last executing test programs:

4.577151577s ago: executing program 3 (id=784):
syz_80211_inject_frame(&(0x7f0000000000), &(0x7f0000000300)=ANY=[@ANYBLOB="d000fe00ffffffffffff080211000001ffffffffffff00000080"], 0x32)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000003d40)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000027c0)=ANY=[], 0x10}], 0x1}, 0x0)
syz_emit_ethernet(0x21ae, &(0x7f0000000ec0)=ANY=[@ANYBLOB="00100020ffffbbbbbbbbbbbb88a800008100000086dd60"], 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000640)={0x38, r2, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'rose0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x38}}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$igmp6(0xa, 0x3, 0x2)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r7, 0x29, 0x1a, 0x0, 0xa)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_GET_STATION(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000002c0)={0x1c, r8, 0x303, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}}, 0x1c}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r9)
recvfrom$inet6(r5, 0x0, 0x31, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaac11286dd6000000000300200fe8000000000000000000000000000aafe8000000000000000000000000000aa"], 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000001900)={0x2c, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}]}, 0x2c}}, 0x0)

3.897210671s ago: executing program 3 (id=791):
r0 = socket$inet(0x2, 0x3, 0x4)
r1 = socket(0x10, 0x3, 0x0)
getsockname(0xffffffffffffffff, 0x0, &(0x7f0000000140))
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x0, 0x0}, 0x10)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x9}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, {0x0, 0x1}}}}]}, 0x78}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="b7050000000000006110480000000000dc0500002000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9805837203000000000000c2d182c7a3221481f5009edaf5f5ac058299e10e790a198f42a715b99fb3d2a73dd025848710155ad1efd7d991408000000000000085a0db0401fa29e075b7ab0408a0d8cfceeb23465bb027ee1151c02af21d8f9aa57e673a6724441d08087aff070eda8afef22b3a806c8226f5a2886c93bd29b37252ba4a6e9cc5f69e75680c431aa855e487ae513abd6c4ee973fce29a26018ed5e0780f8778a602a3533a3dac7da4fe491edf3abfa7bf871c58848ac46ada6776bd9b85df01e626026a59ddfa7a9c879acbfb0bf426785dec7d8611dc850df49ed8633bdb83dd505fb20649f53841a0e200c91f5bf1bb246ed87efc7b6f8859d029c8376ca19265e281fea0a6fd2222f8850c8445758503ede0ce1b3f73ecd8989e8c53c5e679b13802bddf80f3b1d07d6d68bfa12ab34697d40ac1150a842f8bb381344b994c19642a10eb30845a993daaa8bd4aebc595475feb3475d8e802498382e73edb98fcf2df96ab3c870490c4030b34c27a2f7fcd66ddde687c1255d0779ffec72ada8598e222d66bc90dacf240fe12755f780048804400f49d77b81534a8f1b0de80c49c7d9c87888801d819daaddb0c57513fdf7d0e942a799143dccc213cac7e8092d691a7894678472ba1970b4d6e393158dafeebae0a9d89e6e639115ddc7b54139b5b47f3d583c16b4d2da0a5c7b5ea751d03cc71fdd61140d66ff1ccfcbe83e40156854900"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xc3, &(0x7f0000000300)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[], 0x4c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r7, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="25003300d0000000080211000001080211000000505050505050000003"], 0x44}}, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

3.781701788s ago: executing program 3 (id=792):
r0 = fanotify_init(0x200, 0x0)
r1 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x83, 0x0, 0x0)
r3 = dup(r1)
fanotify_mark(r0, 0x1, 0x48001059, r3, 0x0)
r4 = syz_io_uring_setup(0x36c1, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=<r5=>0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
iopl(0x0)
syz_io_uring_setup(0x1c67, &(0x7f0000000480)={0x0, 0x0, 0x1, 0x0, 0xf6}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000300))
r7 = io_uring_setup(0x7bda, &(0x7f0000000080))
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0x16, 0x20000002, r8)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b00010065727370616e000009001b0000000000000089e116781200"], 0x40}}, 0x0)
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x60, 0x4007, @fd=r0, 0x101, 0x0, 0x0, 0x1b54f3e199f7d0c6})
io_uring_enter(r4, 0x184c, 0x0, 0x0, 0x0, 0x0)
r10 = socket$inet(0x2, 0x2, 0x0)
accept4(r3, &(0x7f0000000600)=@ieee802154, &(0x7f0000000440)=0x80, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r11, 0x107, 0x14, &(0x7f0000000000)=0x930d, 0x4)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000240)={'macvlan1\x00', <r12=>0x0})
sendto$packet(r11, &(0x7f00000002c0)="05030500d3fc030000004788031c09101128", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x0, r12, 0x1, 0x0, 0x6, @multicast}, 0x14)
r13 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r13, 0x40045542, &(0x7f0000000040))
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
readv(r4, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/179, 0xb3}, {&(0x7f0000000500)=""/210, 0xd2}, {&(0x7f00000003c0)=""/86, 0x56}, {&(0x7f00000000c0)=""/20, 0x14}], 0x4)

2.995459523s ago: executing program 2 (id=795):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x200000000000000) (async)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}}, 0x0, 0x0, 0xa, 0x0, "e541bd3d3aa6a2d875e9671e8abcb31c134f3a9db8f52e1f54fe6e079f35ac63186c7244fc3b3801e79b8e5545b90f2dbec29f15cec2fd7e55d0345bce05c13ed90158fbdeb70322ea3188f81890e3db"}, 0xd8) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) (async)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) (async, rerun: 64)
mremap(&(0x7f00002a3000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f000077d000/0x2000)=nil) (async, rerun: 64)
r2 = userfaultfd(0x80001)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r3) (async)
ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000180)={0x13}) (async)
ioctl$UFFDIO_API(r2, 0xc018aa3f, 0x0)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000000000), 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/223, 0xffffff4e}], 0x23a, 0x0)
r5 = userfaultfd(0x80001)
r6 = fcntl$dupfd(r5, 0x406, r0)
ioctl$UFFDIO_ZEROPAGE(r6, 0xc018aa06, &(0x7f0000000240)={{&(0x7f00003ea000/0x400000)=nil, 0x400000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) (async)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) (async, rerun: 32)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) (async, rerun: 32)
r7 = getpid() (async)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(r7, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r8 = socket$inet(0x2, 0x2, 0x0)
shutdown(r8, 0x0)

2.94617352s ago: executing program 0 (id=796):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000240)='syzkaller\x00', 0x7fb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
r4 = landlock_create_ruleset(&(0x7f00000002c0)={0x40, 0x1}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r4, 0x1, &(0x7f0000000300)={0x1460, r0}, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="cf0000000000fddbdf251200000008000300", @ANYRES32=r3, @ANYBLOB="06001a0102"], 0x44}}, 0x0)
socket$rds(0x15, 0x5, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0))
socket(0x10, 0x80000, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0xffffff14, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r9, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r7], 0x50}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="1400c9e4241d1b600947d2d6a9abc88b", @ANYRES32=0x0, @ANYRESOCT=r5, @ANYRES32=r9], 0x50}}, 0x0)
getsockname$packet(r8, &(0x7f0000000040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1b)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=ANY=[@ANYBLOB="2000000011000d04000000000800000000000000", @ANYRES32=r10], 0x20}, 0x1, 0x6}, 0x0)

2.835478324s ago: executing program 0 (id=797):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$inet(0x2, 0x6, 0x0)
shutdown(r2, 0x0)
recvmmsg(r2, &(0x7f00000066c0), 0x14, 0x0, 0x0)

2.316796308s ago: executing program 2 (id=799):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x8})
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000001f0000540000000e0001006e657464657673696d0000000f0002"], 0x34}}, 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, r3, 0x1, 0x0, 0x0, {0x54}}, 0x14}}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000004a00000008000300038000000e0001006e657464657673696d0018000f0002006e65746465767b696d300000"], 0x3c}}, 0x0)
r11 = dup(r8)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58b04"])
r12 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x149a82, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r13 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r13)
sendfile(r12, r12, 0x0, 0x9afe)
llistxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=""/146, 0x92)

1.916865478s ago: executing program 2 (id=800):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000001140)={0x10, 0x0, 0x25dfdbfd, 0x100000}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x4}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9e70617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501aed8d72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r4, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000040)="76389e147583ddd0569ba56a655855", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)={0x2c, 0x0, 0x1, 0x0, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_PHYADDR={0x0, 0x3, 0xf8}]}, 0xe}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000580)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @val={0x4, 0x6, {0x9, 0x10, 0xffff, 0xa}}, @void, @void, @void, @void}, 0x3e)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x24}]}, @void}, 0x27)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x44000, 0xc100}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x84}, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400"/20], 0x14}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00'})
sendmmsg(r0, &(0x7f0000000b80), 0x3, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000024007b560000000000400000ac8fa3"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)

1.863819272s ago: executing program 1 (id=801):
mkdir(&(0x7f0000000380)='./file0\x00', 0xc1)
r0 = eventfd2(0x0, 0x0)
io_setup(0x4, &(0x7f0000000000)=<r1=>0x0)
socket(0x10, 0x803, 0x0)
r2 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=ANY=[@ANYRESHEX=0x0, @ANYRES32=r1, @ANYRES32=r3], 0x54}}, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs2/custom1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000600)=[@request_death={0x40086303, 0x25000000}], 0x0, 0x0, 0x0})
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x3}])
mmap(&(0x7f000028e000/0x2000)=nil, 0x2000, 0x4000006, 0x40010, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb4de7b7960000000000000c0000e90b00000082"], &(0x7f0000000f40)=""/4089, 0x26, 0xff9, 0x1001}, 0x20)
socket$igmp6(0xa, 0x3, 0x2)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000080)=0x3)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0xd, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000300"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, <r10=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xb, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, 0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r10, r9}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xb, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x27, r10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x101}, 0xf2)
write$nci(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="33020001"], 0x4)

1.746983151s ago: executing program 0 (id=802):
mount$fuse(0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC, @ANYBLOB=',group_id=', @ANYRESDEC, @ANYBLOB=',default_permissions,blksize=0x0000000000000400'])
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="04300300c9008cba4dffaa0a52c0186ef28359af281f3a6bfde3a6ee0de9ddee0bf7da43aebf706b3329b0a564835713c2de78691734f5b9ada875d8facbcb611c220f4296a197c00dc7780e18d276969228dd91f813fda5cbc6adcfdd40386249f98919c934448632816bbc251be47d7af97966b4a96a6a8b7f211d8e29678fe8216eb9b30f4fa5856c0371b3c31559e07c414833"], 0x6)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c8001e794e4cee84d39856f4752833767be125637ee49dc79a52f2f9465718460cd05feda51bbf4206b5e7325945e5f819bbace34f7d33b43908e14fa05a0f06d9dccb7f0580fe9d42d7bf6530f1a2d22cfd5396c3c67afcdc34613911e96affd46ebd4aa6c60ca02f7648783a10deccc27340c4f24ed37dd6563758d14f732e63a853a4c71c356a6309a485ed"], 0x22)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="89070404", 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x74, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x140, 0x16, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x94, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14}, {0x14, 0x1, 'geneve0\x00'}, {0x14, 0x1, 'veth0_virt_wifi\x00'}, {0x14, 0x1, 'team0\x00'}, {0x14, 0x1, 'pimreg\x00'}, {0x14, 0x1, 'nr0\x00'}, {0x14, 0x1, 'ip6gre0\x00'}]}]}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0x58, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1000}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x617}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14}}, 0x168}, 0x1, 0x0, 0x0, 0x804}, 0x0)
ppoll(&(0x7f0000000100)=[{r4}], 0x1, &(0x7f0000000140), 0x0, 0x0)
syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = io_uring_setup(0x15ae, &(0x7f0000000080))
r8 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x121301, 0x0)
write$dsp(r8, &(0x7f0000000300)="90", 0x1)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="043e1f0a00c90001"], 0x22)
socket$key(0xf, 0x3, 0x2)
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.627114585s ago: executing program 1 (id=803):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x4e20, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
sendmmsg$inet(r1, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a40)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23", 0x88}, {&(0x7f0000000d40)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100", 0x3d}], 0x2}}], 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x4d, 0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
ioctl$TUNDETACHFILTER(r2, 0x541b, 0x1000000000000)
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f00000001c0)={'icmp\x00'}, &(0x7f0000000200)=0x1e)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'veth1_vlan\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x2c}})
socket(0xa, 0x3, 0x3a)
getsockopt$MRT6(0xffffffffffffffff, 0x29, 0xce, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
process_vm_readv(r3, &(0x7f0000000080)=[{&(0x7f0000000000)=""/88, 0x58}], 0xd, &(0x7f0000000140)=[{&(0x7f0000002280)=""/4096, 0x1000}], 0x1, 0x0)
syz_emit_vhci(&(0x7f0000005e00)=ANY=[@ANYBLOB="040e9c6e230c"], 0xa)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000001180)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000400)='vlan1\x00', 0x10)

1.337331006s ago: executing program 3 (id=804):
keyctl$read(0x1e, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000080)="0f0f2d9a0f201166b91b0b000066b8ce00000066ba000000000f309ab8373301b8d0000f00d8660f38826309ba4200edbaf80c66b81ced3c8366efbafc0cb80b41ef66b84f02e7140f23d80f21f86635c00000200f23f8d0c0", 0x59}], 0x1, 0x44, &(0x7f0000000140)=[@efer={0x2, 0x501}, @dstype0={0x6, 0x9}], 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r3, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev}}, 0x1e)
connect$pptp(r3, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast2}}, 0x1e)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000380)={0x3, 0x0, [{0x992, 0x0, 0x1}, {0x8ca, 0x0, 0x1}, {0xc0010020, 0x0, 0x7}]})
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
writev(r4, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

1.163390412s ago: executing program 1 (id=805):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000240)='syzkaller\x00', 0x7fb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
r4 = landlock_create_ruleset(&(0x7f00000002c0)={0x40, 0x1}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r4, 0x1, &(0x7f0000000300)={0x1460, r0}, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="cf0000000000fddbdf251200000008000300", @ANYRES32=r3, @ANYBLOB="06001a0102"], 0x44}}, 0x0)
socket$rds(0x15, 0x5, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0))
socket(0x10, 0x80000, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0xffffff14, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r9, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r7], 0x50}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="1400c9e4241d1b600947d2d6a9abc88b", @ANYRES32=0x0, @ANYRESOCT=r5, @ANYRES32=r9], 0x50}}, 0x0)
getsockname$packet(r8, &(0x7f0000000040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1b)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=ANY=[@ANYBLOB="2000000011000d04000000000800000000000000", @ANYRES32=r10], 0x20}, 0x1, 0x6}, 0x0)

1.13534277s ago: executing program 2 (id=806):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioperm(0x7f, 0x5, 0x84)
fremovexattr(0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
lseek(r2, 0xfffffffffffffc01, 0x0)
pipe2$watch_queue(&(0x7f0000000340)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
ioctl$VIDIOC_S_SELECTION(r2, 0xc040565f, &(0x7f0000000300)={0x8, 0x1, 0x0, {0x5, 0x1, 0x9, 0x4}})
userfaultfd(0x80001)
close(0xffffffffffffffff)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x7ffffffff000)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x21, &(0x7f0000000040)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xcb, &(0x7f00000004c0)=""/203, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f0000000000)={0x0, 0xfffffffc}, 0x8, 0x10, &(0x7f0000000000)={0xfffffffe}, 0x10}, 0x90)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x0, 0x0, 0x100000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000900000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000cd4b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000900)='kmem_cache_free\x00', r6}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$tipc(r7, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000000480)=[{&(0x7f00000003c0)="3db2ba93c95ebc2d16561814b0951d61816fb0fdad3e1c0b70cbb1cc1555811ef1945bf32ac4b7a6c8f6c6ca2b5eec0537be46fc3cd6bd8115bcf2d1a98d0857a95f30e4efdeeed626c1a2e4703ea3682b1d73788684561976becd6674dfd38cd353c996a826347bf7ebda1f1b9f2d246f54b1d1eb5f4341e6ed600ec47279ab0ac7f248b33d1b3d2e5512e2769a0f4650a35a524af4b13da1c2829bb2", 0x9d}, {&(0x7f0000000280)="69122779dd7a07b17d5ab6fc676b02438effa1de1a95011c1f1017a9b991d3f17135f296aa79", 0x26}], 0x2}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='kmem_cache_free\x00'}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))

1.047190176s ago: executing program 1 (id=807):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x2c, 0x4, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1.046716645s ago: executing program 1 (id=808):
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001439)
close(r0)

1.030813561s ago: executing program 1 (id=809):
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
syz_open_dev$vim2m(&(0x7f0000000000), 0xa4, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
socket$l2tp(0x2, 0x2, 0x73)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000340)={{0x7, 0x8000}, 0x100, './file0\x00'})
syz_init_net_socket$ax25(0x3, 0x3, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$sr(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x5392, &(0x7f0000001500)=ANY=[@ANYRES16])
mount$fuse(0x0, 0x0, 0x0, 0x2840000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000007112370000000000950000000000000089e2d90aa1795cc26efb1dacf01150510936875c66d6a7d6eb12d4cdbc5c0ce0d29df91940d8ca08008e7aa5b3c9a10909d6e18b263131bf965f55746df5189a2e23905ae4dc5340e0eb74eb523d5b77a763cccb768b4453c8b1b1dd0a71983b5c2cfe11f3d30228772b0b798ebaf5abde2ce3ec34f8c6f13ee1f181ac563ba7a7edc9be94452da6d7eb67ae3243cb393245efd0dd21de9553cbd1a8516282de458c44d1ddae97af584de743d44ed18d20dd3b2c42cf1e8b27788dfc562367d46197198cd19fda89a6feca6c738b1d4b2522"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1c}, 0x90)
r2 = syz_usb_connect(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f010400000009058303"], 0x0)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000080)=0xb309)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2, 0xd, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}]}, 0x38}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r2, 0x83, 0x8, &(0x7f0000000080)=ANY=[])
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-intel\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
recvmsg$can_bcm(r5, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
r6 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCSFF(r6, 0x40304580, &(0x7f0000000300)={0x50, 0xffff, 0x0, {}, {}, @period={0x58, 0xfff8, 0x6, 0x7fff, 0x0, {0x89, 0x4, 0x2, 0x1000}, 0x8, &(0x7f0000000100)=[0x1000, 0x9, 0x7f, 0x7, 0xfff6, 0x0, 0x7, 0xb5]}})

736.567668ms ago: executing program 0 (id=810):
r0 = socket$inet(0x2, 0x3, 0x4)
r1 = socket(0x10, 0x3, 0x0)
getsockname(0xffffffffffffffff, 0x0, &(0x7f0000000140))
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x0, 0x0}, 0x10)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x9}, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, {0x0, 0x1}}}}]}, 0x78}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="b7050000000000006110480000000000dc0500002000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9805837203000000000000c2d182c7a3221481f5009edaf5f5ac058299e10e790a198f42a715b99fb3d2a73dd025848710155ad1efd7d991408000000000000085a0db0401fa29e075b7ab0408a0d8cfceeb23465bb027ee1151c02af21d8f9aa57e673a6724441d08087aff070eda8afef22b3a806c8226f5a2886c93bd29b37252ba4a6e9cc5f69e75680c431aa855e487ae513abd6c4ee973fce29a26018ed5e0780f8778a602a3533a3dac7da4fe491edf3abfa7bf871c58848ac46ada6776bd9b85df01e626026a59ddfa7a9c879acbfb0bf426785dec7d8611dc850df49ed8633bdb83dd505fb20649f53841a0e200c91f5bf1bb246ed87efc7b6f8859d029c8376ca19265e281fea0a6fd2222f8850c8445758503ede0ce1b3f73ecd8989e8c53c5e679b13802bddf80f3b1d07d6d68bfa12ab34697d40ac1150a842f8bb381344b994c19642a10eb30845a993daaa8bd4aebc595475feb3475d8e802498382e73edb98fcf2df96ab3c870490c4030b34c27a2f7fcd66ddde687c1255d0779ffec72ada8598e222d66bc90dacf240fe12755f780048804400f49d77b81534a8f1b0de80c49c7d9c87888801d819daaddb0c57513fdf7d0e942a799143dccc213cac7e8092d691a7894678472ba1970b4d6e393158dafeebae0a9d89e6e639115ddc7b54139b5b47f3d583c16b4d2da0a5c7b5ea751d03cc71fdd61140d66ff1ccfcbe83e40156854900"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xc3, &(0x7f0000000300)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c10"], 0x4c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000340)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r6, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r7, @ANYBLOB="25003300d0000000080211000001080211000000505050505050000003"], 0x44}}, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

676.74254ms ago: executing program 0 (id=811):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x4e20, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
sendmmsg$inet(r1, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a40)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23", 0x88}, {&(0x7f0000000d40)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100", 0x3d}], 0x2}}], 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x4d, 0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
ioctl$TUNDETACHFILTER(r2, 0x541b, 0x1000000000000)
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f00000001c0)={'icmp\x00'}, &(0x7f0000000200)=0x1e)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'veth1_vlan\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x2c, 0x2}})
socket(0x0, 0x3, 0x3a)
getsockopt$MRT6(0xffffffffffffffff, 0x29, 0xce, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
process_vm_readv(r3, &(0x7f0000000080)=[{&(0x7f0000000000)=""/88, 0x58}], 0xd, &(0x7f0000000140)=[{&(0x7f0000002280)=""/4096, 0x1000}], 0x1, 0x0)
syz_emit_vhci(&(0x7f0000005e00)=ANY=[@ANYBLOB="040e9c6e230c"], 0xa)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000001180)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000400)='vlan1\x00', 0x10)

676.450112ms ago: executing program 3 (id=812):
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0xaef, 0x0}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", "05e2e505", "12000700"}, 0x38)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0xd7)

609.724009ms ago: executing program 3 (id=813):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000180)={{}, 'syz1\x00', 0x3e})
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x51)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = syz_open_dev$evdev(&(0x7f00000003c0), 0x40, 0xc0001)
ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f0000000000)={0x51, 0x0, 0x0, {}, {}, @cond=[{0x0, 0x0, 0x0, 0x2806}]})
shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil)
syz_extract_tcp_res(&(0x7f0000000500), 0x7fff, 0x1)
syz_extract_tcp_res(&(0x7f00000000c0)={<r2=>0x41424344, <r3=>0x41424344}, 0x0, 0x4)
syz_emit_ethernet(0x42, &(0x7f0000000140)=ANY=[@ANYRESDEC=r2, @ANYRES32=0x41424344, @ANYRES32=r3, @ANYBLOB="0800000090780000080a00000000000008b20000"], 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e08000c08"], 0xb)
syz_io_uring_setup(0x3029, &(0x7f0000000340)={0x0, 0xca0b, 0x400, 0xfffffffe, 0x27}, &(0x7f0000000200), &(0x7f0000000240))
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="04020f01ffcfd0e859ae09005d62ffffff0100090203b9afd80200"], 0x12)
pipe2(0x0, 0x0)
mknod(&(0x7f0000000080)='./bus\x00', 0x0, 0x40001f)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xd)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
preadv(r4, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x20000)
ioctl$CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, &(0x7f00000000c0)={"fbffffff", 0x0, 0x6, 0x2, 0x0, 0x0, "000000ff00070000000900", '\x00', "05030400", "e859ad33", ['\x00', "00000008000906000000da00", "0c000004dd372a9000"]})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040efaff0520"], 0x7)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x83, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)

537.275775ms ago: executing program 2 (id=814):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x4e20, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
sendmmsg$inet(r1, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a40)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23", 0x88}, {&(0x7f0000000d40)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100", 0x3d}], 0x2}}], 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x4d, 0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
ioctl$TUNDETACHFILTER(r2, 0x541b, 0x1000000000000)
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f00000001c0)={'icmp\x00'}, &(0x7f0000000200)=0x1e)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'veth1_vlan\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x2c}})

436.718718ms ago: executing program 2 (id=815):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000001140)={0x10, 0x0, 0x25dfdbfd, 0x100000}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x4}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9e70617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501aed8d72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r4, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000040)="76389e147583ddd0569ba56a655855", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)={0x2c, 0x0, 0x1, 0x0, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_PHYADDR={0x0, 0x3, 0xf8}]}, 0xe}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000580)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @val={0x4, 0x6, {0x9, 0x10, 0xffff, 0xa}}, @void, @void, @void, @void}, 0x3e)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x24}]}, @void}, 0x27)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x44000, 0xc100}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x84}, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400"/20], 0x14}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00'})
sendmmsg(r0, &(0x7f0000000b80), 0x3, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000024007b560000000000400000ac8fa3"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)

0s ago: executing program 0 (id=816):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000240)='syzkaller\x00', 0x7fb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
r4 = landlock_create_ruleset(&(0x7f00000002c0)={0x40, 0x1}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r4, 0x1, &(0x7f0000000300)={0x1460, r0}, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="cf0000000000fddbdf251200000008000300", @ANYRES32=r3, @ANYBLOB="06001a0102"], 0x44}}, 0x0)
socket$rds(0x15, 0x5, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0))
socket(0x10, 0x80000, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0xffffff14, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r9, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r7], 0x50}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="1400c9e4241d1b600947d2d6a9abc88b", @ANYRES32=0x0, @ANYRESOCT=r5, @ANYRES32=r9], 0x50}}, 0x0)
getsockname$packet(r8, &(0x7f0000000040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1b)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=ANY=[@ANYBLOB="2000000011000d04000000000800000000000000", @ANYRES32=r10], 0x20}, 0x1, 0x6}, 0x0)

kernel console output (not intermixed with test programs):

s an active interface with an up link
[  110.878830][ T4284] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.990198][ T6176] team0: Port device team_slave_0 added
[  110.997440][ T6176] team0: Port device team_slave_1 added
[  111.013322][ T4640] Bluetooth: hci2: unexpected event 0x04 length: 11 > 10
[  111.013348][ T4640] Bluetooth: unknown link type 5
[  111.017808][   T40] audit: type=1400 audit(1721435657.665:791): avc:  denied  { create } for  pid=6224 comm="syz.0.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  111.026928][ T4640] Bluetooth: hci2: connection err: -111
[  111.112547][ T6176] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.116277][ T6176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.135544][ T6176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.151886][ T6176] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.159879][ T6176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.173871][ T6176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.343666][ T6176] hsr_slave_0: entered promiscuous mode
[  111.352957][ T6176] hsr_slave_1: entered promiscuous mode
[  111.356204][ T6176] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  111.360729][ T6176] Cannot create hsr debugfs directory
[  111.361564][   T40] audit: type=1400 audit(1721435658.005:792): avc:  denied  { search } for  pid=4678 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  111.411637][    C0] vkms_vblank_simulate: vblank timer overrun
[  111.447296][ T5214] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  111.531329][ T4284] bridge0: port 3(team0) entered disabled state
[  111.552782][ T4284] bridge_slave_1: left allmulticast mode
[  111.555786][ T4284] bridge_slave_1: left promiscuous mode
[  111.560635][ T4284] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.570079][ T4284] bridge_slave_0: left allmulticast mode
[  111.573527][  T291] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  111.573907][ T4284] bridge_slave_0: left promiscuous mode
[  111.601312][    C0] vkms_vblank_simulate: vblank timer overrun
[  111.613681][ T4284] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.817320][ T6234] netlink: 4 bytes leftover after parsing attributes in process `syz.2.296'.
[  111.889554][  T291] usb 6-1: Using ep0 maxpacket: 32
[  111.898364][  T291] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  111.903481][  T291] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  111.914276][  T291] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  111.919993][  T291] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.942795][  T291] usb 6-1: config 0 descriptor??
[  112.111916][ T4284] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.123017][ T4284] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.129915][ T4284] bond0 (unregistering): Released all slaves
[  112.167428][ T5214] Bluetooth: hci4: command tx timeout
[  112.187031][  T291] usb 6-1: string descriptor 0 read error: -71
[  112.191413][  T291] hub 6-1:0.0: bad descriptor, ignoring hub
[  112.194332][  T291] hub 6-1:0.0: probe with driver hub failed with error -5
[  112.200243][  T291] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  112.234781][  T291] usb 6-1: USB disconnect, device number 4
[  112.267251][ T6245] netlink: 'syz.0.298': attribute type 21 has an invalid length.
[  112.272009][ T6245] netlink: 132 bytes leftover after parsing attributes in process `syz.0.298'.
[  112.276355][ T6245] netlink: 28 bytes leftover after parsing attributes in process `syz.0.298'.
[  112.321277][   T40] audit: type=1400 audit(1721435658.965:793): avc:  denied  { search } for  pid=4916 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  112.337477][   T40] audit: type=1400 audit(1721435658.965:794): avc:  denied  { read } for  pid=4916 comm="dhcpcd" name="n71" dev="tmpfs" ino=2681 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  112.350067][   T40] audit: type=1400 audit(1721435658.965:795): avc:  denied  { open } for  pid=4916 comm="dhcpcd" path="/run/udev/data/n71" dev="tmpfs" ino=2681 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  112.366753][   T40] audit: type=1400 audit(1721435658.965:796): avc:  denied  { getattr } for  pid=4916 comm="dhcpcd" path="/run/udev/data/n71" dev="tmpfs" ino=2681 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  112.384966][   T40] audit: type=1326 audit(1721435658.995:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6244 comm="syz.0.298" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee19775b59 code=0x7ffc0000
[  112.397560][   T40] audit: type=1326 audit(1721435658.995:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6244 comm="syz.0.298" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee19775b59 code=0x7ffc0000
[  112.420811][   T40] audit: type=1326 audit(1721435658.995:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6244 comm="syz.0.298" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fee19775b59 code=0x7ffc0000
[  112.732186][ T4284] hsr_slave_0: left promiscuous mode
[  112.761211][ T4284] hsr_slave_1: left promiscuous mode
[  112.790979][ T4284] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.797785][ T4284] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.810983][ T4284] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.815754][ T4284] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.907606][ T4284] veth1_macvtap: left promiscuous mode
[  112.910631][ T4284] veth0_macvtap: left promiscuous mode
[  112.913368][ T4284] veth1_vlan: left promiscuous mode
[  112.916459][ T4284] veth0_vlan: left promiscuous mode
[  114.049902][ T4284] team_slave_1 (unregistering): left promiscuous mode
[  114.055544][ T4284] team_slave_1 (unregistering): left allmulticast mode
[  114.064761][ T4284] team0 (unregistering): Port device team_slave_1 removed
[  114.140363][ T4284] team_slave_0 (unregistering): left promiscuous mode
[  114.143474][ T4284] team_slave_0 (unregistering): left allmulticast mode
[  114.150182][ T4284] team0 (unregistering): Port device team_slave_0 removed
[  114.248597][ T5214] Bluetooth: hci4: command tx timeout
[  115.056689][ T6308] netlink: 'syz.2.311': attribute type 21 has an invalid length.
[  115.062947][ T6308] netlink: 132 bytes leftover after parsing attributes in process `syz.2.311'.
[  115.066846][ T6308] netlink: 28 bytes leftover after parsing attributes in process `syz.2.311'.
[  115.080856][   T40] kauditd_printk_skb: 55 callbacks suppressed
[  115.080869][   T40] audit: type=1326 audit(1721435661.725:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.097511][   T40] audit: type=1326 audit(1721435661.735:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.110710][   T40] audit: type=1326 audit(1721435661.735:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.125523][   T40] audit: type=1326 audit(1721435661.735:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.135949][   T40] audit: type=1326 audit(1721435661.735:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.146801][   T40] audit: type=1326 audit(1721435661.735:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.161048][   T40] audit: type=1326 audit(1721435661.735:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.174382][   T40] audit: type=1326 audit(1721435661.735:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.187327][   T40] audit: type=1326 audit(1721435661.735:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.199088][   T40] audit: type=1326 audit(1721435661.735:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.2.311" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  115.228830][   T58] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  115.270136][ T6176] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  115.281107][ T6176] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  115.289615][ T6176] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  115.311826][ T6176] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  115.361864][ T4284] IPVS: stop unused estimator thread 0...
[  115.427680][   T58] usb 5-1: Using ep0 maxpacket: 32
[  115.433814][   T58] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  115.440979][ T6176] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.444980][   T58] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  115.450968][   T58] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  115.455413][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.463718][ T6176] 8021q: adding VLAN 0 to HW filter on device team0
[  115.476676][   T58] usb 5-1: config 0 descriptor??
[  115.476790][ T1278] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.483087][ T1278] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.509146][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.513762][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.726243][ T6176] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.775935][ T6176] veth0_vlan: entered promiscuous mode
[  115.793160][ T6176] veth1_vlan: entered promiscuous mode
[  115.831999][   T58] usb 5-1: string descriptor 0 read error: -71
[  115.832785][ T6176] veth0_macvtap: entered promiscuous mode
[  115.835010][   T58] hub 5-1:0.0: bad descriptor, ignoring hub
[  115.842655][ T6176] veth1_macvtap: entered promiscuous mode
[  115.849584][   T58] hub 5-1:0.0: probe with driver hub failed with error -5
[  115.855262][   T58] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  115.865961][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.870636][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.874461][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.879573][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.883800][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.889683][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.896010][ T6176] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.907901][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.912406][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.918804][   T58] usb 5-1: USB disconnect, device number 7
[  115.935459][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.940568][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.958478][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.963012][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.970623][ T6176] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.004618][ T6176] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.011545][ T6176] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.016496][ T6176] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.021692][ T6176] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.087557][   T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.091806][   T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.125086][   T80] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.129588][   T80] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.329307][ T5214] Bluetooth: hci4: command tx timeout
[  116.709234][ T6376] netlink: 'syz.1.322': attribute type 21 has an invalid length.
[  116.712437][ T6376] netlink: 132 bytes leftover after parsing attributes in process `syz.1.322'.
[  116.716374][ T6376] netlink: 28 bytes leftover after parsing attributes in process `syz.1.322'.
[  116.857337][ T1278] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  117.048054][ T1278] usb 8-1: Using ep0 maxpacket: 16
[  117.056004][ T1278] usb 8-1: config 0 has no interfaces?
[  117.093945][ T1278] usb 8-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  117.106443][ T1278] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.127812][ T1278] usb 8-1: config 0 descriptor??
[  117.536701][ T6362] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  117.560907][ T6362] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  118.078352][ T6418] FAULT_INJECTION: forcing a failure.
[  118.078352][ T6418] name failslab, interval 1, probability 0, space 0, times 0
[  118.086163][ T6418] CPU: 0 PID: 6418 Comm: syz.0.335 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  118.093736][ T6418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.101138][ T6418] Call Trace:
[  118.103313][ T6418]  <TASK>
[  118.104606][ T6418]  dump_stack_lvl+0x16c/0x1f0
[  118.106545][ T6418]  should_fail_ex+0x497/0x5b0
[  118.108571][ T6418]  should_failslab+0x9/0x20
[  118.110695][ T6418]  __kmalloc_node_track_caller_noprof+0xcf/0x430
[  118.113552][ T6418]  ? key_alloc+0x441/0x13a0
[  118.115617][ T6418]  kmemdup_noprof+0x29/0x60
[  118.117682][ T6418]  key_alloc+0x441/0x13a0
[  118.120011][ T6418]  ? __pfx_key_alloc+0x10/0x10
[  118.122181][ T6418]  keyring_alloc+0x44/0xc0
[  118.124197][ T6418]  install_session_keyring_to_cred+0x190/0x230
[  118.127197][ T6418]  join_session_keyring+0x1b8/0x340
[  118.129792][ T6418]  lookup_user_key+0xe33/0x12f0
[  118.132616][ T6418]  ? find_held_lock+0x2d/0x110
[  118.135136][ T6418]  ? __pfx_lookup_user_key+0x10/0x10
[  118.137512][ T6418]  ? __pfx_lock_release+0x10/0x10
[  118.140038][ T6418]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  118.143191][ T6418]  __do_sys_add_key+0x25a/0x460
[  118.145321][ T6418]  ? __pfx___do_sys_add_key+0x10/0x10
[  118.148201][ T6418]  ? ksys_write+0x1ab/0x260
[  118.150286][ T6418]  do_syscall_64+0xcd/0x250
[  118.152340][ T6418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.154783][ T6418] RIP: 0033:0x7fee19775b59
[  118.156562][ T6418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.164086][ T6418] RSP: 002b:00007fee1a5cb048 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  118.168009][ T6418] RAX: ffffffffffffffda RBX: 00007fee19905f60 RCX: 00007fee19775b59
[  118.172148][ T6418] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000020000040
[  118.176254][ T6418] RBP: 00007fee1a5cb0a0 R08: fffffffffffffffd R09: 0000000000000000
[  118.180253][ T6418] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  118.184611][ T6418] R13: 000000000000000b R14: 00007fee19905f60 R15: 00007ffce4608258
[  118.188429][ T6418]  </TASK>
[  118.231443][ T6420] FAULT_INJECTION: forcing a failure.
[  118.231443][ T6420] name failslab, interval 1, probability 0, space 0, times 0
[  118.253169][ T6420] CPU: 1 PID: 6420 Comm: syz.0.336 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  118.257745][ T6420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.262051][ T6420] Call Trace:
[  118.269318][ T6420]  <TASK>
[  118.270508][ T6420]  dump_stack_lvl+0x16c/0x1f0
[  118.272436][ T6420]  should_fail_ex+0x497/0x5b0
[  118.274323][ T6420]  should_failslab+0x9/0x20
[  118.276493][ T6420]  kmem_cache_alloc_node_noprof+0x71/0x310
[  118.279120][ T6420]  ? __alloc_skb+0x2b1/0x380
[  118.281220][ T6420]  __alloc_skb+0x2b1/0x380
[  118.283303][ T6420]  ? __pfx___alloc_skb+0x10/0x10
[  118.285736][ T6420]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  118.289781][ T6420]  netlink_alloc_large_skb+0x69/0x130
[  118.293691][ T6420]  netlink_sendmsg+0x689/0xd70
[  118.295601][ T6420]  ? __pfx_netlink_sendmsg+0x10/0x10
[  118.298091][ T6420]  ? __import_iovec+0x1fd/0x6e0
[  118.300585][ T6420]  ____sys_sendmsg+0xab5/0xc90
[  118.302735][ T6420]  ? copy_msghdr_from_user+0x10b/0x160
[  118.305205][ T6420]  ? __pfx_____sys_sendmsg+0x10/0x10
[  118.307599][ T6420]  ? __lock_acquire+0x1620/0x3cb0
[  118.310249][ T6420]  ___sys_sendmsg+0x135/0x1e0
[  118.312729][ T6420]  ? __pfx____sys_sendmsg+0x10/0x10
[  118.315154][ T6420]  ? __pfx___might_resched+0x10/0x10
[  118.317455][ T6420]  ? __might_fault+0xe3/0x190
[  118.319558][ T6420]  __sys_sendmmsg+0x1a1/0x450
[  118.321650][ T6420]  ? __pfx___sys_sendmmsg+0x10/0x10
[  118.324109][ T6420]  ? vfs_write+0x14d/0x1140
[  118.326224][ T6420]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  118.328936][ T6420]  ? fput+0x32/0x390
[  118.330516][ T6420]  ? ksys_write+0x1ab/0x260
[  118.332336][ T6420]  ? __pfx_ksys_write+0x10/0x10
[  118.334285][ T6420]  __x64_sys_sendmmsg+0x9c/0x100
[  118.336279][ T6420]  ? lockdep_hardirqs_on+0x7c/0x110
[  118.338499][ T6420]  do_syscall_64+0xcd/0x250
[  118.340657][ T6420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.343068][ T6420] RIP: 0033:0x7fee19775b59
[  118.345125][ T6420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.353741][ T6420] RSP: 002b:00007fee1a5cb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  118.357220][ T6420] RAX: ffffffffffffffda RBX: 00007fee19905f60 RCX: 00007fee19775b59
[  118.360703][ T6420] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  118.364258][ T6420] RBP: 00007fee1a5cb0a0 R08: 0000000000000000 R09: 0000000000000000
[  118.367594][ T6420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.371314][ T6420] R13: 000000000000000b R14: 00007fee19905f60 R15: 00007ffce4608258
[  118.375116][ T6420]  </TASK>
[  118.407479][ T5214] Bluetooth: hci4: command tx timeout
[  118.771824][ T6428] netlink: 'syz.1.339': attribute type 21 has an invalid length.
[  118.775331][ T6428] netlink: 132 bytes leftover after parsing attributes in process `syz.1.339'.
[  118.782461][ T6428] netlink: 28 bytes leftover after parsing attributes in process `syz.1.339'.
[  118.873147][ T6434] fuse: Bad value for 'fd'
[  119.093443][ T6442] autofs: Bad value for 'fd'
[  119.254297][  T827] usb 8-1: USB disconnect, device number 3
[  119.632110][ T5214] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  119.636613][ T5214] CPU: 3 PID: 5214 Comm: kworker/u33:2 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  119.640940][ T5214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.645644][ T5214] Workqueue: hci4 hci_rx_work
[  119.647832][ T5214] Call Trace:
[  119.649363][ T5214]  <TASK>
[  119.650700][ T5214]  dump_stack_lvl+0x16c/0x1f0
[  119.652875][ T5214]  sysfs_warn_dup+0x7f/0xa0
[  119.655040][ T5214]  sysfs_create_dir_ns+0x24d/0x2b0
[  119.657339][ T5214]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  119.659855][ T5214]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  119.662137][ T5214]  ? do_raw_spin_unlock+0x172/0x230
[  119.664553][ T5214]  kobject_add_internal+0x2c8/0x990
[  119.667173][ T5214]  kobject_add+0x16f/0x240
[  119.669023][ T5214]  ? __pfx_kobject_add+0x10/0x10
[  119.671053][ T5214]  ? do_raw_spin_unlock+0x172/0x230
[  119.673182][ T5214]  ? kobject_put+0xbe/0x5b0
[  119.675058][ T5214]  device_add+0x289/0x1a70
[  119.677538][ T5214]  ? __pfx_dev_set_name+0x10/0x10
[  119.680513][ T5214]  ? __pfx_device_add+0x10/0x10
[  119.683690][ T5214]  ? mgmt_send_event_skb+0x2f2/0x460
[  119.686385][ T5214]  hci_conn_add_sysfs+0x17e/0x230
[  119.688905][ T5214]  le_conn_complete_evt+0x1078/0x1d80
[  119.691780][ T5214]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  119.694698][ T5214]  ? trace_contention_end+0xea/0x140
[  119.697525][ T5214]  ? __mutex_lock+0x1a6/0x9c0
[  119.700173][ T5214]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  119.702983][ T5214]  ? skb_pull_data+0x166/0x210
[  119.705258][ T5214]  hci_le_meta_evt+0x2e2/0x5d0
[  119.707374][ T5214]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  119.710194][ T5214]  hci_event_packet+0x666/0x1180
[  119.712490][ T5214]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  119.714950][ T5214]  ? __pfx_hci_event_packet+0x10/0x10
[  119.717423][ T5214]  ? mark_held_locks+0x9f/0xe0
[  119.719581][ T5214]  ? kcov_remote_start+0x3d1/0x6e0
[  119.722372][ T5214]  ? lockdep_hardirqs_on+0x7c/0x110
[  119.725138][ T5214]  hci_rx_work+0x2c6/0x1610
[  119.727558][ T5214]  process_one_work+0x9c5/0x1b40
[  119.730209][ T5214]  ? __pfx_lock_acquire+0x10/0x10
[  119.732898][ T5214]  ? __pfx_process_one_work+0x10/0x10
[  119.735804][ T5214]  ? assign_work+0x1a0/0x250
[  119.738216][ T5214]  worker_thread+0x6c8/0xf20
[  119.740680][ T5214]  ? __kthread_parkme+0x148/0x220
[  119.743873][ T5214]  ? __pfx_worker_thread+0x10/0x10
[  119.747206][ T5214]  kthread+0x2c1/0x3a0
[  119.749907][ T5214]  ? _raw_spin_unlock_irq+0x23/0x50
[  119.753257][ T5214]  ? __pfx_kthread+0x10/0x10
[  119.756298][ T5214]  ret_from_fork+0x45/0x80
[  119.759267][ T5214]  ? __pfx_kthread+0x10/0x10
[  119.762298][ T5214]  ret_from_fork_asm+0x1a/0x30
[  119.765461][ T5214]  </TASK>
[  119.768372][ T5214] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  119.778045][ T5214] Bluetooth: hci4: failed to register connection device
[  120.224023][ T6464] fuse: Bad value for 'fd'
[  120.361759][ T6471] autofs: Bad value for 'fd'
[  120.646481][ T6481] netlink: 'syz.1.357': attribute type 21 has an invalid length.
[  120.653329][ T6481] netlink: 132 bytes leftover after parsing attributes in process `syz.1.357'.
[  120.658775][ T6481] netlink: 28 bytes leftover after parsing attributes in process `syz.1.357'.
[  120.746822][   T40] kauditd_printk_skb: 156 callbacks suppressed
[  120.746837][   T40] audit: type=1326 audit(1721435667.395:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  120.765309][   T40] audit: type=1326 audit(1721435667.395:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  120.776262][   T40] audit: type=1326 audit(1721435667.395:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  120.791666][   T40] audit: type=1326 audit(1721435667.395:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  120.802039][   T40] audit: type=1326 audit(1721435667.395:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  120.812942][   T40] audit: type=1326 audit(1721435667.395:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  120.830852][   T40] audit: type=1326 audit(1721435667.395:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  120.843439][   T40] audit: type=1326 audit(1721435667.395:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  120.858390][   T40] audit: type=1326 audit(1721435667.395:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  120.872068][   T40] audit: type=1326 audit(1721435667.395:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.1.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  121.153071][ T6494] netlink: 16 bytes leftover after parsing attributes in process `syz.3.360'.
[  123.787278][   T59] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  123.902128][ T6538] netlink: 4 bytes leftover after parsing attributes in process `syz.3.368'.
[  123.988531][   T59] usb 5-1: Using ep0 maxpacket: 32
[  124.000521][   T59] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  124.005101][   T59] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  124.017195][   T59] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  124.021187][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.041861][   T59] usb 5-1: config 0 descriptor??
[  124.193493][ T5214] Bluetooth: hci4: unexpected event for opcode 0x0c23
[  124.436276][   T59] usb 5-1: string descriptor 0 read error: -71
[  124.440128][   T59] hub 5-1:0.0: bad descriptor, ignoring hub
[  124.443393][   T59] hub 5-1:0.0: probe with driver hub failed with error -5
[  124.448618][   T59] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  124.497630][   T59] usb 5-1: USB disconnect, device number 8
[  124.618106][  T751] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  124.801450][  T751] usb 7-1: Using ep0 maxpacket: 8
[  124.805641][  T751] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  124.817552][  T751] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  124.832216][  T751] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  124.842940][  T751] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  124.854250][  T751] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  124.865046][  T751] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.889930][  T751] hub 7-1:1.0: bad descriptor, ignoring hub
[  124.892347][  T751] hub 7-1:1.0: probe with driver hub failed with error -5
[  124.901703][  T751] cdc_wdm 7-1:1.0: skipping garbage
[  124.903882][  T751] cdc_wdm 7-1:1.0: skipping garbage
[  124.918547][  T751] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  124.920965][  T751] cdc_wdm 7-1:1.0: Unknown control protocol
[  124.933470][   T58] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  124.952040][ T6564] FAULT_INJECTION: forcing a failure.
[  124.952040][ T6564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.964368][ T6564] CPU: 0 PID: 6564 Comm: syz.0.375 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  124.969664][ T6564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  124.974750][ T6564] Call Trace:
[  124.976582][ T6564]  <TASK>
[  124.977847][ T6564]  dump_stack_lvl+0x16c/0x1f0
[  124.979883][ T6564]  should_fail_ex+0x497/0x5b0
[  124.982047][ T6564]  _copy_from_user+0x30/0xf0
[  124.984149][ T6564]  copy_from_sockptr_offset+0x166/0x1a0
[  124.986646][ T6564]  ? __pfx_copy_from_sockptr_offset+0x10/0x10
[  124.989327][ T6564]  do_tcp_getsockopt+0x17a1/0x2970
[  124.991981][ T6564]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  124.994793][ T6564]  ? mark_lock+0xb5/0xc60
[  124.997151][ T6564]  ? __pfx___lock_acquire+0x10/0x10
[  125.000324][ T6564]  ? hlock_class+0x4e/0x130
[  125.002815][ T6564]  ? __pfx_mark_lock+0x10/0x10
[  125.005494][ T6564]  ? avc_has_perm_noaudit+0x119/0x3a0
[  125.008142][ T6564]  ? __pfx_lock_release+0x10/0x10
[  125.010967][ T6564]  ? __pfx_mark_lock+0x10/0x10
[  125.013140][ T6564]  ? __lock_acquire+0xbdd/0x3cb0
[  125.015722][ T6564]  ? avc_has_perm_noaudit+0x143/0x3a0
[  125.018287][ T6564]  ? avc_has_perm+0x11b/0x1c0
[  125.020478][ T6564]  ? __pfx_avc_has_perm+0x10/0x10
[  125.022765][ T6564]  ? __lock_acquire+0xbdd/0x3cb0
[  125.025189][ T6564]  ? sock_has_perm+0x25a/0x2f0
[  125.027482][ T6564]  ? __pfx_sock_has_perm+0x10/0x10
[  125.029969][ T6564]  ? find_held_lock+0x2d/0x110
[  125.032188][ T6564]  tcp_getsockopt+0xdf/0x100
[  125.034386][ T6564]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  125.037257][ T6564]  do_sock_getsockopt+0x2e5/0x760
[  125.039613][ T6564]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  125.042183][ T6564]  ? __fget_files+0x256/0x400
[  125.044317][ T6564]  ? __fget_light+0x173/0x210
[  125.046878][ T6564]  __sys_getsockopt+0x1a1/0x270
[  125.051879][ T6564]  ? __pfx___sys_getsockopt+0x10/0x10
[  125.055302][ T6564]  ? fput+0x32/0x390
[  125.058006][ T6564]  ? ksys_write+0x1ab/0x260
[  125.060891][ T6564]  ? __pfx_ksys_write+0x10/0x10
[  125.063959][ T6564]  __x64_sys_getsockopt+0xbd/0x160
[  125.067004][ T6564]  ? do_syscall_64+0x91/0x250
[  125.070026][ T6564]  ? lockdep_hardirqs_on+0x7c/0x110
[  125.073341][ T6564]  do_syscall_64+0xcd/0x250
[  125.076209][ T6564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.079945][ T6564] RIP: 0033:0x7fee19775b59
[  125.082778][ T6564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.094692][ T6564] RSP: 002b:00007fee1a5cb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  125.099230][ T6564] RAX: ffffffffffffffda RBX: 00007fee19905f60 RCX: 00007fee19775b59
[  125.103667][ T6564] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000004
[  125.107226][ T6564] RBP: 00007fee1a5cb0a0 R08: 0000000020000280 R09: 0000000000000000
[  125.110744][ T6564] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001
[  125.115262][ T6564] R13: 000000000000000b R14: 00007fee19905f60 R15: 00007ffce4608258
[  125.120102][ T6564]  </TASK>
[  125.233175][   T58] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  125.240563][   T58] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  125.246047][   T58] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  125.261566][   T58] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  125.268824][   T58] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.272900][   T58] usb 6-1: Product: syz
[  125.275097][   T58] usb 6-1: Manufacturer: syz
[  125.285604][ T6568] netlink: 'syz.0.377': attribute type 21 has an invalid length.
[  125.289364][   T58] usb 6-1: SerialNumber: syz
[  125.290042][ T6568] netlink: 132 bytes leftover after parsing attributes in process `syz.0.377'.
[  125.290083][ T6568] netlink: 28 bytes leftover after parsing attributes in process `syz.0.377'.
[  125.462844][ T6571] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  125.789970][ T4640] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  127.895454][   T40] kauditd_printk_skb: 100 callbacks suppressed
[  127.895470][   T40] audit: type=1400 audit(1721435674.535:1131): avc:  denied  { write } for  pid=6597 comm="syz.3.386" path="socket:[18455]" dev="sockfs" ino=18455 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  127.909836][   T40] audit: type=1400 audit(1721435674.545:1132): avc:  denied  { read } for  pid=6597 comm="syz.3.386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  127.920301][   T35] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  128.117644][   T35] usb 5-1: Using ep0 maxpacket: 32
[  128.130549][   T35] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  128.151074][   T35] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  128.182009][   T35] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  128.198134][   T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.206471][   T35] usb 5-1: config 0 descriptor??
[  128.589463][   T35] usb 5-1: string descriptor 0 read error: -71
[  128.592526][   T35] hub 5-1:0.0: bad descriptor, ignoring hub
[  128.595173][   T35] hub 5-1:0.0: probe with driver hub failed with error -5
[  128.601359][   T35] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  128.661285][   T35] usb 5-1: USB disconnect, device number 9
[  128.704457][ T6603] netlink: 'syz.3.387': attribute type 21 has an invalid length.
[  128.709175][ T6603] netlink: 132 bytes leftover after parsing attributes in process `syz.3.387'.
[  128.713407][ T6603] netlink: 28 bytes leftover after parsing attributes in process `syz.3.387'.
[  128.785616][   T40] audit: type=1326 audit(1721435675.425:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.3.387" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280b175b59 code=0x7ffc0000
[  128.796615][   T40] audit: type=1326 audit(1721435675.435:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.3.387" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f280b175b59 code=0x7ffc0000
[  128.813949][ T4640] Bluetooth: hci4: unexpected event for opcode 0x080b
[  128.815314][   T40] audit: type=1326 audit(1721435675.435:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.3.387" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280b175b59 code=0x7ffc0000
[  128.833382][   T40] audit: type=1326 audit(1721435675.435:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.3.387" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280b175b59 code=0x7ffc0000
[  128.846976][   T40] audit: type=1326 audit(1721435675.435:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.3.387" exe="/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f280b175b59 code=0x7ffc0000
[  128.859617][   T40] audit: type=1326 audit(1721435675.435:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.3.387" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280b175b59 code=0x7ffc0000
[  128.873277][   T40] audit: type=1326 audit(1721435675.435:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.3.387" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280b175b59 code=0x7ffc0000
[  128.884555][   T40] audit: type=1326 audit(1721435675.435:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6602 comm="syz.3.387" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f280b175b59 code=0x7ffc0000
[  129.059874][ T6606] netlink: 'syz.0.388': attribute type 21 has an invalid length.
[  129.069307][ T6606] netlink: 132 bytes leftover after parsing attributes in process `syz.0.388'.
[  129.073742][ T6606] netlink: 28 bytes leftover after parsing attributes in process `syz.0.388'.
[  129.542985][   T59] usb 7-1: USB disconnect, device number 2
[  129.557228][ T6550] cdc_wdm 7-1:1.0: Error autopm - -16
[  129.560411][ T6557] cdc_wdm 7-1:1.0: Error autopm - -16
[  129.635306][   T58] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  129.660134][   T58] usb 6-1: USB disconnect, device number 5
[  129.718947][   T58] usblp0: removed
[  129.819730][ T6609] netlink: 16 bytes leftover after parsing attributes in process `syz.3.389'.
[  129.833818][ T6618] netlink: 24 bytes leftover after parsing attributes in process `syz.1.392'.
[  130.057403][    C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  130.177252][ T6640] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  130.548161][ T6638] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  130.811241][ T6651] netlink: 'syz.0.402': attribute type 21 has an invalid length.
[  130.814729][ T6651] netlink: 132 bytes leftover after parsing attributes in process `syz.0.402'.
[  130.820187][ T6651] netlink: 28 bytes leftover after parsing attributes in process `syz.0.402'.
[  131.047373][ T6658] syzkaller1: entered promiscuous mode
[  131.050211][ T6658] syzkaller1: entered allmulticast mode
[  131.847529][ T5214] Bluetooth: hci4: command 0x0406 tx timeout
[  132.726763][ T6706] FAULT_INJECTION: forcing a failure.
[  132.726763][ T6706] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.734701][ T6706] CPU: 1 PID: 6706 Comm: syz.2.419 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  132.739114][ T6706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  132.744079][ T6706] Call Trace:
[  132.745713][ T6706]  <TASK>
[  132.747017][ T6706]  dump_stack_lvl+0x16c/0x1f0
[  132.749226][ T6706]  should_fail_ex+0x497/0x5b0
[  132.751380][ T6706]  _copy_from_user+0x30/0xf0
[  132.753569][ T6706]  memdup_user+0x71/0xd0
[  132.755455][ T6706]  con_font_op+0x5f2/0xf50
[  132.757423][ T6706]  ? __pfx_con_font_op+0x10/0x10
[  132.759657][ T6706]  ? __pfx___might_resched+0x10/0x10
[  132.762177][ T6706]  ? avc_has_extended_perms+0x927/0xf90
[  132.764691][ T6706]  ? __might_fault+0xe3/0x190
[  132.766648][ T6706]  vt_ioctl+0x4ca/0x2f80
[  132.768350][ T6706]  ? __pfx_vt_ioctl+0x10/0x10
[  132.770291][ T6706]  ? kfree+0x12a/0x3b0
[  132.772079][ T6706]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  132.775434][ T6706]  ? do_vfs_ioctl+0x515/0x1ad0
[  132.777596][ T6706]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  132.780173][ T6706]  ? tty_jobctrl_ioctl+0x152/0xe00
[  132.782296][ T6706]  ? __pfx_vt_ioctl+0x10/0x10
[  132.784224][ T6706]  tty_ioctl+0x65d/0x15f0
[  132.786138][ T6706]  ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470
[  132.789234][ T6706]  ? __pfx_tty_ioctl+0x10/0x10
[  132.791658][ T6706]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  132.794739][ T6706]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  132.797368][ T6706]  ? selinux_file_ioctl+0x180/0x270
[  132.799699][ T6706]  ? selinux_file_ioctl+0xb4/0x270
[  132.802008][ T6706]  ? __pfx_tty_ioctl+0x10/0x10
[  132.804145][ T6706]  __x64_sys_ioctl+0x193/0x220
[  132.806219][ T6706]  do_syscall_64+0xcd/0x250
[  132.808249][ T6706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.810827][ T6706] RIP: 0033:0x7fb2b8375b59
[  132.812786][ T6706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.821333][ T6706] RSP: 002b:00007fb2b7dff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  132.825260][ T6706] RAX: ffffffffffffffda RBX: 00007fb2b8505f60 RCX: 00007fb2b8375b59
[  132.828968][ T6706] RDX: 0000000020000000 RSI: 0000000000004b72 RDI: 0000000000000004
[  132.832471][ T6706] RBP: 00007fb2b7dff0a0 R08: 0000000000000000 R09: 0000000000000000
[  132.836185][ T6706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.839860][ T6706] R13: 000000000000000b R14: 00007fb2b8505f60 R15: 00007ffeb3bda9f8
[  132.843384][ T6706]  </TASK>
[  132.868799][ T6707] nbd1: detected capacity change from 0 to 12
[  132.874876][ T6708] block nbd1: NBD_DISCONNECT
[  132.879365][ T6708] block nbd1: Send disconnect failed -89
[  132.887842][ T5214] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  132.902346][ T5253] block nbd1: Send control failed (result -89)
[  132.909939][ T5214] Bluetooth: hci4: Injecting HCI hardware error event
[  132.911151][ T5214] Bluetooth: hci4: hardware error 0x00
[  132.917798][ T5253] block nbd1: Request send failed, requeueing
[  132.932917][ T5253] block nbd1: Disconnected due to user request.
[  132.935461][   T54] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.935649][   T54] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.936587][ T5253] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.936649][ T5253] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.937224][ T5253] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.937248][ T5253] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.937315][ T5253] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.937335][ T5253] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.937390][ T5253] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.937409][ T5253] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.937479][ T5253] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.937665][ T5253] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.937747][ T5253] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.937768][ T5253] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.937828][ T5253] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.937848][ T5253] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.937865][ T5253] ldm_validate_partition_table(): Disk read failed.
[  132.937951][ T5253] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.937972][ T5253] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.938051][ T5253] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.938073][ T5253] Buffer I/O error on dev nbd1, logical block 0, async page read
[  132.938197][ T5253] Dev nbd1: unable to read RDB block 0
[  132.938368][ T5253]  nbd1: unable to read partition table
[  132.939716][ T5253] nbd1: partition table beyond EOD, truncated
[  133.088013][ T5253] ldm_validate_partition_table(): Disk read failed.
[  133.091789][ T5253] Dev nbd1: unable to read RDB block 0
[  133.093986][ T5253]  nbd1: unable to read partition table
[  133.096745][ T5253] nbd1: partition table beyond EOD, truncated
[  133.232110][   T59] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  133.292952][ T6726] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  133.458282][   T59] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  133.462283][   T59] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  133.467288][   T59] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  133.472670][   T59] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.481815][   T59] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  133.504144][   T59] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  133.508621][   T59] usb 8-1: Product: syz
[  133.510597][   T59] usb 8-1: Manufacturer: syz
[  133.527528][   T59] cdc_wdm 8-1:1.0: skipping garbage
[  133.539666][   T59] cdc_wdm 8-1:1.0: skipping garbage
[  133.550050][   T59] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  133.569427][   T59] cdc_wdm 8-1:1.0: Unknown control protocol
[  133.747306][   T40] kauditd_printk_skb: 158 callbacks suppressed
[  133.747322][   T40] audit: type=1326 audit(1721435680.385:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6711 comm="syz.3.421" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f280b175b59 code=0x0
[  134.481777][ T6747] netlink: 828 bytes leftover after parsing attributes in process `syz.0.428'.
[  134.577467][ T6751] capability: warning: `syz.1.432' uses 32-bit capabilities (legacy support in use)
[  134.631459][ T6751] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  134.736504][ T6758] netlink: 4 bytes leftover after parsing attributes in process `syz.1.435'.
[  134.847784][ T6766] netlink: 'syz.1.437': attribute type 21 has an invalid length.
[  134.851443][ T6766] netlink: 132 bytes leftover after parsing attributes in process `syz.1.437'.
[  134.856191][ T6766] netlink: 28 bytes leftover after parsing attributes in process `syz.1.437'.
[  134.924663][   T40] audit: type=1326 audit(1721435681.575:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  134.948230][   T40] audit: type=1326 audit(1721435681.575:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  134.962074][   T40] audit: type=1326 audit(1721435681.575:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  134.985369][   T40] audit: type=1326 audit(1721435681.575:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  135.015391][   T40] audit: type=1326 audit(1721435681.575:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  135.027754][   T40] audit: type=1326 audit(1721435681.585:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  135.042764][   T40] audit: type=1326 audit(1721435681.585:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  135.057266][   T40] audit: type=1326 audit(1721435681.585:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  135.072757][   T40] audit: type=1326 audit(1721435681.585:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6765 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  135.137504][ T5214] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  135.840235][ T6782] netlink: 828 bytes leftover after parsing attributes in process `syz.1.442'.
[  135.957421][ T6601] usb 8-1: USB disconnect, device number 4
[  136.050742][ T6786] netlink: 4 bytes leftover after parsing attributes in process `syz.3.444'.
[  136.795034][ T6804] netlink: 828 bytes leftover after parsing attributes in process `syz.2.451'.
[  136.884242][ T6810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.454'.
[  136.938536][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.2.455'.
[  137.068221][    T8] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  137.320894][    T8] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  137.325309][    T8] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.329818][    T8] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  137.333705][    T8] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.347643][    T8] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  137.352028][    T8] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  137.367276][    T8] usb 8-1: Product: syz
[  137.369667][    T8] usb 8-1: Manufacturer: syz
[  137.438203][    T8] cdc_wdm 8-1:1.0: skipping garbage
[  137.441846][    T8] cdc_wdm 8-1:1.0: skipping garbage
[  137.445856][    T8] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  137.450939][    T8] cdc_wdm 8-1:1.0: Unknown control protocol
[  138.155022][ T6837] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  138.157957][ T6837] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  138.181551][ T6837] vhci_hcd vhci_hcd.0: Device attached
[  138.191967][ T6834] netlink: 'syz.0.461': attribute type 72 has an invalid length.
[  138.196822][ T6834] netlink: 'syz.0.461': attribute type 8 has an invalid length.
[  138.197832][ T6840] vhci_hcd: connection closed
[  138.213849][   T80] vhci_hcd: stop threads
[  138.220948][   T80] vhci_hcd: release socket
[  138.224021][   T80] vhci_hcd: disconnect device
[  138.823039][ T1360] ieee802154 phy0 wpan0: encryption failed: -22
[  138.826563][ T1360] ieee802154 phy1 wpan1: encryption failed: -22
[  139.137941][ T6860] netlink: 828 bytes leftover after parsing attributes in process `syz.2.467'.
[  139.472811][ T6601] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  139.527691][ T6871] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  139.677221][ T6601] usb 6-1: Using ep0 maxpacket: 8
[  139.682645][ T6601] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  139.697216][ T6601] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  139.703151][ T6601] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  139.709550][ T6601] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  139.715634][ T6601] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  139.723818][ T6601] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  139.729674][ T6601] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.743192][ T6881] netlink: 'syz.2.474': attribute type 72 has an invalid length.
[  139.748590][ T6881] netlink: 'syz.2.474': attribute type 8 has an invalid length.
[  139.810716][ T5262] usb 8-1: USB disconnect, device number 5
[  139.874132][ T6887] netlink: 36 bytes leftover after parsing attributes in process `syz.0.477'.
[  139.877884][ T6887] netem: invalid attributes len -17
[  139.880330][ T6887] netem: change failed
[  139.957416][ T6601] usb 6-1: usb_control_msg returned -32
[  139.961559][ T6601] usbtmc 6-1:16.0: can't read capabilities
[  140.003502][ T6898] FAULT_INJECTION: forcing a failure.
[  140.003502][ T6898] name failslab, interval 1, probability 0, space 0, times 0
[  140.009866][ T6898] CPU: 0 PID: 6898 Comm: syz.2.479 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  140.014195][ T6898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.019128][ T6898] Call Trace:
[  140.020663][ T6898]  <TASK>
[  140.022015][ T6898]  dump_stack_lvl+0x16c/0x1f0
[  140.024364][ T6898]  should_fail_ex+0x497/0x5b0
[  140.026636][ T6898]  should_failslab+0x9/0x20
[  140.028717][ T6898]  __kmalloc_cache_noprof+0x6b/0x300
[  140.031316][ T6898]  ? once_disable_jump+0x46/0x200
[  140.033653][ T6898]  once_disable_jump+0x46/0x200
[  140.033769][   T40] kauditd_printk_skb: 41 callbacks suppressed
[  140.033783][   T40] audit: type=1400 audit(1721435686.675:1350): avc:  denied  { mount } for  pid=6889 comm="syz.3.478" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  140.035861][ T6898]  fnhe_hashfun+0x11f/0x130
[  140.052097][ T6898]  ? __pfx_fnhe_hashfun+0x10/0x10
[  140.054822][ T6898]  ? __pfx_lock_release+0x10/0x10
[  140.057321][ T6898]  update_or_create_fnhe+0xcc/0x15b0
[  140.059868][ T6898]  __ip_rt_update_pmtu+0x594/0x6d0
[  140.062240][ T6898]  ? __pfx___ip_rt_update_pmtu+0x10/0x10
[  140.065247][ T6898]  ? ip_route_output_key_hash+0x16c/0x2e0
[  140.068221][ T6898]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  140.070933][ T6898]  ? __pfx___lock_acquire+0x10/0x10
[  140.073218][ T6898]  ? __build_flow_key.constprop.0+0x207/0x710
[  140.076089][ T6898]  __ipv4_sk_update_pmtu+0x167/0x2c0
[  140.078577][ T6898]  ? __pfx___ipv4_sk_update_pmtu+0x10/0x10
[  140.081288][ T6898]  ? ipv4_sk_update_pmtu+0x265/0xe30
[  140.083552][ T6898]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  140.085933][ T6898]  ipv4_sk_update_pmtu+0x5c5/0xe30
[  140.088790][ T6898]  ? __pfx_ipv4_sk_update_pmtu+0x10/0x10
[  140.091235][ T6898]  ? raw_local_deliver+0x623/0xcd0
[  140.093496][ T6898]  ? raw_v4_match+0x5d/0x2a0
[  140.095468][ T6898]  raw_icmp_error+0x6e8/0xbf0
[  140.097545][ T6898]  icmp_socket_deliver+0x137/0x380
[  140.100592][ T6898]  icmp_unreach+0x35d/0xe50
[  140.102637][ T6898]  icmp_rcv+0xa92/0x1010
[  140.104499][ T6898]  ? __pfx_icmp_rcv+0x10/0x10
[  140.106614][ T6898]  ip_protocol_deliver_rcu+0x462/0x4e0
[  140.109047][ T6898]  ip_local_deliver_finish+0x316/0x570
[  140.111508][ T6898]  ip_local_deliver+0x18e/0x1f0
[  140.113739][ T6898]  ? __pfx_ip_local_deliver+0x10/0x10
[  140.116402][ T6898]  ip_rcv+0x2c5/0x5d0
[  140.118251][ T6898]  ? __pfx_ip_rcv+0x10/0x10
[  140.120317][ T6898]  __netif_receive_skb_one_core+0x199/0x1e0
[  140.123020][ T6898]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  140.125724][ T6898]  ? timekeeping_debug_get_ns+0x334/0x5b0
[  140.127985][ T6898]  __netif_receive_skb+0x1d/0x160
[  140.130434][ T6898]  netif_receive_skb+0x13f/0x7b0
[  140.132566][ T6898]  ? __pfx_netif_receive_skb+0x10/0x10
[  140.134835][ T6898]  ? __pfx___lock_acquire+0x10/0x10
[  140.137162][ T6898]  tun_rx_batched+0x429/0x780
[  140.139491][ T6898]  ? __pfx_tun_rx_batched+0x10/0x10
[  140.141904][ T6898]  ? tun_get_user+0x1d81/0x3c30
[  140.144109][ T6898]  tun_get_user+0x2a5c/0x3c30
[  140.146567][ T6898]  ? __pfx_tun_get_user+0x10/0x10
[  140.149057][ T6898]  ? find_held_lock+0x2d/0x110
[  140.151842][ T6898]  ? __pfx_lock_release+0x10/0x10
[  140.154309][ T6898]  tun_chr_write_iter+0xe8/0x210
[  140.156560][ T6898]  vfs_write+0x6b6/0x1140
[  140.158563][ T6898]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  140.161106][ T6898]  ? __pfx_vfs_write+0x10/0x10
[  140.163587][ T6898]  ? __fget_files+0x256/0x400
[  140.165826][ T6898]  ? __fget_light+0x173/0x210
[  140.167911][ T6898]  ksys_write+0x12f/0x260
[  140.170304][ T6898]  ? __pfx_ksys_write+0x10/0x10
[  140.172520][ T6898]  do_syscall_64+0xcd/0x250
[  140.174489][ T6898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.176860][ T6898] RIP: 0033:0x7fb2b83746df
[  140.178684][ T6898] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  140.187285][ T6898] RSP: 002b:00007fb2b7dff010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  140.190993][ T6898] RAX: ffffffffffffffda RBX: 00007fb2b8505f60 RCX: 00007fb2b83746df
[  140.194340][ T6898] RDX: 0000000000000046 RSI: 0000000020000000 RDI: 00000000000000c8
[  140.197476][ T6898] RBP: 00007fb2b7dff0a0 R08: 0000000000000000 R09: 0000000000000000
[  140.201342][ T6898] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001
[  140.205140][ T6898] R13: 000000000000000b R14: 00007fb2b8505f60 R15: 00007ffeb3bda9f8
[  140.208462][ T6898]  </TASK>
[  140.367275][ T6601] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  140.460578][ T6907] netlink: 5 bytes leftover after parsing attributes in process `syz.2.482'.
[  140.466222][ T6907] netlink: 5 bytes leftover after parsing attributes in process `syz.2.482'.
[  140.471525][ T6907] netlink: 16 bytes leftover after parsing attributes in process `syz.2.482'.
[  140.475824][ T6907] netlink: 5 bytes leftover after parsing attributes in process `syz.2.482'.
[  140.582867][ T6601] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  140.601603][ T6902] usbtmc 6-1:16.0: usb_control_msg returned -71
[  140.602936][ T5262] usb 6-1: USB disconnect, device number 6
[  140.642824][ T6601] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.646751][ T6601] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.651995][ T6601] usb 5-1: config 0 interface 0 has no altsetting 0
[  140.659100][ T6601] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.664250][ T6601] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.670173][ T6601] usb 5-1: config 0 interface 0 has no altsetting 0
[  140.677890][ T6601] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.707246][ T6601] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.717740][ T6601] usb 5-1: config 0 interface 0 has no altsetting 0
[  140.724674][ T6601] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.743109][ T6601] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.761507][ T6601] usb 5-1: config 0 interface 0 has no altsetting 0
[  140.768539][ T6601] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.773291][ T6601] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.777441][ T6601] usb 5-1: config 0 interface 0 has no altsetting 0
[  140.781200][ T6601] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.786450][ T6601] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.797966][ T6601] usb 5-1: config 0 interface 0 has no altsetting 0
[  140.827222][ T6601] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.834406][ T6601] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.878057][ T6601] usb 5-1: config 0 interface 0 has no altsetting 0
[  140.905885][ T6601] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  140.909963][ T6601] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  140.914546][ T6601] usb 5-1: config 0 interface 0 has no altsetting 0
[  140.962235][ T6601] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  140.975247][ T6601] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  140.979387][ T6601] usb 5-1: Product: syz
[  140.981347][   T40] audit: type=1400 audit(1721435687.625:1351): avc:  denied  { unmount } for  pid=6176 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  140.991028][ T6601] usb 5-1: Manufacturer: syz
[  140.993419][ T6601] usb 5-1: SerialNumber: syz
[  140.997986][ T6601] usb 5-1: config 0 descriptor??
[  141.005723][ T6601] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  141.230813][   T40] audit: type=1326 audit(1721435687.875:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6918 comm="syz.2.487" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7fc00000
[  141.242127][   T40] audit: type=1326 audit(1721435687.875:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6918 comm="syz.2.487" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fb2b8375b59 code=0x7fc00000
[  141.265022][   T40] audit: type=1326 audit(1721435687.905:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6918 comm="syz.2.487" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7fc00000
[  141.342408][   T40] audit: type=1400 audit(1721435687.985:1355): avc:  denied  { connect } for  pid=6921 comm="syz.2.489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  141.523979][   T75] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.574739][   T40] audit: type=1400 audit(1721435688.215:1356): avc:  denied  { execute } for  pid=6926 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  141.584377][   T40] audit: type=1400 audit(1721435688.215:1357): avc:  denied  { execute_no_trans } for  pid=6926 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  141.612453][ T6928] netlink: 256 bytes leftover after parsing attributes in process `syz.1.492'.
[  141.621255][   T40] audit: type=1400 audit(1721435688.265:1358): avc:  denied  { connect } for  pid=6927 comm="syz.1.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  141.639393][   T40] audit: type=1400 audit(1721435688.285:1359): avc:  denied  { read } for  pid=6927 comm="syz.1.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  141.665038][   T75] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.793409][ T4640] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  141.802247][ T4640] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  141.818251][ T4640] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  141.830753][ T4640] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  141.832008][   T75] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.835311][ T4640] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  141.845403][ T4640] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  141.930010][   T75] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.047332][   T59] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  142.115771][   T75] bridge_slave_1: left allmulticast mode
[  142.122296][   T75] bridge_slave_1: left promiscuous mode
[  142.128013][   T75] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.136590][   T75] bridge_slave_0: left allmulticast mode
[  142.143215][   T75] bridge_slave_0: left promiscuous mode
[  142.146249][   T75] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.248399][   T59] usb 6-1: Using ep0 maxpacket: 8
[  142.254232][   T59] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  142.259838][   T59] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  142.263821][   T59] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6
[  142.269177][   T59] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 100, changing to 10
[  142.273967][   T59] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24936, setting to 1024
[  142.279903][   T59] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  142.283931][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.294877][   T59] hub 6-1:1.0: bad descriptor, ignoring hub
[  142.297949][   T59] hub 6-1:1.0: probe with driver hub failed with error -5
[  142.301983][   T59] cdc_wdm 6-1:1.0: skipping garbage
[  142.305982][   T59] cdc_wdm 6-1:1.0: skipping garbage
[  142.309946][   T59] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  142.409383][  T751] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  142.562135][   T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.572663][   T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.580162][   T75] bond0 (unregistering): Released all slaves
[  142.598054][  T751] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  142.603436][  T751] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.609859][  T751] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.615738][  T751] usb 7-1: config 0 interface 0 has no altsetting 0
[  142.618296][   T59] usb 6-1: USB disconnect, device number 7
[  142.623471][  T751] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.631252][ T6937] chnl_net:caif_netlink_parms(): no params data found
[  142.648836][  T751] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.653675][  T751] usb 7-1: config 0 interface 0 has no altsetting 0
[  142.685737][  T751] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.708077][  T751] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.713656][  T751] usb 7-1: config 0 interface 0 has no altsetting 0
[  142.737675][  T751] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.741043][  T751] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.745695][  T751] usb 7-1: config 0 interface 0 has no altsetting 0
[  142.749906][  T751] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.753640][  T751] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.759352][  T751] usb 7-1: config 0 interface 0 has no altsetting 0
[  142.763620][  T751] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.768252][  T751] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.773112][  T751] usb 7-1: config 0 interface 0 has no altsetting 0
[  142.777777][  T751] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.783336][  T751] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.790408][  T751] usb 7-1: config 0 interface 0 has no altsetting 0
[  142.794847][  T751] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  142.799519][  T751] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  142.804841][  T751] usb 7-1: config 0 interface 0 has no altsetting 0
[  142.811277][  T751] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  142.815274][  T751] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  142.820119][  T751] usb 7-1: Product: syz
[  142.822010][  T751] usb 7-1: Manufacturer: syz
[  142.825035][  T751] usb 7-1: SerialNumber: syz
[  142.857395][  T751] usb 7-1: config 0 descriptor??
[  142.896201][  T751] yurex 7-1:0.0: USB YUREX device now attached to Yurex #1
[  142.967383][   T59] usb 6-1: new low-speed USB device number 8 using dummy_hcd
[  142.972970][ T6937] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.976456][ T6937] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.980860][ T6937] bridge_slave_0: entered allmulticast mode
[  142.986364][ T6937] bridge_slave_0: entered promiscuous mode
[  143.003165][    C3] usb 5-1: yurex_control_callback - control failed: -2
[  143.014793][ T6937] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.022326][ T6937] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.025019][   T25] usb 5-1: USB disconnect, device number 10
[  143.025942][ T6937] bridge_slave_1: entered allmulticast mode
[  143.032899][ T6937] bridge_slave_1: entered promiscuous mode
[  143.043291][   T25] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  143.130877][ T6961] netlink: 'syz.0.500': attribute type 21 has an invalid length.
[  143.138763][ T6961] netlink: 132 bytes leftover after parsing attributes in process `syz.0.500'.
[  143.145498][ T6963] 9pnet_fd: Insufficient options for proto=fd
[  143.160047][ T6961] netlink: 28 bytes leftover after parsing attributes in process `syz.0.500'.
[  143.174222][   T59] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  143.180522][   T59] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  143.186731][   T59] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6
[  143.193021][   T59] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 26984, setting to 8
[  143.199353][   T59] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  143.203915][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.212698][ T6936] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  143.251715][    T8] usb 7-1: USB disconnect, device number 3
[  143.254624][   T59] hub 6-1:1.0: bad descriptor, ignoring hub
[  143.261342][   T59] hub 6-1:1.0: probe with driver hub failed with error -5
[  143.266114][   T59] cdc_wdm 6-1:1.0: skipping garbage
[  143.271067][    T8] yurex 7-1:0.0: USB YUREX #1 now disconnected
[  143.273175][   T59] cdc_wdm 6-1:1.0: skipping garbage
[  143.283716][   T59] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  143.319981][ T6937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  143.346747][   T75] hsr_slave_0: left promiscuous mode
[  143.361796][   T75] hsr_slave_1: left promiscuous mode
[  143.365658][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.369683][   T75] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.374507][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.378303][   T75] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.429908][   T75] veth1_macvtap: left promiscuous mode
[  143.434178][   T75] veth0_macvtap: left promiscuous mode
[  143.438285][   T75] veth1_vlan: left promiscuous mode
[  143.441127][   T75] veth0_vlan: left promiscuous mode
[  143.577614][   T59] usb 6-1: USB disconnect, device number 8
[  143.912469][ T6973] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6973 comm=syz.2.501
[  143.974405][ T5214] Bluetooth: hci0: command tx timeout
[  144.099743][ T6980] FAULT_INJECTION: forcing a failure.
[  144.099743][ T6980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  144.106459][ T6980] CPU: 2 PID: 6980 Comm: syz.0.504 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  144.111108][ T6980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.115891][ T6980] Call Trace:
[  144.117624][ T6980]  <TASK>
[  144.119111][ T6980]  dump_stack_lvl+0x16c/0x1f0
[  144.121390][ T6980]  should_fail_ex+0x497/0x5b0
[  144.123542][ T6980]  _copy_to_user+0x30/0xc0
[  144.125573][ T6980]  simple_read_from_buffer+0xd0/0x160
[  144.128000][ T6980]  proc_fail_nth_read+0x1b0/0x290
[  144.130589][ T6980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  144.133614][ T6980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  144.136168][ T6980]  vfs_read+0x1d4/0xbd0
[  144.138170][ T6980]  ? __fdget_pos+0xeb/0x180
[  144.140257][ T6980]  ? __pfx_vfs_read+0x10/0x10
[  144.142418][ T6980]  ? __pfx___mutex_lock+0x10/0x10
[  144.144724][ T6980]  ? __fget_files+0x256/0x400
[  144.146868][ T6980]  ksys_read+0x12f/0x260
[  144.148922][ T6980]  ? __pfx_ksys_read+0x10/0x10
[  144.151125][ T6980]  do_syscall_64+0xcd/0x250
[  144.153276][ T6980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.155990][ T6980] RIP: 0033:0x7fee1977463c
[  144.158090][ T6980] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  144.167985][ T6980] RSP: 002b:00007fee1a5cb040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  144.171755][ T6980] RAX: ffffffffffffffda RBX: 00007fee19905f60 RCX: 00007fee1977463c
[  144.175176][ T6980] RDX: 000000000000000f RSI: 00007fee1a5cb0b0 RDI: 0000000000000004
[  144.178590][ T6980] RBP: 00007fee1a5cb0a0 R08: 0000000000000000 R09: 0000000000000000
[  144.182103][ T6980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.185502][ T6980] R13: 000000000000000b R14: 00007fee19905f60 R15: 00007ffce4608258
[  144.188959][ T6980]  </TASK>
[  144.755938][   T75] team0 (unregistering): Port device team_slave_1 removed
[  144.817194][   T75] team0 (unregistering): Port device team_slave_0 removed
[  145.537612][   T25] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  145.538322][ T6937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  145.577858][ T6973] netlink: 24 bytes leftover after parsing attributes in process `syz.2.501'.
[  145.696259][ T7001] netlink: 'syz.2.509': attribute type 21 has an invalid length.
[  145.699960][ T7001] netlink: 132 bytes leftover after parsing attributes in process `syz.2.509'.
[  145.703979][ T7001] netlink: 28 bytes leftover after parsing attributes in process `syz.2.509'.
[  145.726286][ T6937] team0: Port device team_slave_0 added
[  145.752429][ T6937] team0: Port device team_slave_1 added
[  145.756080][ T7003] netlink: 'syz.1.510': attribute type 21 has an invalid length.
[  145.761230][   T25] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  145.767516][ T7003] netlink: 132 bytes leftover after parsing attributes in process `syz.1.510'.
[  145.772793][ T7003] netlink: 28 bytes leftover after parsing attributes in process `syz.1.510'.
[  145.774298][   T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  145.784340][   T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  145.785187][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  145.785199][   T40] audit: type=1326 audit(1721435692.425:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.791013][   T25] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.794732][   T40] audit: type=1326 audit(1721435692.435:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.811691][   T25] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  145.822681][   T25] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  145.825865][   T40] audit: type=1326 audit(1721435692.455:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.826481][   T25] usb 5-1: Product: syz
[  145.841318][   T40] audit: type=1326 audit(1721435692.455:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.841689][   T25] usb 5-1: Manufacturer: syz
[  145.855145][   T40] audit: type=1326 audit(1721435692.455:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.874935][   T40] audit: type=1326 audit(1721435692.455:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.877589][   T25] cdc_wdm 5-1:1.0: skipping garbage
[  145.887229][   T25] cdc_wdm 5-1:1.0: skipping garbage
[  145.887297][   T40] audit: type=1326 audit(1721435692.455:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.892719][   T25] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  145.901547][   T40] audit: type=1326 audit(1721435692.455:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.903832][   T25] cdc_wdm 5-1:1.0: Unknown control protocol
[  145.913264][   T40] audit: type=1326 audit(1721435692.455:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.913292][   T40] audit: type=1326 audit(1721435692.455:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7000 comm="syz.2.509" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  145.965925][ T6937] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.969005][ T6937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.990144][ T6937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.999919][ T6937] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.002928][ T6937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.013965][ T6937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  146.030772][ T5214] Bluetooth: hci0: command tx timeout
[  146.118540][ T6937] hsr_slave_0: entered promiscuous mode
[  146.122839][ T6937] hsr_slave_1: entered promiscuous mode
[  146.665028][ T7020] netlink: 'syz.2.511': attribute type 1 has an invalid length.
[  146.668692][ T7020] netlink: 9328 bytes leftover after parsing attributes in process `syz.2.511'.
[  146.674739][ T7020] netlink: 'syz.2.511': attribute type 1 has an invalid length.
[  146.679418][ T7020] netlink: 'syz.2.511': attribute type 2 has an invalid length.
[  147.109929][ T6937] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  147.162153][ T6937] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  147.172277][ T6937] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  147.181347][ T6937] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  147.364849][ T6937] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.404712][ T6937] 8021q: adding VLAN 0 to HW filter on device team0
[  147.414762][ T5262] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.417930][ T5262] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.433106][ T5262] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.436163][ T5262] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.472384][ T7050] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  147.647326][ T6937] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.694617][ T6937] veth0_vlan: entered promiscuous mode
[  147.707828][ T6937] veth1_vlan: entered promiscuous mode
[  147.755303][ T6937] veth0_macvtap: entered promiscuous mode
[  147.762992][ T6937] veth1_macvtap: entered promiscuous mode
[  147.776941][ T6937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.781784][ T6937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.786674][ T6937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.792150][ T6937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.796056][ T6937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.800373][ T6937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.805716][ T6937] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.814051][ T6937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.819783][ T6937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.824014][ T6937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.830390][ T6937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.834925][ T6937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.839434][ T6937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.870423][ T6937] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.876026][ T7078] netlink: 'syz.2.518': attribute type 21 has an invalid length.
[  147.879335][ T7078] netlink: 132 bytes leftover after parsing attributes in process `syz.2.518'.
[  147.883352][ T7078] netlink: 28 bytes leftover after parsing attributes in process `syz.2.518'.
[  147.895249][ T6937] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.900555][ T6937] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.904295][ T6937] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.929770][ T6937] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.048627][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  148.052990][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  148.091779][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  148.099512][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  148.120344][ T5214] Bluetooth: hci0: command tx timeout
[  148.294161][  T751] usb 5-1: USB disconnect, device number 11
[  148.361232][ T7088] netlink: 36 bytes leftover after parsing attributes in process `syz.3.499'.
[  148.364995][ T7088] netem: invalid attributes len -17
[  148.367550][ T7088] netem: change failed
[  148.375598][ T7091] netlink: 308 bytes leftover after parsing attributes in process `syz.0.519'.
[  148.385410][ T7091] ata1.00: non-matching transfer count (8960/0)
[  148.923052][ T7127] netlink: 'syz.3.526': attribute type 29 has an invalid length.
[  148.929702][ T7127] netlink: 'syz.3.526': attribute type 29 has an invalid length.
[  148.937532][ T7127] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7127 comm=syz.3.526
[  148.947730][ T7127] netlink: 'syz.3.526': attribute type 29 has an invalid length.
[  148.952514][ T7127] netlink: 'syz.3.526': attribute type 29 has an invalid length.
[  149.796186][ T7158] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  150.260872][ T7168] x_tables: ip6_tables: mh match: only valid for protocol 135
[  150.325210][ T7172] Can't find a SQUASHFS superblock on nullb0
[  150.772215][ T7191] validate_nla: 2 callbacks suppressed
[  150.772232][ T7191] netlink: 'syz.1.545': attribute type 21 has an invalid length.
[  150.780841][ T7191] __nla_validate_parse: 7 callbacks suppressed
[  150.780857][ T7191] netlink: 132 bytes leftover after parsing attributes in process `syz.1.545'.
[  150.787572][ T7191] netlink: 28 bytes leftover after parsing attributes in process `syz.1.545'.
[  150.902809][   T40] kauditd_printk_skb: 223 callbacks suppressed
[  150.902825][   T40] audit: type=1326 audit(1721435697.545:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  150.917391][   T40] audit: type=1326 audit(1721435697.555:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  150.927488][   T40] audit: type=1326 audit(1721435697.575:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  150.940663][   T40] audit: type=1326 audit(1721435697.575:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  150.952130][   T40] audit: type=1326 audit(1721435697.575:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  150.961227][   T40] audit: type=1326 audit(1721435697.575:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  150.970149][   T40] audit: type=1326 audit(1721435697.575:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  150.983554][   T40] audit: type=1326 audit(1721435697.575:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  150.995596][   T40] audit: type=1326 audit(1721435697.575:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  151.007079][   T40] audit: type=1326 audit(1721435697.575:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.1.545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  151.141803][ T7199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.547'.
[  151.172989][ T7198] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.548'.
[  151.175613][ T7201] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  151.194853][ T7198] openvswitch: netlink: Unknown VXLAN extension attribute 0
[  151.223528][ T7198] Bluetooth: MGMT ver 1.23
[  151.325131][ T7206] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.551'.
[  151.485498][ T7215] netlink: 156 bytes leftover after parsing attributes in process `syz.0.554'.
[  151.497094][ T7215] netlink: 'syz.0.554': attribute type 2 has an invalid length.
[  151.501216][ T7215] netlink: 60 bytes leftover after parsing attributes in process `syz.0.554'.
[  151.508918][ T7215] FAULT_INJECTION: forcing a failure.
[  151.508918][ T7215] name failslab, interval 1, probability 0, space 0, times 0
[  151.520019][ T7215] CPU: 3 PID: 7215 Comm: syz.0.554 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  151.523790][ T7215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.527963][ T7215] Call Trace:
[  151.529690][ T7215]  <TASK>
[  151.531815][ T7215]  dump_stack_lvl+0x16c/0x1f0
[  151.534204][ T7215]  should_fail_ex+0x497/0x5b0
[  151.536371][ T7215]  should_failslab+0x9/0x20
[  151.538732][ T7215]  kmem_cache_alloc_node_noprof+0x71/0x310
[  151.541317][ T7215]  ? __alloc_skb+0x2b1/0x380
[  151.543374][ T7215]  __alloc_skb+0x2b1/0x380
[  151.545405][ T7215]  ? __pfx___alloc_skb+0x10/0x10
[  151.547706][ T7215]  ? genl_rcv_msg+0x4bd/0x800
[  151.550037][ T7215]  netlink_ack+0x164/0xb90
[  151.553742][ T7215]  ? __pfx___lock_acquire+0x10/0x10
[  151.556374][ T7215]  netlink_rcv_skb+0x348/0x440
[  151.558874][ T7215]  ? __pfx_genl_rcv_msg+0x10/0x10
[  151.561436][ T7215]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  151.563918][ T7215]  ? down_read+0xc9/0x330
[  151.565992][ T7215]  ? __pfx_down_read+0x10/0x10
[  151.568636][ T7215]  ? netlink_deliver_tap+0x1ae/0xd90
[  151.571047][ T7215]  genl_rcv+0x28/0x40
[  151.572807][ T7215]  netlink_unicast+0x544/0x830
[  151.575060][ T7215]  ? __pfx_netlink_unicast+0x10/0x10
[  151.577611][ T7215]  netlink_sendmsg+0x8b8/0xd70
[  151.579805][ T7215]  ? __pfx_netlink_sendmsg+0x10/0x10
[  151.582236][ T7215]  ? __import_iovec+0x1fd/0x6e0
[  151.584339][ T7215]  ____sys_sendmsg+0xab5/0xc90
[  151.586641][ T7215]  ? copy_msghdr_from_user+0x10b/0x160
[  151.589941][ T7215]  ? __pfx_____sys_sendmsg+0x10/0x10
[  151.593831][ T7215]  ? find_held_lock+0x2d/0x110
[  151.597580][ T7215]  ? __pfx___lock_acquire+0x10/0x10
[  151.601411][ T7215]  ___sys_sendmsg+0x135/0x1e0
[  151.604900][ T7215]  ? __pfx____sys_sendmsg+0x10/0x10
[  151.609242][ T7215]  ? ksys_write+0x21c/0x260
[  151.612612][ T7215]  ? __fget_light+0x173/0x210
[  151.630621][ T7215]  __sys_sendmsg+0x117/0x1f0
[  151.632636][ T7215]  ? __pfx___sys_sendmsg+0x10/0x10
[  151.635036][ T7215]  do_syscall_64+0xcd/0x250
[  151.637875][ T7215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.640547][ T7215] RIP: 0033:0x7fee19775b59
[  151.643428][ T7215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.655657][ T7215] RSP: 002b:00007fee1a5cb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  151.659329][ T7215] RAX: ffffffffffffffda RBX: 00007fee19905f60 RCX: 00007fee19775b59
[  151.662764][ T7215] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004
[  151.667646][ T7215] RBP: 00007fee1a5cb0a0 R08: 0000000000000000 R09: 0000000000000000
[  151.672816][ T7215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.677147][ T7215] R13: 000000000000000b R14: 00007fee19905f60 R15: 00007ffce4608258
[  151.682175][ T7215]  </TASK>
[  151.808517][ T7225] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.826733][ T7222] netlink: 4 bytes leftover after parsing attributes in process `syz.1.559'.
[  151.970344][ T7225] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.330882][ T7250] netlink: 4 bytes leftover after parsing attributes in process `syz.2.568'.
[  152.398534][ T7257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.571'.
[  152.469895][ T7262] netlink: 'syz.0.573': attribute type 21 has an invalid length.
[  154.114842][ T7290] netlink: 'syz.2.582': attribute type 21 has an invalid length.
[  154.188029][ T7292] netlink: 'syz.3.583': attribute type 29 has an invalid length.
[  154.193890][ T7292] netlink: 'syz.3.583': attribute type 29 has an invalid length.
[  154.212802][ T7292] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7292 comm=syz.3.583
[  154.233255][ T7292] netlink: 'syz.3.583': attribute type 29 has an invalid length.
[  154.241742][ T7292] netlink: 'syz.3.583': attribute type 29 has an invalid length.
[  154.319316][ T7295] netlink: 'syz.1.584': attribute type 1 has an invalid length.
[  154.361228][ T7297] 8021q: VLANs not supported on hsr0
[  154.379260][ T7297] hsr_slave_0: left promiscuous mode
[  154.382926][ T7297] hsr_slave_1: left promiscuous mode
[  154.430060][ T7299] FAULT_INJECTION: forcing a failure.
[  154.430060][ T7299] name failslab, interval 1, probability 0, space 0, times 0
[  154.437914][ T7299] CPU: 1 PID: 7299 Comm: syz.0.586 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  154.442093][ T7299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.446823][ T7299] Call Trace:
[  154.448315][ T7299]  <TASK>
[  154.449839][ T7299]  dump_stack_lvl+0x16c/0x1f0
[  154.453601][ T7299]  should_fail_ex+0x497/0x5b0
[  154.456029][ T7299]  should_failslab+0x9/0x20
[  154.458427][ T7299]  kmem_cache_alloc_node_noprof+0x71/0x310
[  154.461886][ T7299]  ? __alloc_skb+0x2b1/0x380
[  154.464715][ T7299]  __alloc_skb+0x2b1/0x380
[  154.467245][ T7299]  ? __pfx___alloc_skb+0x10/0x10
[  154.470317][ T7299]  mgmt_cmd_complete+0x4c/0x540
[  154.473514][ T7299]  get_connections+0x43f/0x610
[  154.476353][ T7299]  ? __pfx_mgmt_init_hdev+0x10/0x10
[  154.479489][ T7299]  hci_sock_sendmsg+0x1528/0x25e0
[  154.482600][ T7299]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  154.485607][ T7299]  sock_write_iter+0x50a/0x5c0
[  154.487774][ T7299]  ? __pfx_sock_write_iter+0x10/0x10
[  154.490798][ T7299]  ? security_file_permission+0x98/0xc0
[  154.493384][ T7299]  vfs_write+0x6b6/0x1140
[  154.496066][ T7299]  ? __pfx_sock_write_iter+0x10/0x10
[  154.499048][ T7299]  ? __pfx_vfs_write+0x10/0x10
[  154.501753][ T7299]  ? __fget_files+0x256/0x400
[  154.505070][ T7299]  ? __fget_light+0x173/0x210
[  154.507896][ T7299]  ksys_write+0x1f8/0x260
[  154.510611][ T7299]  ? __pfx_ksys_write+0x10/0x10
[  154.513831][ T7299]  do_syscall_64+0xcd/0x250
[  154.516678][ T7299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.519632][ T7299] RIP: 0033:0x7fee19775b59
[  154.521666][ T7299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.533750][ T7299] RSP: 002b:00007fee1a5cb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  154.540390][ T7299] RAX: ffffffffffffffda RBX: 00007fee19905f60 RCX: 00007fee19775b59
[  154.545499][ T7299] RDX: 0000000000000006 RSI: 0000000020000000 RDI: 0000000000000004
[  154.550244][ T7299] RBP: 00007fee1a5cb0a0 R08: 0000000000000000 R09: 0000000000000000
[  154.556495][ T7299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.564086][ T7299] R13: 000000000000000b R14: 00007fee19905f60 R15: 00007ffce4608258
[  154.568743][ T7299]  </TASK>
[  155.061954][ T7322] netlink: 'syz.1.594': attribute type 29 has an invalid length.
[  155.072741][ T7322] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7322 comm=syz.1.594
[  155.980321][ T7344] validate_nla: 3 callbacks suppressed
[  155.980339][ T7344] netlink: 'syz.3.601': attribute type 21 has an invalid length.
[  155.986623][ T7344] __nla_validate_parse: 9 callbacks suppressed
[  155.986636][ T7344] netlink: 132 bytes leftover after parsing attributes in process `syz.3.601'.
[  155.995694][ T7344] netlink: 28 bytes leftover after parsing attributes in process `syz.3.601'.
[  156.085894][ T7349] netlink: 'syz.0.603': attribute type 1 has an invalid length.
[  156.093447][ T7349] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.603'.
[  156.095454][   T40] kauditd_printk_skb: 159 callbacks suppressed
[  156.095468][   T40] audit: type=1326 audit(1721435702.735:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.119591][    C2] vkms_vblank_simulate: vblank timer overrun
[  156.146142][   T40] audit: type=1326 audit(1721435702.735:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.170147][   T40] audit: type=1326 audit(1721435702.735:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.190731][   T40] audit: type=1326 audit(1721435702.735:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.218960][   T40] audit: type=1326 audit(1721435702.735:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.235945][   T40] audit: type=1326 audit(1721435702.735:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.259601][   T40] audit: type=1326 audit(1721435702.735:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.270932][   T40] audit: type=1326 audit(1721435702.735:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.282315][   T40] audit: type=1326 audit(1721435702.735:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.296561][   T40] audit: type=1326 audit(1721435702.735:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7343 comm="syz.3.601" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac8575b59 code=0x7ffc0000
[  156.703445][ T7366] netlink: 4 bytes leftover after parsing attributes in process `syz.0.608'.
[  156.819758][ T7369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.609'.
[  157.029542][ T7377] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.613'.
[  157.034094][ T7377] openvswitch: netlink: Unknown VXLAN extension attribute 0
[  157.225710][ T7392] netlink: 'syz.3.617': attribute type 1 has an invalid length.
[  157.229624][ T7392] netlink: 244 bytes leftover after parsing attributes in process `syz.3.617'.
[  157.534808][ T7402] netlink: 'syz.2.619': attribute type 21 has an invalid length.
[  157.538692][ T7402] netlink: 132 bytes leftover after parsing attributes in process `syz.2.619'.
[  157.542893][ T7402] netlink: 28 bytes leftover after parsing attributes in process `syz.2.619'.
[  157.569214][ T7403] netlink: 'syz.1.620': attribute type 21 has an invalid length.
[  157.572258][ T7403] netlink: 132 bytes leftover after parsing attributes in process `syz.1.620'.
[  158.436561][    C2] vkms_vblank_simulate: vblank timer overrun
[  158.681085][ T7413] ipip0: entered promiscuous mode
[  158.728394][ T7427] netlink: 'syz.0.628': attribute type 21 has an invalid length.
[  159.260676][ T7437] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(15)
[  159.264551][ T7437] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  159.268881][ T7437] vhci_hcd vhci_hcd.0: Device attached
[  159.484031][ T7444] netlink: 'syz.2.633': attribute type 21 has an invalid length.
[  159.579673][ T5281] usb 19-1: new high-speed USB device number 2 using vhci_hcd
[  159.632979][ T7448] netlink: 'syz.1.634': attribute type 21 has an invalid length.
[  159.642114][ T7449] FAULT_INJECTION: forcing a failure.
[  159.642114][ T7449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.649795][ T7449] CPU: 3 PID: 7449 Comm: syz.0.635 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  159.655396][ T7449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.660831][ T7449] Call Trace:
[  159.662423][ T7449]  <TASK>
[  159.664111][ T7449]  dump_stack_lvl+0x16c/0x1f0
[  159.666447][ T7449]  should_fail_ex+0x497/0x5b0
[  159.669621][ T7449]  copy_fpstate_to_sigframe+0x812/0xaa0
[  159.672218][ T7449]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  159.675375][ T7449]  ? collect_signal+0x315/0x630
[  159.678128][ T7449]  ? find_held_lock+0x2d/0x110
[  159.680255][ T7449]  get_sigframe+0x455/0x930
[  159.682226][ T7449]  ? __pfx_get_sigframe+0x10/0x10
[  159.684356][ T7449]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  159.687119][ T7449]  ? _raw_spin_unlock_irq+0x23/0x50
[  159.690715][ T7449]  ? siginfo_layout+0x1d2/0x290
[  159.693111][ T7449]  x64_setup_rt_frame+0x129/0xce0
[  159.698307][ T7449]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  159.701480][ T7449]  ? __mutex_unlock_slowpath+0x164/0x650
[  159.705785][ T7449]  arch_do_signal_or_restart+0x5e6/0x7e0
[  159.707844][ T7449]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  159.710547][ T7449]  ? ksys_write+0x1ab/0x260
[  159.712962][ T7449]  ? __pfx_ksys_write+0x10/0x10
[  159.715305][ T7449]  syscall_exit_to_user_mode+0x150/0x2a0
[  159.717858][ T7449]  do_syscall_64+0xda/0x250
[  159.719880][ T7449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.722600][ T7449] RIP: 0033:0x7fee197746df
[  159.724692][ T7449] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  159.735603][ T7449] RSP: 002b:00007fee1a5cb040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  159.740173][ T7449] RAX: 0000000000000001 RBX: 0000000000000005 RCX: 00007fee197746df
[  159.744315][ T7449] RDX: 0000000000000001 RSI: 00007fee1a5cb0a0 RDI: 0000000000000005
[  159.750876][ T7449] RBP: 00007fee1a5cb0a0 R08: 0000000000000000 R09: 00007fee1a5cae07
[  159.755049][ T7449] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  159.759488][ T7449] R13: 000000000000000b R14: 00007fee19905f60 R15: 00007ffce4608258
[  159.764697][ T7449]  </TASK>
[  159.859125][ T7452] syz.0.636 (7452): /proc/7451/oom_adj is deprecated, please use /proc/7451/oom_score_adj instead.
[  159.946045][ T7439] vhci_hcd: connection reset by peer
[  159.949447][   T11] vhci_hcd: stop threads
[  159.951525][   T11] vhci_hcd: release socket
[  159.957828][   T11] vhci_hcd: disconnect device
[  159.965773][ T7452] hfs: unable to parse mount options
[  160.177527][ T5214] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  160.181533][ T5214] Bluetooth: hci0: Injecting HCI hardware error event
[  160.186724][ T5214] Bluetooth: hci0: hardware error 0x00
[  160.768171][ T7482] netlink: 'syz.3.646': attribute type 21 has an invalid length.
[  160.874708][ T4640] Bluetooth: hci0: unexpected event for opcode 0x080b
[  161.179803][ T7487] __nla_validate_parse: 22 callbacks suppressed
[  161.179821][ T7487] netlink: 5 bytes leftover after parsing attributes in process `syz.1.648'.
[  161.191720][ T7487] netlink: 5 bytes leftover after parsing attributes in process `syz.1.648'.
[  161.196790][ T7487] netlink: 16 bytes leftover after parsing attributes in process `syz.1.648'.
[  161.202165][ T7487] netlink: 5 bytes leftover after parsing attributes in process `syz.1.648'.
[  161.280827][ T7492] netlink: 'syz.1.651': attribute type 21 has an invalid length.
[  161.283829][ T7492] netlink: 132 bytes leftover after parsing attributes in process `syz.1.651'.
[  161.290353][ T7492] netlink: 28 bytes leftover after parsing attributes in process `syz.1.651'.
[  161.306167][ T7494] netlink: 'syz.0.649': attribute type 1 has an invalid length.
[  161.313732][ T7494] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.649'.
[  161.369739][   T40] kauditd_printk_skb: 398 callbacks suppressed
[  161.369755][   T40] audit: type=1326 audit(1721435708.015:2174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.394779][   T40] audit: type=1326 audit(1721435708.015:2175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.414385][   T40] audit: type=1326 audit(1721435708.015:2176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.428304][   T40] audit: type=1326 audit(1721435708.015:2177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.439174][   T40] audit: type=1326 audit(1721435708.015:2178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.448552][   T40] audit: type=1326 audit(1721435708.015:2179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.457861][   T40] audit: type=1326 audit(1721435708.015:2180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.470510][   T40] audit: type=1326 audit(1721435708.015:2181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.482944][   T40] audit: type=1326 audit(1721435708.015:2182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.495280][   T40] audit: type=1326 audit(1721435708.015:2183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.1.651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ee375b59 code=0x7ffc0000
[  161.591036][ T7498] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(15)
[  161.593535][ T7498] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  161.596447][ T7498] vhci_hcd vhci_hcd.0: Device attached
[  161.819501][ T7506] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(15)
[  161.822340][ T7506] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  161.825682][ T7506] vhci_hcd vhci_hcd.0: Device attached
[  161.867250][   T59] usb 17-1: new high-speed USB device number 2 using vhci_hcd
[  162.121934][   T25] usb 13-1: new high-speed USB device number 2 using vhci_hcd
[  162.195405][ T7500] vhci_hcd: connection reset by peer
[  162.198512][ T4284] vhci_hcd: stop threads
[  162.200534][ T4284] vhci_hcd: release socket
[  162.202724][ T4284] vhci_hcd: disconnect device
[  162.257386][ T5214] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  162.475858][ T7508] vhci_hcd: connection reset by peer
[  162.479560][ T1092] vhci_hcd: stop threads
[  162.481563][ T1092] vhci_hcd: release socket
[  162.483769][ T1092] vhci_hcd: disconnect device
[  163.248314][ T7534] netlink: 4 bytes leftover after parsing attributes in process `syz.0.661'.
[  163.303260][ T7538] netlink: 'syz.0.663': attribute type 21 has an invalid length.
[  163.307068][ T7538] netlink: 132 bytes leftover after parsing attributes in process `syz.0.663'.
[  163.311680][ T7538] netlink: 28 bytes leftover after parsing attributes in process `syz.0.663'.
[  163.362250][ T7539] netlink: 'syz.1.662': attribute type 1 has an invalid length.
[  163.951704][ T7550] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(15)
[  163.954764][ T7550] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  163.959447][ T7550] vhci_hcd vhci_hcd.0: Device attached
[  164.145797][ T7564] binder: 7563:7564 ioctl 40046205 0 returned -22
[  164.548880][ T7576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  164.607052][ T7576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  164.614974][ T7576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  164.643229][ T7555] vhci_hcd: connection closed
[  164.645314][ T1092] vhci_hcd: stop threads
[  164.667304][ T1092] vhci_hcd: release socket
[  164.670396][ T1092] vhci_hcd: disconnect device
[  164.747761][ T5281] vhci_hcd: vhci_device speed not set
[  165.927847][ T7587] orangefs_mount: mount request failed with -4
[  166.076593][ T7617] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(14)
[  166.080574][ T7617] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  166.096148][ T7617] vhci_hcd vhci_hcd.0: Device attached
[  166.367385][    T8] usb 19-1: new high-speed USB device number 3 using vhci_hcd
[  166.746360][ T7622] vhci_hcd: connection reset by peer
[  166.749789][ T4284] vhci_hcd: stop threads
[  166.751719][ T4284] vhci_hcd: release socket
[  166.754332][ T4284] vhci_hcd: disconnect device
[  166.814271][ T7637] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(15)
[  166.817524][ T7637] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  166.821619][ T7637] vhci_hcd vhci_hcd.0: Device attached
[  166.967265][   T59] vhci_hcd: vhci_device speed not set
[  167.032054][   T40] kauditd_printk_skb: 107 callbacks suppressed
[  167.032069][   T40] audit: type=1400 audit(1721435713.675:2291): avc:  denied  { write } for  pid=7644 comm="syz.1.694" name="memory.events" dev="9p" ino=36575632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  167.160780][ T7648] __nla_validate_parse: 5 callbacks suppressed
[  167.160790][ T7648] netlink: 80 bytes leftover after parsing attributes in process `syz.2.695'.
[  167.486801][ T7659] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.494072][ T7659] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.508598][ T7641] vhci_hcd: connection reset by peer
[  167.525015][   T11] vhci_hcd: stop threads
[  167.527084][   T11] vhci_hcd: release socket
[  167.529501][   T11] vhci_hcd: disconnect device
[  167.607276][   T25] vhci_hcd: vhci_device speed not set
[  168.165173][ T7667] netlink: 4 bytes leftover after parsing attributes in process `syz.2.702'.
[  168.179329][ T7665] XFS (nullb0): Invalid superblock magic number
[  168.209764][ T7665] SELinux:  Context system_u:object_r:cpu_device_t:s0 is not valid (left unmapped).
[  168.220441][   T40] audit: type=1400 audit(1721435714.865:2292): avc:  denied  { relabelto } for  pid=7664 comm="syz.0.701" name="swradio0" dev="devtmpfs" ino=900 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:cpu_device_t:s0"
[  168.231759][   T40] audit: type=1400 audit(1721435714.865:2293): avc:  denied  { associate } for  pid=7664 comm="syz.0.701" name="swradio0" dev="devtmpfs" ino=900 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 srawcon="system_u:object_r:cpu_device_t:s0"
[  168.542761][ T7686] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(14)
[  168.545609][ T7686] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  168.549047][ T7686] vhci_hcd vhci_hcd.0: Device attached
[  168.678354][ T7694] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(15)
[  168.681395][ T7694] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  168.685948][ T7694] vhci_hcd vhci_hcd.0: Device attached
[  168.838262][  T751] usb 17-1: new high-speed USB device number 3 using vhci_hcd
[  168.873415][ T7699] netlink: 104 bytes leftover after parsing attributes in process `syz.1.710'.
[  168.878567][ T7699] netlink: 104 bytes leftover after parsing attributes in process `syz.1.710'.
[  168.883161][ T7699] netlink: 81 bytes leftover after parsing attributes in process `syz.1.710'.
[  168.904744][ T7701] fuse: Bad value for 'group_id'
[  168.906178][ T7703] netlink: 132 bytes leftover after parsing attributes in process `syz.0.711'.
[  168.907043][ T7701] fuse: Bad value for 'group_id'
[  168.921388][ T7699] netlink: 8 bytes leftover after parsing attributes in process `syz.1.710'.
[  168.982037][ T7708] syz.1.710 (7708): attempted to duplicate a private mapping with mremap.  This is not supported.
[  169.136640][   T40] audit: type=1400 audit(1721435715.775:2294): avc:  denied  { read } for  pid=7711 comm="syz.1.714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  169.216745][ T7692] vhci_hcd: connection reset by peer
[  169.221347][   T75] vhci_hcd: stop threads
[  169.225144][   T75] vhci_hcd: release socket
[  169.228957][   T75] vhci_hcd: disconnect device
[  169.337244][ T7696] vhci_hcd: connection closed
[  169.337680][ T4284] vhci_hcd: stop threads
[  169.342240][ T4284] vhci_hcd: release socket
[  169.345136][ T4284] vhci_hcd: disconnect device
[  169.416181][ T7721] netlink: 'syz.0.716': attribute type 3 has an invalid length.
[  169.421613][ T7721] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.716'.
[  169.558098][ T7725] netlink: 4 bytes leftover after parsing attributes in process `syz.0.718'.
[  169.799433][ T7731] FAULT_INJECTION: forcing a failure.
[  169.799433][ T7731] name failslab, interval 1, probability 0, space 0, times 0
[  169.806781][ T7731] CPU: 2 PID: 7731 Comm: syz.2.720 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  169.811648][ T7731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.817006][ T7731] Call Trace:
[  169.818892][ T7731]  <TASK>
[  169.820253][ T7731]  dump_stack_lvl+0x16c/0x1f0
[  169.822516][ T7731]  should_fail_ex+0x497/0x5b0
[  169.825399][ T7731]  should_failslab+0x9/0x20
[  169.827432][ T7731]  __kmalloc_node_track_caller_noprof+0xcf/0x430
[  169.830557][ T7731]  ? security_context_to_sid_core+0x73b/0x870
[  169.834250][ T7731]  kstrdup+0x3c/0x70
[  169.836095][ T7731]  security_context_to_sid_core+0x73b/0x870
[  169.838823][ T7731]  ? __pfx_security_context_to_sid_core+0x10/0x10
[  169.841620][ T7731]  ? avc_has_perm+0x11b/0x1c0
[  169.843658][ T7731]  ? cap_capable+0x1cf/0x240
[  169.845655][ T7731]  selinux_inode_setxattr+0x6c9/0x8b0
[  169.847945][ T7731]  ? __pfx_selinux_inode_setxattr+0x10/0x10
[  169.850373][ T7731]  ? __pfx_lock_acquire+0x10/0x10
[  169.852263][ T7731]  ? make_vfsgid+0xe0/0x130
[  169.854012][ T7731]  ? __pfx_make_vfsgid+0x10/0x10
[  169.855813][ T7731]  ? __pfx___lock_acquire+0x10/0x10
[  169.858029][ T7731]  security_inode_setxattr+0x179/0x250
[  169.860429][ T7731]  __vfs_setxattr_locked+0xaa/0x260
[  169.862769][ T7731]  vfs_setxattr+0x146/0x350
[  169.864941][ T7731]  ? __pfx_vfs_setxattr+0x10/0x10
[  169.867345][ T7731]  ? __might_fault+0xe3/0x190
[  169.869531][ T7731]  do_setxattr+0x146/0x170
[  169.871840][ T7731]  setxattr+0x15d/0x180
[  169.873684][ T7731]  ? __pfx_setxattr+0x10/0x10
[  169.876165][ T7727] netlink: 20 bytes leftover after parsing attributes in process `syz.0.719'.
[  169.896937][ T7731]  ? __pfx_lock_release+0x10/0x10
[  169.897011][ T7731]  ? mnt_get_write_access+0x20c/0x300
[  169.897037][ T7731]  __x64_sys_fsetxattr+0x261/0x310
[  169.897059][ T7731]  do_syscall_64+0xcd/0x250
[  169.897081][ T7731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.897108][ T7731] RIP: 0033:0x7fb2b8375b59
[  169.897123][ T7731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.897141][ T7731] RSP: 002b:00007fb2b7dff048 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  169.897161][ T7731] RAX: ffffffffffffffda RBX: 00007fb2b8505f60 RCX: 00007fb2b8375b59
[  169.897173][ T7731] RDX: 0000000020000200 RSI: 00000000200001c0 RDI: 0000000000000003
[  169.897185][ T7731] RBP: 00007fb2b7dff0a0 R08: 0000000000000000 R09: 0000000000000000
[  169.897197][ T7731] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000001
[  169.897209][ T7731] R13: 000000000000000b R14: 00007fb2b8505f60 R15: 00007ffeb3bda9f8
[  169.897223][ T7731]  </TASK>
[  170.344661][   T40] audit: type=1400 audit(1721435716.985:2295): avc:  denied  { mounton } for  pid=7756 comm="syz.3.729" path="/52/file0" dev="tmpfs" ino=299 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  170.381654][   T40] audit: type=1400 audit(1721435716.985:2296): avc:  denied  { mount } for  pid=7756 comm="syz.3.729" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  170.529947][ T7758] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(15)
[  170.530004][ T7758] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  170.530072][ T7758] vhci_hcd vhci_hcd.0: Device attached
[  171.155496][ T7762] vhci_hcd: connection closed
[  171.160161][   T11] vhci_hcd: stop threads
[  171.166104][   T11] vhci_hcd: release socket
[  171.182796][   T11] vhci_hcd: disconnect device
[  171.537388][    T8] vhci_hcd: vhci_device speed not set
[  172.157164][ T7803] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  172.263106][ T7805] __nla_validate_parse: 12 callbacks suppressed
[  172.263122][ T7805] netlink: 32 bytes leftover after parsing attributes in process `syz.1.745'.
[  172.612943][ T7818] netlink: 20 bytes leftover after parsing attributes in process `syz.0.749'.
[  172.691768][ T7817] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(15)
[  172.695365][ T7817] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  172.699358][ T7817] vhci_hcd vhci_hcd.0: Device attached
[  172.736004][ T7826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.751'.
[  172.988025][ T7832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.753'.
[  173.006242][    T8] usb 15-1: new high-speed USB device number 2 using vhci_hcd
[  173.377872][ T7824] vhci_hcd: connection reset by peer
[  173.381721][ T1092] vhci_hcd: stop threads
[  173.384851][ T1092] vhci_hcd: release socket
[  173.388958][ T1092] vhci_hcd: disconnect device
[  173.454683][ T7840] netlink: 'syz.2.756': attribute type 21 has an invalid length.
[  173.461819][ T7840] netlink: 132 bytes leftover after parsing attributes in process `syz.2.756'.
[  173.466644][ T7840] netlink: 28 bytes leftover after parsing attributes in process `syz.2.756'.
[  173.559963][   T40] audit: type=1326 audit(1721435720.205:2297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.577431][   T40] audit: type=1326 audit(1721435720.205:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.587322][   T40] audit: type=1326 audit(1721435720.205:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.596333][   T40] audit: type=1326 audit(1721435720.205:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.610001][   T40] audit: type=1326 audit(1721435720.205:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.627716][   T40] audit: type=1326 audit(1721435720.205:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.651781][   T40] audit: type=1326 audit(1721435720.205:2303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.667246][   T40] audit: type=1326 audit(1721435720.235:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.677747][ T7843] netlink: 32 bytes leftover after parsing attributes in process `syz.3.757'.
[  173.685927][   T40] audit: type=1326 audit(1721435720.235:2305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.700111][   T40] audit: type=1326 audit(1721435720.235:2306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7839 comm="syz.2.756" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb2b8375b59 code=0x7ffc0000
[  173.947612][  T751] vhci_hcd: vhci_device speed not set
[  174.130860][ T7852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.760'.
[  174.193372][ T7855] netlink: 4 bytes leftover after parsing attributes in process `syz.3.762'.
[  174.580126][ T7872] netlink: 32 bytes leftover after parsing attributes in process `syz.1.767'.
[  176.305806][ T7926] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  176.805640][ T7941] netlink: 'syz.2.789': attribute type 2 has an invalid length.
[  177.986171][ T7970] __nla_validate_parse: 7 callbacks suppressed
[  177.986186][ T7970] netlink: 32 bytes leftover after parsing attributes in process `syz.0.796'.
[  178.167314][    T8] vhci_hcd: vhci_device speed not set
[  178.581850][   T40] kauditd_printk_skb: 86 callbacks suppressed
[  178.581866][   T40] audit: type=1400 audit(1721435725.223:2393): avc:  denied  { append } for  pid=7980 comm="syz.2.799" name="001" dev="devtmpfs" ino=745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  179.031034][   T40] audit: type=1400 audit(1721435725.673:2394): avc:  denied  { map } for  pid=7988 comm="syz.1.801" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  179.036511][ T7989] binder: 7988:7989 unknown command 0
[  179.036736][ T7990] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  179.054090][ T7989] binder: 7988:7989 ioctl c0306201 20000540 returned -22
[  179.067337][   T40] audit: type=1400 audit(1721435725.673:2395): avc:  denied  { set_context_mgr } for  pid=7988 comm="syz.1.801" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  179.095322][ T7987] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  179.115729][ T7987] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  179.770473][ T8003] netlink: 32 bytes leftover after parsing attributes in process `syz.1.805'.
[  180.004797][   T40] audit: type=1400 audit(1721435726.643:2396): avc:  denied  { bind } for  pid=8011 comm="syz.3.804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  180.207790][    T8] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  180.254460][ T8022] input: syz1 as /devices/virtual/input/input10
[  180.263356][   T40] audit: type=1400 audit(1721435726.903:2397): avc:  denied  { ioctl } for  pid=4681 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2484 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  180.387312][    T8] usb 6-1: Using ep0 maxpacket: 8
[  180.391263][    T8] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[  180.394550][    T8] usb 6-1: config 179 has no interface number 0
[  180.397583][    T8] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  180.405023][    T8] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  180.411278][    T8] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  180.416349][    T8] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  180.425798][    T8] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  180.436309][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.478833][ T8010] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  180.527063][ T8028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.585015][ T8028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.592176][ T8028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.772042][    T8] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input11
[  180.912579][ T8010] 
[  180.914576][ T8010] ======================================================
[  180.917657][ T8010] WARNING: possible circular locking dependency detected
[  180.920573][ T8010] 6.10.0-syzkaller-09061-g4305ca0087dd #0 Not tainted
[  180.924961][ T8010] ------------------------------------------------------
[  180.925036][ T8031] netlink: 32 bytes leftover after parsing attributes in process `syz.0.816'.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  180.929390][ T8010] syz.1.809/8010 is trying to acquire lock:
[  180.929404][ T8010] ffff888041695870 (&newdev->mutex){+.+.}-{3:3}, at: uinput_request_submit.part.0+0x25/0x2e0
[  180.929468][ T8010] 
[  180.929468][ T8010] but task is already holding lock:
[  180.929473][ T8010] ffff8880416938b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x1dd/0xbf0
[  180.929522][ T8010] 
[  180.929522][ T8010] which lock already depends on the new lock.
[  180.929522][ T8010] 
[  180.929528][ T8010] 
[  180.929528][ T8010] the existing dependency chain (in reverse order) is:
[  180.929534][ T8010] 
[  180.929534][ T8010] -> #3 (&ff->mutex){+.+.}-{3:3}:
[  180.961901][ T8010]        __mutex_lock+0x175/0x9c0
[  180.964289][ T8010]        input_ff_flush+0x63/0x170
[  180.966383][ T8010]        uinput_dev_flush+0x2a/0x40
[  180.968767][ T8010]        input_flush_device+0x97/0xd0
[  180.971132][ T8010]        evdev_release+0x343/0x400
[  180.973673][ T8010]        __fput+0x408/0xbb0
[  180.976071][ T8010]        __fput_sync+0x47/0x50
[  180.978330][ T8010]        __x64_sys_close+0x86/0x100
[  180.980867][ T8010]        do_syscall_64+0xcd/0x250
[  180.984381][ T8010]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.987206][ T8010] 
[  180.987206][ T8010] -> #2 (&dev->mutex#2){+.+.}-{3:3}:
[  180.990609][ T8010]        __mutex_lock+0x175/0x9c0
[  180.992956][ T8010]        input_register_handle+0x71/0x4e0
[  180.995594][ T8010]        kbd_connect+0xca/0x160
[  180.997992][ T8010]        input_attach_handler.isra.0+0x181/0x260
[  181.000868][ T8010]        input_register_device+0xb22/0x1140
[  181.003467][ T8010]        acpi_button_add+0x51b/0xb80
[  181.005982][ T8010]        acpi_device_probe+0xc6/0x330
[  181.008390][ T8010]        really_probe+0x23e/0xa90
[  181.010447][ T8010]        __driver_probe_device+0x1de/0x440
[  181.012768][ T8010]        driver_probe_device+0x4c/0x1b0
[  181.014999][ T8010]        __driver_attach+0x283/0x580
[  181.017374][ T8010]        bus_for_each_dev+0x13c/0x1d0
[  181.019921][ T8010]        bus_add_driver+0x2e9/0x690
[  181.022641][ T8010]        driver_register+0x15c/0x4b0
[  181.043249][ T8010]        __acpi_bus_register_driver+0xdf/0x130
[  181.046024][ T8010]        acpi_button_driver_init+0x82/0x110
[  181.048677][ T8010]        do_one_initcall+0x128/0x700
[  181.051068][ T8010]        kernel_init_freeable+0x69d/0xca0
[  181.053573][ T8010]        kernel_init+0x1c/0x2b0
[  181.055714][ T8010]        ret_from_fork+0x45/0x80
[  181.057842][ T8010]        ret_from_fork_asm+0x1a/0x30
[  181.059895][ T8010] 
[  181.059895][ T8010] -> #1 (input_mutex){+.+.}-{3:3}:
[  181.063067][ T8010]        __mutex_lock+0x175/0x9c0
[  181.065232][ T8010]        input_register_device+0xa2b/0x1140
[  181.067887][ T8010]        uinput_ioctl_handler.isra.0+0x130c/0x1d70
[  181.070669][ T8010]        __x64_sys_ioctl+0x193/0x220
[  181.072958][ T8010]        do_syscall_64+0xcd/0x250
[  181.075111][ T8010]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.077880][ T8010] 
[  181.077880][ T8010] -> #0 (&newdev->mutex){+.+.}-{3:3}:
[  181.081200][ T8010]        __lock_acquire+0x24ed/0x3cb0
[  181.083502][ T8010]        lock_acquire+0x1b1/0x560
[  181.085706][ T8010]        __mutex_lock+0x175/0x9c0
[  181.087778][ T8010]        uinput_request_submit.part.0+0x25/0x2e0
[  181.090211][ T8010]        uinput_dev_upload_effect+0x175/0x1f0
[  181.092745][ T8010]        input_ff_upload+0x55b/0xbf0
[  181.095048][ T8010]        evdev_do_ioctl+0xf40/0x1ae0
[  181.097399][ T8010]        evdev_ioctl+0x170/0x1a0
[  181.099561][ T8010]        __x64_sys_ioctl+0x193/0x220
[  181.101607][ T8010]        do_syscall_64+0xcd/0x250
[  181.103347][ T8010]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.105902][ T8010] 
[  181.105902][ T8010] other info that might help us debug this:
[  181.105902][ T8010] 
[  181.109948][ T8010] Chain exists of:
[  181.109948][ T8010]   &newdev->mutex --> &dev->mutex#2 --> &ff->mutex
[  181.109948][ T8010] 
[  181.115342][ T8010]  Possible unsafe locking scenario:
[  181.115342][ T8010] 
[  181.118294][ T8010]        CPU0                    CPU1
[  181.119944][ T8010]        ----                    ----
[  181.122124][ T8010]   lock(&ff->mutex);
[  181.123832][ T8010]                                lock(&dev->mutex#2);
[  181.126668][ T8010]                                lock(&ff->mutex);
[  181.129474][ T8010]   lock(&newdev->mutex);
[  181.131346][ T8010] 
[  181.131346][ T8010]  *** DEADLOCK ***
[  181.131346][ T8010] 
[  181.134801][ T8010] 2 locks held by syz.1.809/8010:
[  181.136979][ T8010]  #0: ffff88801f28f110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_ioctl+0x86/0x1a0
[  181.140906][ T8010]  #1: ffff8880416938b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x1dd/0xbf0
[  181.144952][ T8010] 
[  181.144952][ T8010] stack backtrace:
[  181.147538][ T8010] CPU: 2 PID: 8010 Comm: syz.1.809 Not tainted 6.10.0-syzkaller-09061-g4305ca0087dd #0
[  181.151598][ T8010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  181.156457][ T8010] Call Trace:
[  181.157978][ T8010]  <TASK>
[  181.159032][ T8010]  dump_stack_lvl+0x116/0x1f0
[  181.161112][ T8010]  check_noncircular+0x31a/0x400
[  181.163347][ T8010]  ? __pfx_check_noncircular+0x10/0x10
[  181.165546][ T8010]  ? hlock_class+0x4e/0x130
[  181.166955][ T8010]  ? lockdep_lock+0xc6/0x200
[  181.168602][ T8010]  ? __pfx_lockdep_lock+0x10/0x10
[  181.170908][ T8010]  __lock_acquire+0x24ed/0x3cb0
[  181.173107][ T8010]  ? __pfx___lock_acquire+0x10/0x10
[  181.175413][ T8010]  ? irqentry_exit+0x3b/0x90
[  181.177518][ T8010]  ? lockdep_hardirqs_on+0x7c/0x110
[  181.179503][ T8010]  lock_acquire+0x1b1/0x560
[  181.181090][ T8010]  ? uinput_request_submit.part.0+0x25/0x2e0
[  181.183143][ T8010]  ? __pfx_lock_acquire+0x10/0x10
[  181.184998][ T8010]  ? __pfx___might_resched+0x10/0x10
[  181.187179][ T8010]  ? __pfx_lock_release+0x10/0x10
[  181.189261][ T8010]  __mutex_lock+0x175/0x9c0
[  181.191355][ T8010]  ? uinput_request_submit.part.0+0x25/0x2e0
[  181.193922][ T8010]  ? __pfx___might_resched+0x10/0x10
[  181.195908][ T8010]  ? uinput_request_submit.part.0+0x25/0x2e0
[  181.198538][ T8010]  ? __pfx___mutex_lock+0x10/0x10
[  181.200790][ T8010]  ? __pfx_uinput_request_reserve_slot+0x10/0x10
[  181.203184][ T8010]  ? __pfx___mutex_trylock_common+0x10/0x10
[  181.205360][ T8010]  ? uinput_request_submit.part.0+0x25/0x2e0
[  181.207784][ T8010]  uinput_request_submit.part.0+0x25/0x2e0
[  181.210193][ T8010]  uinput_dev_upload_effect+0x175/0x1f0
[  181.212690][ T8010]  ? __pfx_uinput_dev_upload_effect+0x10/0x10
[  181.215309][ T8010]  ? __might_fault+0xe3/0x190
[  181.217417][ T8010]  input_ff_upload+0x55b/0xbf0
[  181.219630][ T8010]  evdev_do_ioctl+0xf40/0x1ae0
[  181.221773][ T8010]  ? __pfx_evdev_do_ioctl+0x10/0x10
[  181.224080][ T8010]  ? evdev_ioctl+0x86/0x1a0
[  181.225818][ T8010]  ? __pfx_evdev_ioctl+0x10/0x10
[  181.227657][ T8010]  evdev_ioctl+0x170/0x1a0
[  181.229324][ T8010]  ? __pfx_evdev_ioctl+0x10/0x10
[  181.231161][ T8010]  __x64_sys_ioctl+0x193/0x220
[  181.233072][ T8010]  do_syscall_64+0xcd/0x250
[  181.235004][ T8010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.237549][ T8010] RIP: 0033:0x7f41ee375b59
[  181.239441][ T8010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.247434][ T8010] RSP: 002b:00007f41ef0e4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  181.250923][ T8010] RAX: ffffffffffffffda RBX: 00007f41ee505f60 RCX: 00007f41ee375b59
[  181.254227][ T8010] RDX: 0000000020000300 RSI: 0000000040304580 RDI: 000000000000000f
[  181.257636][ T8010] RBP: 00007f41ee3e4e5d R08: 0000000000000000 R09: 0000000000000000
[  181.260797][ T8010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  181.264106][ T8010] R13: 000000000000000b R14: 00007f41ee505f60 R15: 00007ffd424d0988
[  181.267419][ T8010]  </TASK>
[  181.750638][ T4284] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.826818][ T4284] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.930144][ T4284] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.055486][ T4284] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.277600][ T4284] bridge_slave_1: left allmulticast mode
[  182.293810][ T4284] bridge_slave_1: left promiscuous mode
[  182.296521][ T4284] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.353258][ T4284] bridge_slave_0: left allmulticast mode
[  182.356879][ T4284] bridge_slave_0: left promiscuous mode
[  182.362064][ T4284] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.634053][ T4284] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  182.648515][ T4284] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  182.659018][ T4284] bond0 (unregistering): Released all slaves
[  183.235527][ T4284] hsr_slave_0: left promiscuous mode
[  183.239114][ T4284] hsr_slave_1: left promiscuous mode
[  183.242123][ T4284] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.245232][ T4284] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.249113][ T4284] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.252350][ T4284] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.259125][ T4284] veth1_macvtap: left promiscuous mode
[  183.261897][ T4284] veth0_macvtap: left promiscuous mode
[  183.265200][ T4284] veth1_vlan: left promiscuous mode
[  183.268233][ T4284] veth0_vlan: left promiscuous mode
[  183.672260][ T4284] team0 (unregistering): Port device team_slave_1 removed
[  183.694614][ T4284] team0 (unregistering): Port device team_slave_0 removed
[  184.543489][ T4284] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.651746][ T4284] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.745499][ T4284] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.851234][ T4284] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.973198][ T4284] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.093489][ T4284] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.158395][ T4284] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.243851][ T4284] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.371513][ T4284] bridge_slave_1: left allmulticast mode
[  185.381731][ T4284] bridge_slave_1: left promiscuous mode
[  185.384775][ T4284] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.397626][ T4284] bridge_slave_0: left allmulticast mode
[  185.399733][ T4284] bridge_slave_0: left promiscuous mode
[  185.401936][ T4284] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.410613][ T4284] bridge0: port 3(team0) entered disabled state
[  185.447040][ T4284] bridge_slave_1: left allmulticast mode
[  185.459469][ T4284] bridge_slave_1: left promiscuous mode
[  185.461822][ T4284] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.466824][ T4284] bridge_slave_0: left allmulticast mode
[  185.483047][ T4284] bridge_slave_0: left promiscuous mode
[  185.485717][ T4284] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.956852][ T4284] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  185.965619][ T4284] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.975542][ T4284] bond0 (unregistering): Released all slaves
[  185.990036][ T4284] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  185.997741][ T4284] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.004319][ T4284] bond0 (unregistering): Released all slaves
[  186.256213][   T40] audit: type=1400 audit(1721435732.893:2398): avc:  denied  { sys_chroot } for  pid=8089 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  186.264251][   T40] audit: type=1400 audit(1721435732.893:2399): avc:  denied  { setgid } for  pid=8089 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  186.288686][   T40] audit: type=1400 audit(1721435732.893:2400): avc:  denied  { setrlimit } for  pid=8089 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  186.935840][ T4284] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.939800][ T4284] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.948965][ T4284] hsr_slave_0: left promiscuous mode
[  186.960762][ T4284] hsr_slave_1: left promiscuous mode
[  186.965060][ T4284] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.973492][ T4284] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.977895][ T4284] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.981805][ T4284] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.997891][ T4284] veth1_macvtap: left promiscuous mode
[  187.006419][ T4284] veth0_macvtap: left promiscuous mode
[  187.008983][ T4284] veth1_vlan: left promiscuous mode
[  187.011290][ T4284] veth0_vlan: left promiscuous mode
[  187.014903][ T4284] veth1_macvtap: left promiscuous mode
[  187.017587][ T4284] veth0_macvtap: left promiscuous mode
[  187.022348][ T4284] veth1_vlan: left promiscuous mode
[  187.024818][ T4284] veth0_vlan: left promiscuous mode
[  187.476715][ T4284] team0 (unregistering): Port device team_slave_1 removed
[  187.503745][ T4284] team0 (unregistering): Port device team_slave_0 removed
[  187.995090][ T4284] team_slave_1 (unregistering): left promiscuous mode
[  187.998198][ T4284] team_slave_1 (unregistering): left allmulticast mode
[  188.002386][ T4284] team0 (unregistering): Port device team_slave_1 removed
[  188.022662][ T4284] team_slave_0 (unregistering): left promiscuous mode
[  188.026364][ T4284] team_slave_0 (unregistering): left allmulticast mode
[  188.031591][ T4284] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
00:35:28  Registers:
info registers vcpu 0

CPU#0
RAX=00000008000008fb RBX=0000000000000001 RCX=0000000000000830 RDX=0000000000000008
RSI=00000000000000fb RDI=0000000000000008 RBP=0000000000000003 RSP=ffffc9000310fb28
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff815dd0b0
R12=0000000000000003 R13=0000000000000000 R14=ffff88806b33ec80 R15=ffff888045c22801
RIP=ffffffff813b8108 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fee1a5cb6c0 ffffffff 00c00000
GS =0000 ffff88806b000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fee19906030 CR3=0000000011c22000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffffff80 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e4337
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e4344
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e433e
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e4352
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e43d8
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e44b6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee198d4488 00007fee198d4480 00007fee198d4478 00007fee198d4450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee1a43d100 00007fee198d4440 00007fee198d4458 00007fee198d44a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee198d4498 00007fee198d4490 00007fee198d4488 00007fee198d4480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffc900033cff58 RCX=1ffffffff1fcd15f RDX=0000000000000000
RSI=0000000000000001 RDI=ffff8880236ec880 RBP=ffffc900033cff48 RSP=ffffc900033cff18
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff8fe6581f R11=0000000000000000
R12=0000000000000027 R13=0000000000000027 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81564720 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ffa615ced00 ffffffff 00c00000
GS =0000 ffff88806b100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fee1975b6c0 CR3=0000000023288000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=58f27b1d2a2d3718 2fc7cdabdcfc164f 58f27b1d2a2d3718 2fc7cdabdcfc164f 58f27b1d2a2d3718 2fc7cdabdcfc164f 58f27b1d2a2d3718 2fc7cdabdcfc164f
ZMM18=dd047c907854b2ac 3c7e66964c912b2d dd047c907854b2ac 3c7e66964c912b2d dd047c907854b2ac 3c7e66964c912b2d dd047c907854b2ac 3c7e66964c912b2d
ZMM19=0f06000000000000 0000000000000004 0f06000000000000 0000000000000003 0f06000000000000 0000000000000002 0f06000000000000 0000000000000001
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=87fb75a787fb75a7 87fb75a787fb75a7 87fb75a787fb75a7 87fb75a787fb75a7 87fb75a787fb75a7 87fb75a787fb75a7 87fb75a787fb75a7 87fb75a787fb75a7
ZMM22=de98fb72de98fb72 de98fb72de98fb72 de98fb72de98fb72 de98fb72de98fb72 de98fb72de98fb72 de98fb72de98fb72 de98fb72de98fb72 de98fb72de98fb72
ZMM23=88eb5a6688eb5a66 88eb5a6688eb5a66 88eb5a6688eb5a66 88eb5a6688eb5a66 88eb5a6688eb5a66 88eb5a6688eb5a66 88eb5a6688eb5a66 88eb5a6688eb5a66
ZMM24=d1298c55d1298c55 d1298c55d1298c55 d1298c55d1298c55 d1298c55d1298c55 d1298c55d1298c55 d1298c55d1298c55 d1298c55d1298c55 d1298c55d1298c55
ZMM25=5d6d46315d6d4631 5d6d46315d6d4631 5d6d46315d6d4631 5d6d46315d6d4631 5d6d46315d6d4631 5d6d46315d6d4631 5d6d46315d6d4631 5d6d46315d6d4631
ZMM26=2078aa192078aa19 2078aa192078aa19 2078aa192078aa19 2078aa192078aa19 2078aa192078aa19 2078aa192078aa19 2078aa192078aa19 2078aa192078aa19
ZMM27=0a94cddb0a94cddb 0a94cddb0a94cddb 0a94cddb0a94cddb 0a94cddb0a94cddb 0a94cddb0a94cddb 0a94cddb0a94cddb 0a94cddb0a94cddb 0a94cddb0a94cddb
ZMM28=000000b0000000af 000000ae000000ad 000000ac000000ab 000000aa000000a9 000000a8000000a7 000000a6000000a5 000000a4000000a3 000000a2000000a1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=9b0a00009b0a0000 9b0a00009b0a0000 9b0a00009b0a0000 9b0a00009b0a0000 9b0a00009b0a0000 9b0a00009b0a0000 9b0a00009b0a0000 9b0a00009b0a0000
info registers vcpu 2

CPU#2
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fc73a5 RDI=ffffffff94e266e0 RBP=ffffffff94e266a0 RSP=ffffc9000338f1f8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=30382e312e7a7973
R12=0000000000000000 R13=0000000000000030 R14=ffffffff84fc7340 R15=0000000000000000
RIP=ffffffff84fc73cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f41ef0e46c0 ffffffff 00c00000
GS =0000 ffff88806b200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fee1a4356b8 CR3=0000000048752000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffe0000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f41ef0e1f80 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f41ee3e4337
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f41ee3e4344
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f41ee3e433e
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f41ee3e4352
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f41ee3e43d8
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f41ee3e44b6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034 746e6576652f7475 706e692f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000017 574d4655460c5756 534d4a0c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000000 RBX=ffffc9000310f170 RCX=ffffc90003932000 RDX=1ffffffff2259fa3
RSI=ffffffff813ce14b RDI=ffffffff912cfd18 RBP=0000000000000001 RSP=ffffc9000310f0f0
R8 =0000000000000004 R9 =000000000000e66c R10=00000000000a2000 R11=0000000000000000
R12=ffffffff81e66c21 R13=000000000000e66d R14=000000000000e66c R15=ffffc9000310f1a5
RIP=ffffffff813ce1aa RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fee1a5cb6c0 ffffffff 00c00000
GS =0000 ffff88806b300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000011c22000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffffff80 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e4337
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e4344
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e433e
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e4352
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e43d8
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee197e44b6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee198d4488 00007fee198d4480 00007fee198d4478 00007fee198d4450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee1a43d100 00007fee198d4440 00007fee198d4458 00007fee198d44a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fee198d4498 00007fee198d4490 00007fee198d4488 00007fee198d4480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000