863.212765][T15164] veth0_vlan: left promiscuous mode
[  863.290146][T15164] pimreg (unregistering): left allmulticast mode
[  863.485198][T15164] team0 (unregistering): Port device team_slave_1 removed
[  863.538929][T15164] team0 (unregistering): Port device team_slave_0 removed
[  863.747449][T15164] pimreg (unregistering): left allmulticast mode
[  863.874991][T15164] team0 (unregistering): Port device team_slave_1 removed
[  863.922570][T15164] team0 (unregistering): Port device team_slave_0 removed
[  864.132390][T15164] pimreg (unregistering): left allmulticast mode
[  864.308539][T15164] team0 (unregistering): Port device team_slave_1 removed
[  864.353403][T15164] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
19:35:00  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff813ca88e RDX=ffff888022fd4880
RSI=ffffffff813ca8ab RDI=0000000000000000 RBP=ffff88806a63fdd4 RSP=ffffc90006a6f788
R8 =0000000000000000 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000000
R12=0000000000000001 R13=0000000000000001 R14=ffff88806a63fdc0 R15=0000000000040000
RIP=ffffffff813ca8ac RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c26bed5 CR3=000000004c912000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a2a3 ffffffff8100a2a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a2a3 ffffffff8100a2a3
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8100a2a3
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff820997ef ffffffff820995fe ffffffff820025df ffffffff813348e5
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dcc6d100 00007fb5dc10b440 00007fb500040008 000c00130014000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dc10b498 00007fb5dc10b490 00007fb5dc10b488 00007fb5dc10b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813ca88e RDX=ffff88802769c880
RSI=ffffffff813ca8ab RDI=0000000000000000 RBP=ffff888023454a00 RSP=ffffc900042ff958
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=00000000000a4001
R12=0000000000000003 R13=0000000000000003 R14=ffff88806a73fdc0 R15=ffffed100468a940
RIP=ffffffff813ca8ac RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fb5dcca26c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b302faff8 CR3=000000004c912000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000001000001 Opmask02=000000007ffbffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dbff12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dc10b488 00007fb5dc10b480 00007fb5dc10b478 00007fb5dc10b450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dcc6d100 00007fb5dc10b440 00007fb5dc10b458 00007fb5dc10b4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5dc10b498 00007fb5dc10b490 00007fb5dc10b488 00007fb5dc10b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813ca88e RDX=ffff88803611c880
RSI=ffffffff813ca8ab RDI=0000000000000000 RBP=ffffc90006aa50c0 RSP=ffffc90005597578
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000000
R12=0000000000000003 R13=0000000000000003 R14=ffff88806a83fdc0 R15=fffff52000d54a18
RIP=ffffffff813ca8ac RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000203c4000 CR3=000000004c912000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=000000007ffbffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffef318c110 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f142d9f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f142d9f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f142d9f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f142d9f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f142d9f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f142d9f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850b00a5 RDI=ffffffff9aae6bc0 RBP=ffffffff9aae6b80 RSP=ffffc9000468eb78
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000005b R14=ffffffff850b0040 R15=0000000000000000
RIP=ffffffff850b00cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fb5db9bd6c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000204b2000 CR3=000000004c912000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a2e8 ffffffff8100a2bf
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff81316e5a
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46967f1133
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46967f1140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46967f113a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46967f114e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46967f11d4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46967f12b2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e1a942947fe62875 bccc338e05c68181 6580bdcd4e9e047d a6d3306216877e03
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d92d8d09fd61d1b6 3c2080eda55de258 18526e4000040008 0000000f0010000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73e89abcdcc0c644 48e0fd0880dee5ba 85ea2d2fff2777f9 3947d62e6686ba3f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0e8cab9c52cb1fb6 98b46e36345873e8 9abcdcc0c64448e0 fd0880dee5ba85ea
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2d2fff2777f93947 d62e6686ba3fd92d 8d09fd61d1b63c20 80eda55de2581852
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e40740e659b2fe8 0fd22aab662ce1a9 42947fe62875bccc 338e05c681816580
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bdcd4e9e047da6d3 306216877e03a348 73f911dbfd3f8d94 9586995648e9f0cf
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000